{"resultsPerPage":2000,"startIndex":0,"totalResults":2168,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-12T15:13:41.209","vulnerabilities":[{"cve":{"id":"CVE-2011-4042","sourceIdentifier":"cret@cert.org","published":"2012-04-03T03:44:35.930","lastModified":"2026-07-09T18:33:12.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code by using a crafted HTML document to obtain control of a function pointer."},{"lang":"es","value":"Control ActiveX no determinado en SVUIGrd.ocx en ARC Informatique PcVue v6.0 hasta v10.0, FrontVue, y PlantVue permite a atacantes remotos ejecutar código usando un documento HTML manipulado para obtener el control de un puntero a una función."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*","matchCriteriaId":"5B70D1F4-70EC-4AA9-8C9E-2D98A64443AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndIncluding":"10.0","matchCriteriaId":"ABF55B99-E923-4FD4-8E26-024A798D5083"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*","matchCriteriaId":"4005489C-7D69-40A1-9CAE-EB95251BE6D4"}]}]}],"references":[{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"cret@cert.org","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"cret@cert.org","tags":["Broken Link"]},{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2011-4043","sourceIdentifier":"cret@cert.org","published":"2012-04-03T03:44:35.977","lastModified":"2026-07-09T18:33:12.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow in an unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to execute arbitrary code via a large value for an integer parameter, leading to a buffer overflow."},{"lang":"es","value":"Desbordamiento de entero en un control ActiveX no terminado en SVUIGrd.ocx en ARC Informatique PcVue v6.0 hasta v10.0, FrontVue, y PlantVue, permite a los atacantes remotos ejecutar código a su elección a través de un valor muy grande en un parámetro entero, provocando un desbordamiento de búfer."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-189"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*","matchCriteriaId":"5B70D1F4-70EC-4AA9-8C9E-2D98A64443AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndIncluding":"10.0","matchCriteriaId":"ABF55B99-E923-4FD4-8E26-024A798D5083"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*","matchCriteriaId":"4005489C-7D69-40A1-9CAE-EB95251BE6D4"}]}]}],"references":[{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"cret@cert.org","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"cret@cert.org","tags":["Broken Link"]},{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2011-4044","sourceIdentifier":"cret@cert.org","published":"2012-04-03T03:44:36.023","lastModified":"2026-07-09T18:33:12.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An unspecified ActiveX control in SVUIGrd.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to modify files via calls to unknown methods."},{"lang":"es","value":"Control ActiveX no determinado en SVUIGrd.ocx en ARC Informatique PcVue v6.0 hasta v10.0, FrontVue, y PlantVue permite a atacantes remotos modificar ficheros a través de llamadas a métodos no determinados."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*","matchCriteriaId":"5B70D1F4-70EC-4AA9-8C9E-2D98A64443AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndIncluding":"10.0","matchCriteriaId":"ABF55B99-E923-4FD4-8E26-024A798D5083"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*","matchCriteriaId":"4005489C-7D69-40A1-9CAE-EB95251BE6D4"}]}]}],"references":[{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"cret@cert.org","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"cret@cert.org","tags":["Broken Link"]},{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2011-4045","sourceIdentifier":"cret@cert.org","published":"2012-04-03T03:44:36.070","lastModified":"2026-07-09T18:33:12.020","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer overflow in an unspecified ActiveX control in aipgctl.ocx in ARC Informatique PcVue 6.0 through 10.0, FrontVue, and PlantVue allows remote attackers to cause a denial of service via a crafted HTML document."},{"lang":"es","value":"Desbordamiento de búfer en un control ActiveX no determinado en aipgctl.ocx en ARC Informatique PcVue v6.0 hasta v10.0, FrontVue, y PlantVue, permite a atacantes remotos provocar una denegación de servicio mediante un documento HTML manipulado."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:frontvue:-:*:*:*:*:*:*:*","matchCriteriaId":"5B70D1F4-70EC-4AA9-8C9E-2D98A64443AF"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndIncluding":"10.0","matchCriteriaId":"ABF55B99-E923-4FD4-8E26-024A798D5083"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:plantvue:-:*:*:*:*:*:*:*","matchCriteriaId":"4005489C-7D69-40A1-9CAE-EB95251BE6D4"}]}]}],"references":[{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"cret@cert.org","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"cret@cert.org","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"cret@cert.org","tags":["Broken Link"]},{"url":"http://www.pcvuesolutions.com/index.php?option=com_content&view=article&id=244&Itemid=257","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.us-cert.gov/control_systems/pdf/ICSA-11-340-01.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"https://support.pcvuescada.com/index.php?option=com_k2&view=item&id=512&Itemid=440","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2020-23450","sourceIdentifier":"cve@mitre.org","published":"2020-09-01T16:15:12.240","lastModified":"2026-07-09T00:16:59.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Spiceworks Version <= 7.5.00107 is affected by XSS. Any name typed on Custom Groups function is vulnerable to stored XSS as they displayed on http://127.0.0.1/inventory/groups/ without output sanitization."},{"lang":"es","value":"Spiceworks versiones anteriores a 7.5.00107 incluyéndola, está afectada por una vulnerabilidad de tipo XSS. Cualquier nombre escrito en la función Custom Groups es vulnerable a los ataques de tipo XSS almacenado, ya que son mostrados en http://127.0.0.1/inventory/groups/ sin saneamiento de la salida"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:spiceworks:spiceworks:*:*:*:*:*:*:*:*","versionEndIncluding":"7.5.00107","matchCriteriaId":"865F1585-7F02-433A-98AC-AFE75774DF4F"}]}]}],"references":[{"url":"https://abuyv.com","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://abuyv.com/cve/spiceworks-stored-xss","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://abuyv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://abuyv.com/cve/spiceworks-stored-xss","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24193","sourceIdentifier":"cve@mitre.org","published":"2020-09-03T18:15:14.163","lastModified":"2026-07-09T00:17:00.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el inicio de sesión en Sourcecodetester Daily Tracker System versión 1.0, permite al usuario no autenticado ejecutar una omisión de autenticación con inyección SQL por medio del parámetro email"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:daily_tracker_system_project:daily_tracker_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"97DBBDC8-0B36-46A0-A125-4A384112CC17"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/48787","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/48787","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-24194","sourceIdentifier":"cve@mitre.org","published":"2020-09-09T14:15:12.663","lastModified":"2026-07-09T00:17:00.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in 'user-profile.php' in SourceCodester Daily Tracker System v1.0 allows remote attackers to inject arbitrary web script or HTML via the 'fullname' parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo \"user-profile.php\" en SourceCodester Daily Tracker System versión v1.0, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro \"fullname\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:daily_tracker_system_project:daily_tracker_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"97DBBDC8-0B36-46A0-A125-4A384112CC17"}]}]}],"references":[{"url":"https://cxsecurity.com/issue/WLB-2020090030","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cxsecurity.com/issue/WLB-2020090030","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21731","sourceIdentifier":"cve@mitre.org","published":"2020-09-14T12:15:10.773","lastModified":"2026-07-09T00:16:54.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update. An attacker can inject JavaScript code, and the webapplication stores the injected code."},{"lang":"es","value":"Gazie versión 7.29, está afectado por: una vulnerabilidad de tipo Cross Site Scripting (XSS) por medio de http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&amp;Update.&#xa0;Un atacante puede inyectar código JavaScript y la aplicación web almacena el código inyectado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gazie_project:gazie:7.29:*:*:*:*:*:*:*","matchCriteriaId":"FEE2CE77-845D-4B4B-938D-64784458D054"}]}]}],"references":[{"url":"http://gazie.devincentiis.it/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21731","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://gazie.devincentiis.it/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21731","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21732","sourceIdentifier":"cve@mitre.org","published":"2020-09-14T12:15:10.883","lastModified":"2026-07-09T00:16:54.263","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS). An attacker can add JavaScript code to the filename."},{"lang":"es","value":"La aplicación Rukovoditel Project Management versión 2.6, está afectada por: una vulnerabilidad de tipo Cross Site Scripting (XSS).&#xa0;Un atacante puede agregar código JavaScript al nombre del archivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:2.6:*:*:*:*:*:*:*","matchCriteriaId":"CC23FCC3-2344-41EC-91D6-6DF4B4782613"}]}]}],"references":[{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21732","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.rukovoditel.net","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21732","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.rukovoditel.net","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-21733","sourceIdentifier":"cve@mitre.org","published":"2020-09-14T12:15:10.943","lastModified":"2026-07-09T00:16:54.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp."},{"lang":"es","value":"Sagemcom F@ST3686 versión v1.0 HUN 3.97.0, presenta una vulnerabilidad de tipo XSS por medio de los archivos RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sagemcom:f\\@st_3686_firmware:1.0_hun_3.97.0:*:*:*:*:*:*:*","matchCriteriaId":"F1572CDF-6427-490B-ABCC-427002894FC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sagemcom:f\\@st_3686:-:*:*:*:*:*:*:*","matchCriteriaId":"3466ACB1-D6DA-4CB7-A176-F16A47000AC1"}]}]}],"references":[{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21733","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/SAGEM_F%40ST3686_v1.0_HUN_3.97.0_XSS_Vuln..pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/CVE-2020-21733","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Gr3gPr1est/BugReport/blob/master/SAGEM_F%40ST3686_v1.0_HUN_3.97.0_XSS_Vuln..pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23451","sourceIdentifier":"cve@mitre.org","published":"2020-09-15T14:15:14.190","lastModified":"2026-07-09T00:16:59.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via \"/settings/v1/users\" function."},{"lang":"es","value":"Spiceworks versiones anteriores a 7.5.00107, está afectada por una vulnerabilidad de tipo CSRF que puede conllevar a una escalada de privilegios por medio de la función \"/settings/v1/users\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:spiceworks:spiceworks:*:*:*:*:*:*:*:*","versionEndIncluding":"7.5.00107","matchCriteriaId":"865F1585-7F02-433A-98AC-AFE75774DF4F"}]}]}],"references":[{"url":"https://abuyv.com/cve/spiceworks-csrf-via-xss","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://abuyv.com/cve/spiceworks-csrf-via-xss","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23446","sourceIdentifier":"cve@mitre.org","published":"2020-09-22T14:15:12.237","lastModified":"2026-07-09T00:16:59.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API"},{"lang":"es","value":"La suite Verint Workforce Optimization versión  15.1 (15.1.0.37634), presenta una divulgación de información no autenticada por medio de la API"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:verint:workforce_optimization:15.1.0.37634:*:*:*:*:*:*:*","matchCriteriaId":"01A570C8-A35D-440E-BD1C-9A38F601897D"}]}]}],"references":[{"url":"http://cvewalkthrough.com/variant-unauthenticated-information-disclosure-via-api/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tejaspingulkar.blogspot.com/2020/09/cve-2020-23446-verint-workforce.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://cvewalkthrough.com/variant-unauthenticated-information-disclosure-via-api/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://tejaspingulkar.blogspot.com/2020/09/cve-2020-23446-verint-workforce.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25487","sourceIdentifier":"cve@mitre.org","published":"2020-09-22T17:15:12.460","lastModified":"2026-07-09T00:17:01.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php."},{"lang":"es","value":"PHPGURUKUL Zoo Management System Using PHP and MySQL versión 1.0, está afectado por: Inyección SQL por medio de un archivo zms/animal-detail.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"541460D0-FA92-4BC4-A965-28C723E93736"}]}]}],"references":[{"url":"https://github.com/Ko-kn3t/CVE-2020-25487","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/zoo-management-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Ko-kn3t/CVE-2020-25487","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/zoo-management-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25514","sourceIdentifier":"cve@mitre.org","published":"2020-09-22T18:15:24.167","lastModified":"2026-07-09T00:17:02.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php."},{"lang":"es","value":"Sourcecodester Simple Library Management System versión 1.0, está afectado por un Control de Acceso Incorrecto por medio del Panel de Inicio de Sesión, http://(site)/lms/admin.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_library_management_system_project:simple_library_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"80595EB4-9F72-4FDE-B54E-499B21B0591C"}]}]}],"references":[{"url":"https://github.com/Ko-kn3t/CVE-2020-25514","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Ko-kn3t/CVE-2020-25514","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25515","sourceIdentifier":"cve@mitre.org","published":"2020-09-22T18:15:24.247","lastModified":"2026-07-09T00:17:02.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books."},{"lang":"es","value":"Sourcecodester Simple Library Management System versión 1.0, está afectado por Permisos No seguros por medio de Books ) New Book, http://(site)/lms/index.php?page=books"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_library_management_system_project:simple_library_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"80595EB4-9F72-4FDE-B54E-499B21B0591C"}]}]}],"references":[{"url":"https://github.com/Ko-kn3t/CVE-2020-25515","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Ko-kn3t/CVE-2020-25515","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2018-5353","sourceIdentifier":"cve@mitre.org","published":"2020-09-30T18:15:15.927","lastModified":"2026-07-09T00:16:50.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. It does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP. Additionally, if the web server has a misconfigured certificate then no spoofing attack is required"},{"lang":"es","value":"El módulo GINA/CP personalizado en Zoho ManageEngine ADSelfService Plus versiones anteriores a 5.5 build 5517, permite a atacantes remotos ejecutar código y escalar privilegios mediante una suplantación de identidad.&#xa0;No autentica el servidor deseado antes de abrir una ventana del navegador.&#xa0;Un atacante no autenticado capaz de llevar a cabo un ataque de suplantación de identidad puede redireccionar el navegador para que se ejecute en el contexto del proceso WinLogon.exe.&#xa0;Si no se aplica la autenticación a nivel de red, la vulnerabilidad puede ser explotada mediante RDP.&#xa0;Además, si el servidor web tiene un certificado configurado inapropiadamente, no se requiere ningún ataque de suplantación de identidad"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:*","versionEndExcluding":"5.5","matchCriteriaId":"E862E48C-8EC8-477D-ACF9-5FFFAD844D39"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:-:*:*:*:*:*:*","matchCriteriaId":"7C6C9325-7A0B-4CFF-BBFB-39C1C6F7B0E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5500:*:*:*:*:*:*","matchCriteriaId":"2B71FA9F-0FC4-4D12-B595-AC529878BC7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5501:*:*:*:*:*:*","matchCriteriaId":"E9B5A2E3-4F3D-48CC-A2F0-65B9AD2530F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5502:*:*:*:*:*:*","matchCriteriaId":"0979E79B-936C-4787-8E0A-9F7F43A8A748"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5503:*:*:*:*:*:*","matchCriteriaId":"673E69A8-71BA-49EC-B1AE-931736C6BF42"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5504:*:*:*:*:*:*","matchCriteriaId":"141FB02E-695F-484E-8FF6-C334C11F7CCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5505:*:*:*:*:*:*","matchCriteriaId":"C3CF5C1A-6C97-47BA-BF7E-977E3C938DA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5506:*:*:*:*:*:*","matchCriteriaId":"79BEA328-C2CB-4CFA-8CF8-C8B70A37DF07"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5507:*:*:*:*:*:*","matchCriteriaId":"942DC320-20A3-4CBF-BF94-390A9163FC02"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5508:*:*:*:*:*:*","matchCriteriaId":"A42F5F45-4BF6-4076-AC36-F3EDDAC665A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5509:*:*:*:*:*:*","matchCriteriaId":"600E4C41-B1E1-468D-BA1A-489D0CE5F565"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5510:*:*:*:*:*:*","matchCriteriaId":"CE3BE5B8-37E1-4BB9-A59E-9F3F36BABDA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5511:*:*:*:*:*:*","matchCriteriaId":"E41D8FA9-5D9D-4102-B117-40354F847403"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5512:*:*:*:*:*:*","matchCriteriaId":"8E620B19-0286-4723-91C4-848B6C453509"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5513:*:*:*:*:*:*","matchCriteriaId":"9274C66F-E6AA-4ABD-BF52-3BCCA75821EB"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5514:*:*:*:*:*:*","matchCriteriaId":"C7D6AFFF-645C-42D0-ADC9-9D4852B0E5C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5515:*:*:*:*:*:*","matchCriteriaId":"E7A0FC78-73CE-48CE-BD68-74C095F5B052"},{"vulnerable":true,"criteria":"cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:5.5:5516:*:*:*:*:*:*","matchCriteriaId":"74D85A59-40DE-4DF6-8F41-53BC9EF56DFC"}]}]}],"references":[{"url":"https://github.com/missing0x00/CVE-2018-5353","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.manageengine.com/products/self-service-password/release-notes.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://github.com/missing0x00/CVE-2018-5353","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.manageengine.com/products/self-service-password/release-notes.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-5354","sourceIdentifier":"cve@mitre.org","published":"2020-09-30T18:15:16.007","lastModified":"2026-07-09T00:16:50.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. When the client is configured to use HTTP, it does not authenticate the intended server before opening a browser window. An unauthenticated attacker capable of conducting a spoofing attack can redirect the browser to gain execution in the context of the WinLogon.exe process. If Network Level Authentication is not enforced, the vulnerability can be exploited via RDP."},{"lang":"es","value":"El módulo GINA/CP personalizado en ANIXIS Password Reset Client antes de la versión 3.22, permite a atacantes remotos ejecutar código y escalar privilegios mediante una suplantación de identidad.&#xa0;Cuando el cliente está configurado para usar HTTP, no autentica el servidor deseado antes de abrir una ventana del navegador.&#xa0;Un atacante no autenticado capaz de llevar a cabo un ataque de suplantación de identidad puede redireccionar el navegador para que se ejecute en el contexto del proceso WinLogon.exe.&#xa0;Si no se aplica la autenticación a nivel de red, la vulnerabilidad puede ser explotada mediante RDP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:anixis:password_reset_client:*:*:*:*:*:*:*:*","versionEndExcluding":"3.22","matchCriteriaId":"40BBC914-4A8B-43CB-80A6-2B43A2D32A77"}]}]}],"references":[{"url":"https://github.com/missing0x00/CVE-2018-5354","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/missing0x00/CVE-2018-5354","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26867","sourceIdentifier":"vulnerability@kaspersky.com","published":"2020-10-12T14:15:12.260","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server."},{"lang":"es","value":"ARC Informatique PcVue anterior a la versión 12.0.17 es vulnerable debido a la deserialización de datos no confiables, lo que puede permitir a un atacante ejecutar remotamente un código arbitrario en la web y en el servidor de back-end móvil"}],"affected":[{"source":"vulnerability@kaspersky.com","affectedData":[{"vendor":"ARC Informatique","product":"PcVue","versions":[{"version":"unspecified","lessThanOrEqual":"12.0.17","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerability@kaspersky.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"8.10","versionEndExcluding":"12.0.17","matchCriteriaId":"203F4603-3962-472B-A34D-31C4C5EBE058"}]}]}],"references":[{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/","source":"vulnerability@kaspersky.com","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"vulnerability@kaspersky.com","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"vulnerability@kaspersky.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-015-remote-code-execution-in-arc-informatique-pcvue/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-26868","sourceIdentifier":"vulnerability@kaspersky.com","published":"2020-10-12T14:15:12.323","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients. This issue also affects third-party systems based on the Web Services Toolkit."},{"lang":"es","value":"ARC Informatique PcVue anterior a la versión 12.0.17 es vulnerable a un ataque de denegación de servicio debido a la capacidad de un usuario no autorizado de modificar la información utilizada para validar los mensajes enviados por clientes web legítimos. Este problema también afecta a los sistemas de terceros basados en el Web Services Toolkit"}],"affected":[{"source":"vulnerability@kaspersky.com","affectedData":[{"vendor":"ARC Informatique","product":"PcVue","versions":[{"version":"unspecified","lessThanOrEqual":"12.0.17","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerability@kaspersky.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-767"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"8.10","versionEndExcluding":"12.0.17","matchCriteriaId":"203F4603-3962-472B-A34D-31C4C5EBE058"}]}]}],"references":[{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-016-denial-of-service-in-arc-informatique-pcvue/","source":"vulnerability@kaspersky.com","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"vulnerability@kaspersky.com","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"vulnerability@kaspersky.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-016-denial-of-service-in-arc-informatique-pcvue/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-26869","sourceIdentifier":"vulnerability@kaspersky.com","published":"2020-10-12T14:15:12.403","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit."},{"lang":"es","value":"ARC Informatique PcVue anterior a la versión 12.0.17 es vulnerable a la exposición de la información, lo que permite a los usuarios no autorizados acceder a los datos de sesión de los usuarios legítimos. Este problema también afecta a los sistemas de terceros basados en el Web Services Toolkit"}],"affected":[{"source":"vulnerability@kaspersky.com","affectedData":[{"vendor":"ARC Informatique","product":"PcVue","versions":[{"version":"unspecified","lessThanOrEqual":"12.0.17","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerability@kaspersky.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vulnerability@kaspersky.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"8.10","versionEndExcluding":"12.0.17","matchCriteriaId":"203F4603-3962-472B-A34D-31C4C5EBE058"}]}]}],"references":[{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-017-session-information-exposure-in-arc-informatique-pcvue/","source":"vulnerability@kaspersky.com","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"vulnerability@kaspersky.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"vulnerability@kaspersky.com","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"vulnerability@kaspersky.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://ics-cert.kaspersky.com/advisories/klcert-advisories/2020/10/09/klcert-20-017-session-information-exposure-in-arc-informatique-pcvue/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-20-308-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.pcvuesolutions.com/security","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1076-security-bulletin-2020-1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-25466","sourceIdentifier":"cve@mitre.org","published":"2020-10-23T15:15:12.027","lastModified":"2026-07-09T00:17:01.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo SSRF en la interfaz de downloadimage de CRMEB versión 3.0, que puede descargar remotamente archivos arbitrarios en el servidor y ejecutar código arbitrario remotamente"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:crmeb:crmeb:3.0:*:*:*:*:*:*:*","matchCriteriaId":"00366073-AA95-4F94-8B5F-5A3154D6364D"}]}]}],"references":[{"url":"https://github.com/crmeb/CRMEB","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/crmeb/CRMEB/issues/22","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/crmeb/CRMEB","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/crmeb/CRMEB/issues/22","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27388","sourceIdentifier":"cve@mitre.org","published":"2020-10-23T20:15:12.003","lastModified":"2026-07-09T01:16:41.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues."},{"lang":"es","value":"Se presentan múltiples vulnerabilidades de tipo Cross Site Scripting  (XSS) almacenado en el YOURLS Admin Panel, versiones 1.5 - 1.7.10.&#xa0;Un usuario autenticado debe modificar un plugin PHP con una carga útil maliciosa y cargarlo, resultando en múltiples problemas de tipo XSS almacenado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yourls:yourls:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5","versionEndIncluding":"1.7.10","matchCriteriaId":"9EBCCB20-9598-4865-A9AD-4DEA084DBCF9"}]}]}],"references":[{"url":"https://github.com/YOURLS/YOURLS/pull/2761","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://johnjhacking.com/blog/cve-2020-27388/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/YOURLS/YOURLS/pull/2761","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://johnjhacking.com/blog/cve-2020-27388/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-22552","sourceIdentifier":"cve@mitre.org","published":"2020-10-28T14:15:12.253","lastModified":"2026-07-09T00:16:58.137","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed."},{"lang":"es","value":"El componente Snap7 server en versión 1.4.1, cuando un atacante envía un paquete diseñado con el flag last-data-unitel del protocolo COTP establece que No y S7 escribe una función var, el servidor de Snap7 se bloqueará"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:snap7_project:snap7:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"C87485B5-06EE-4FE4-A999-54074EFE2C74"}]}]}],"references":[{"url":"https://sourceforge.net/p/snap7/discussion/bugfix/thread/456d76fdde/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://sourceforge.net/projects/snap7/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://sourceforge.net/p/snap7/discussion/bugfix/thread/456d76fdde/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://sourceforge.net/projects/snap7/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23136","sourceIdentifier":"cve@mitre.org","published":"2020-11-09T18:15:12.323","lastModified":"2026-07-09T00:16:59.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Microweber v1.1.18 is affected by no session expiry after log-out."},{"lang":"es","value":"Microweber versión v1.1.18, está afectado por una no expiración de la sesión después del cierre de sesión"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microweber:microweber:1.1.18:*:*:*:*:*:*:*","matchCriteriaId":"A6DAE125-91CC-41A3-BD93-934FE836E810"}]}]}],"references":[{"url":"https://gist.github.com/virendratiwari03/0b0d161e1141fdd74122abbb02fefe17","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/virendratiwari03/0b0d161e1141fdd74122abbb02fefe17","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23968","sourceIdentifier":"cve@mitre.org","published":"2020-11-10T20:15:12.317","lastModified":"2026-07-09T00:17:00.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\\Ilex\\S&G\\Logs\\000-sngWSService1.log."},{"lang":"es","value":"Ilex International Sign &amp; go Workstation Security Suite versión 7.1, permite una elevación de privilegios por medio de un ataque de tipo symlink en ProgramData\\Ilex\\S&amp;G\\Logs\\000-sngWSService1.log"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ilex:international_sign\\&go:7.1:*:*:*:*:*:*:*","matchCriteriaId":"B8213D86-CAF2-4712-87A6-767B3A65E61F"}]}]}],"references":[{"url":"https://ricardojba.github.io/CVE-Pending-ILEX-SignGo-EoP/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://ricardojba.github.io/CVE-Pending-ILEX-SignGo-EoP/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24815","sourceIdentifier":"cve@mitre.org","published":"2020-11-24T17:15:10.957","lastModified":"2026-07-09T00:17:00.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. NOTE: 10.4., no fix will be released as version will reach end-of-life on 31/12/2020."},{"lang":"es","value":"Una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) afectando la generación de PDF en MicroStrategy versiones 10.4, 2019 anterior al Update 6 y 2020 anterior al Update 2, permite a usuarios autenticados acceder al contenido de los recursos de la red interna o filtrar archivos de sistema local por medio de contenedores HTML integrados en un documento dossier/dashboard.&#xa0;NOTA: versión 10.4., ninguna solución será publicada ya que la versión llegará al final de su vida útil el 31/12/2020"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:10.4:*:*:*:*:*:*:*","matchCriteriaId":"89A36A18-107F-4BE8-AAD9-EDECB714188D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2019:update1:*:*:*:*:*:*","matchCriteriaId":"CDC2C780-0996-4D8A-A4B1-461B442A7089"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2019:update2:*:*:*:*:*:*","matchCriteriaId":"89F1B5AF-677F-4B90-AD13-F8CE8588ED0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2019:update3:*:*:*:*:*:*","matchCriteriaId":"4DE22024-C6A9-4547-8712-7C5B8F1ED5A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2019:update4:*:*:*:*:*:*","matchCriteriaId":"E74CDB4D-5034-48A8-9AD9-1DD5D363D180"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2019:update5:*:*:*:*:*:*","matchCriteriaId":"4FA72CA6-485D-4564-A265-70D90032FBFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy:2020:update1:*:*:*:*:*:*","matchCriteriaId":"F59AFCFE-AC0E-4B6E-8576-2C1553F8CA76"}]}]}],"references":[{"url":"https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_US","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://community.microstrategy.com/s/article/Securing-PDF-and-Excel-Export-with-Whitelists?language=en_US","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://triskelelabs.com/extracting-your-aws-access-keys-through-a-pdf-file/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2017-15680","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:10.830","lastModified":"2026-07-09T00:16:47.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data."},{"lang":"es","value":"En Crafter CMS Crafter Studio versión 3.0.1, se presenta una vulnerabilidad IDOR que permite a atacantes no autenticados visualizar y modificar datos administrativos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"3.0.1","matchCriteriaId":"8B98251C-3275-4796-8115-5B196EE21790"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2017-15681","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:10.907","lastModified":"2026-07-09T00:16:48.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE."},{"lang":"es","value":"En Crafter CMS Crafter Studio versión 3.0.1, se presenta una vulnerabilidad de salto de directorio que permite a atacantes no autenticados sobrescribir archivos del sistema operativo que pueden conllevar a una RCE"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1","matchCriteriaId":"0003F68D-860C-456F-950F-FECE6D9BC0EE"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2017-15682","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:11.063","lastModified":"2026-07-09T00:16:49.067","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel."},{"lang":"es","value":"En Crafter CMS Crafter Studio versión 3.0.1, un atacante no autenticado es capaz de inyectar código JavaScript malicioso, resultando en una vulnerabilidad de tipo XSS almacenado y oculto en el panel de administración"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1","matchCriteriaId":"0003F68D-860C-456F-950F-FECE6D9BC0EE"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2017-15683","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:11.127","lastModified":"2026-07-09T00:16:49.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band."},{"lang":"es","value":"En Crafter CMS Crafter Studio versión 3.0.1, un atacante no autenticado es capaz de crear un sitio con XML especialmente diseñado que permite la recuperación de archivos del Sistema Operativo fuera de banda"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-91"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1","matchCriteriaId":"0003F68D-860C-456F-950F-FECE6D9BC0EE"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2017-15684","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:11.207","lastModified":"2026-07-09T00:16:49.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system."},{"lang":"es","value":"Crafter CMS Crafter Studio versión 3.0.1, presenta una vulnerabilidad de salto de directorios que permite a atacantes no autenticados visualizar archivos del sistema operativo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1","matchCriteriaId":"0003F68D-860C-456F-950F-FECE6D9BC0EE"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2017-15685","sourceIdentifier":"cve@mitre.org","published":"2020-11-27T18:15:11.267","lastModified":"2026-07-09T00:16:49.423","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band."},{"lang":"es","value":"Crafter CMS Crafter Studio versión 3.0.1, está afectado por: un ataque de tipo XML External Entity (XXE).&#xa0;Un atacante no autenticado es capaz de crear un sitio con XML especialmente diseñado que permite la recuperación de archivos del Sistema Operativo fuera de banda"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-91"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftercms:crafter_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.1","matchCriteriaId":"0003F68D-860C-456F-950F-FECE6D9BC0EE"}]}]}],"references":[{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://docs.craftercms.org/en/3.0/security/advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-28727","sourceIdentifier":"cve@mitre.org","published":"2020-12-07T08:15:10.643","lastModified":"2026-07-09T01:16:43.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php."},{"lang":"es","value":"Un Cross-site scripting (XSS) se presenta en SeedDMS versiones 6.0.13, por medio del parámetro folderid en el archivo views/bootstrap/class.DropFolderChooser.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seeddms:seeddms:6.0.13:*:*:*:*:*:*:*","matchCriteriaId":"E99CAB7A-0754-4089-B4EA-88F2D2D2DF46"}]}]}],"references":[{"url":"https://sourceforge.net/p/seeddms/code/ci/32b03b1e5880e2f38cecf4ac7743f8f62f33043f/","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://sourceforge.net/projects/seeddms/files/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://sourceforge.net/p/seeddms/code/ci/32b03b1e5880e2f38cecf4ac7743f8f62f33043f/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://sourceforge.net/projects/seeddms/files/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28856","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T18:15:13.240","lastModified":"2026-07-09T01:16:43.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing attackers to spoof it using X-Forwarded-For in the header, by supplying localhost address such as 127.0.0.1, effectively bypassing all IP address based access controls."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones hasta 12.0.19, no determina correctamente la dirección IP de origen de la petición HTTP, permitiendo a atacantes suplantarla usando X-Fordered-For en el encabezado, al suministrar una dirección de host local tal y como 127.0.0.1, omitiendo efectivamente todos los controles de acceso basados ??en direcciones IP."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160453/OpenAsset-Digital-Asset-Management-IP-Access-Control-Bypass.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/17","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28856","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160453/OpenAsset-Digital-Asset-Management-IP-Access-Control-Bypass.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/17","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28856","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28857","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T19:15:12.737","lastModified":"2026-07-09T01:16:43.357","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones hasta 12.0.19, no sanea correctamente la entrada suministrada por el usuario en múltiples parámetros y endpoints, permitiendo  ataques de tipo cross-site scripting almacenado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160455/OpenAsset-Digital-Asset-Management-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/18","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28857","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160455/OpenAsset-Digital-Asset-Management-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/18","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28857","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28858","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T19:15:12.817","lastModified":"2026-07-09T01:16:43.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forgery attacks on all user functions."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones hasta 12.0.19, no verifica correctamente si una petición hecha a la aplicación fue realizada intencionadamente por el usuario, permitiendo ataques de tipo cross-site request forgery en todas las funciones del usuario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160458/OpenAsset-Digital-Asset-Management-Cross-Site-Request-Forgery.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/19","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28858","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160458/OpenAsset-Digital-Asset-Management-Cross-Site-Request-Forgery.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/19","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28858","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28859","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T19:15:12.877","lastModified":"2026-07-09T01:16:43.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones hasta 12.0.19, no sanea correctamente la entrada suministrada por el usuario en múltiples parámetros y endpoints, permitiendo ataques de tipo cross-site scripting reflejado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28859","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28859","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28860","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T20:15:12.810","lastModified":"2026-07-09T01:16:43.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones hasta 12.0.19, no sanea correctamente la entrada suministrada por el usuario, incorporándola en sus consultas SQL, permitiendo una inyección SQL ciega autenticada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160459/OpenAsset-Digital-Asset-Management-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/21","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28860","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160459/OpenAsset-Digital-Asset-Management-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/21","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28860","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28861","sourceIdentifier":"cve@mitre.org","published":"2020-12-14T20:15:12.873","lastModified":"2026-07-09T01:16:43.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application."},{"lang":"es","value":"OpenAsset Digital Asset Management (DAM) versiones 12.0.19 y anteriores, no implementaron controles de acceso en el endpoint /Stream/ProjectsCSV, permitiendo a atacantes no autenticados conseguir acceso a información potencialmente confidencial del proyecto almacenada por la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1236"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openasset:digital_asset_management:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0.19","matchCriteriaId":"0E7D06EB-C724-4F87-83D6-D5ED559492EC"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/160457/OpenAsset-Digital-Asset-Management-Insecure-Direct-Object-Reference.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/22","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28861","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/160457/OpenAsset-Digital-Asset-Management-Insecure-Direct-Object-Reference.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2020/Dec/22","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.themissinglink.com.au/security-advisories-cve-2020-28861","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-35273","sourceIdentifier":"cve@mitre.org","published":"2020-12-21T15:15:13.047","lastModified":"2026-07-09T01:16:45.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account."},{"lang":"es","value":"EgavilanMedia User Registration &amp; Login System with Admin Panel versión 1.0, está afectado por una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) para alcanzar privilegios remotamente en el panel User Profile.&#xa0;Un atacante puede actualizar la cuenta de cualquier usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egavilanmedia:user_registration_\\&_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*","matchCriteriaId":"C1703912-7B3A-4B2B-866B-C06B594B5B3E"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49151","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49151","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-35274","sourceIdentifier":"cve@mitre.org","published":"2020-12-21T15:15:13.110","lastModified":"2026-07-09T01:16:45.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges. An attacker could compromise the security of a website or web application through a stored XSS attack and stealing cookies using XSS."},{"lang":"es","value":"DotCMS Add Template con panel de administración versión 20.11, está afectado por una vulnerabilidad de tipo Cross-Site Scripting (XSS) para alcanzar privilegios remotos.&#xa0;Un atacante podría comprometer la seguridad de un sitio web o una aplicación web mediante un ataque de tipo XSS almacenado y el robo de cookies usando un ataque de tipo XSS"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dotcms:dotcms:20.11:*:*:*:*:*:*:*","matchCriteriaId":"CAB2B5B5-AC3A-4594-BBAA-A5B919F487D9"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49168","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49168","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-35275","sourceIdentifier":"cve@mitre.org","published":"2020-12-21T15:15:13.157","lastModified":"2026-07-09T01:16:45.497","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user can steal a cookie and make the user redirect to any malicious website because it is trigged on the main home page of the product/application."},{"lang":"es","value":"Coastercms versión v5.8.18, está afectado por una vulnerabilidad de tipo Cross-Site Scripting (XSS).&#xa0;Un usuario puede robar una cookie y hacer que el usuario lo redireccione hacia cualquier sitio web malicioso porque es activado en la página de inicio principal del producto/aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coastercms:coastercms:5.8.18:*:*:*:*:*:*:*","matchCriteriaId":"519CBF8A-C1FE-4434-B506-1C2BAA89E0DB"}]}]}],"references":[{"url":"http://demo.coastercms.org/admin/home","source":"cve@mitre.org","tags":["Permissions Required","Product","Vendor Advisory"]},{"url":"http://demo.coastercms.org/admin/login","source":"cve@mitre.org","tags":["Permissions Required","Product","Vendor Advisory"]},{"url":"http://demo.coastercms.org/homepage/blog","source":"cve@mitre.org","tags":["Broken Link","Product","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/49181","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://demo.coastercms.org/admin/home","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Product","Vendor Advisory"]},{"url":"http://demo.coastercms.org/admin/login","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Product","Vendor Advisory"]},{"url":"http://demo.coastercms.org/homepage/blog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Product","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/49181","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-35276","sourceIdentifier":"cve@mitre.org","published":"2020-12-21T15:15:13.220","lastModified":"2026-07-09T01:16:45.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. An attacker can bypass the Admin Login panel through SQLi and get Admin access and add or remove any user."},{"lang":"es","value":"EgavilanMedia ECM Address Book versión 1.0, está afectada por una inyección SQL.&#xa0;Un atacante puede pasar por alto el panel Admin Login por medio de una SQLi y conseguir acceso Admin y agregar o eliminar cualquier usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egavilanmedia:ecm_address_book:1.0:*:*:*:*:*:*:*","matchCriteriaId":"9A3B01EB-DC0C-4A14-B8FB-34648328BC2F"}]}]}],"references":[{"url":"https://hardik-solanki.medium.com/authentication-admin-panel-bypass-which-leads-to-full-admin-access-control-c10ec4ab4255","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hardik-solanki.medium.com/authentication-admin-panel-bypass-which-leads-to-full-admin-access-control-c10ec4ab4255","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29189","sourceIdentifier":"cve@mitre.org","published":"2020-12-24T15:15:13.530","lastModified":"2026-07-09T01:16:44.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS"},{"lang":"es","value":"Una vulnerabilidad de Control de Acceso Inapropiado en TerraMaster TOS versiones anteriores a 4.2.06 incluyéndola, permite a atacantes autenticados remotos omitir la restricción de solo lectura y conseguir acceso completo a cualquier carpeta dentro del NAS"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:*","versionEndIncluding":"4.2.06","matchCriteriaId":"64B452E3-0904-40EE-A239-933DF8744527"}]}]}],"references":[{"url":"https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.ihteam.net/advisory/terramaster-tos-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29247","sourceIdentifier":"cve@mitre.org","published":"2020-12-24T20:15:12.523","lastModified":"2026-07-09T01:16:44.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. An attacker can inject the XSS payload in Page keywords and each time any user will visit the website, the XSS triggers, and the attacker can able to steal the cookie according to the crafted payload."},{"lang":"es","value":"WonderCMS versión 3.1.3, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en el Panel Admin.&#xa0;Un atacante puede inyectar la carga útil XSS en las palabras clave de la Página y cada vez que algún usuario visita el sitio web, activa el ataque XSS y el atacante es capaz de robar la cookie de acuerdo con la carga útil diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondercms:wondercms:3.1.3:*:*:*:*:*:*:*","matchCriteriaId":"C34DD4B5-9079-44C3-B20C-1B5DC5236D30"}]}]}],"references":[{"url":"https://systemweakness.com/cve-2020-29247-wondercms-3-1-3-page-persistent-cross-site-scripting-3dd2bb210beb","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/49102","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://systemweakness.com/cve-2020-29247-wondercms-3-1-3-page-persistent-cross-site-scripting-3dd2bb210beb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/49102","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-29477","sourceIdentifier":"cve@mitre.org","published":"2020-12-30T15:15:12.840","lastModified":"2026-07-09T01:16:45.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Invision Community 4.5.4 is affected by cross-site scripting (XSS) in the Field Name field. This vulnerability can allow an attacker to inject the XSS payload in Field Name and each time any user will open that, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload."},{"lang":"es","value":"Invision Community versión 4.5.4, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en el campo Field Name.&#xa0;Esta vulnerabilidad puede permitir a un atacante inyectar una carga útil de tipo XSS en Field Name y cada vez que un usuario lo abre, el XSS se desencadena y el atacante puede ser capaz de robar la cookie de acuerdo a la carga útil diseñada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:invisioncommunity:community:4.5.4:*:*:*:*:*:*:*","matchCriteriaId":"524D69DE-AD68-4A57-9F91-A55B8204F88B"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49188","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49188","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-29228","sourceIdentifier":"cve@mitre.org","published":"2020-12-30T19:15:13.530","lastModified":"2026-07-09T01:16:44.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by SQL injection in the User Login Page."},{"lang":"es","value":"EGavilanMedia User Registration and Login System With Admin Panel versión 1.0, está afectado por una inyección SQL en la Página de Inicio de Sesión del Usuario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egavilanmedia:user_registration_and_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*","matchCriteriaId":"4E4236EE-3F31-4395-9CD5-D00F52F6B3C2"}]}]}],"references":[{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29228.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29228.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29230","sourceIdentifier":"cve@mitre.org","published":"2020-12-30T19:15:13.640","lastModified":"2026-07-09T01:16:44.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by cross-site scripting (XSS) in the Admin Panel - Manage User tab using the Full Name of the user. This vulnerability can result in the attacker injecting the XSS payload in the User Registration section and each time admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie according to the crafted payload."},{"lang":"es","value":"EGavilanMedia User Registration and Login System With Admin Panel versión 1.0, está afectado por un vulnerabilidad de tipo cross-site scripting (XSS) en la pestaña Manage User de Admin Panel usando el Full Name del usuario.&#xa0;Esta vulnerabilidad puede resultar en que el atacante inyecte una carga útil de tipo XSS en la sección User Registration y cada vez que el administrador visite la sección de administración de usuarios desde el panel de administración, el XSS se desencadena y el atacante puede ser capaz de robar la cookie de acuerdo con la carga útil diseñada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egavilanmedia:user_registration_and_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*","matchCriteriaId":"4E4236EE-3F31-4395-9CD5-D00F52F6B3C2"}]}]}],"references":[{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29230.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29230.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29231","sourceIdentifier":"cve@mitre.org","published":"2020-12-30T19:15:13.717","lastModified":"2026-07-09T01:16:44.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EGavilanMedia User Registration and Login System With Admin Panel 1.0 is affected by cross-site scripting (XSS) in the Admin Profile Page. This vulnerability can result in the attacker injecting the XSS payload in Admin Full Name and each time admin visits the Profile page from the admin panel, the XSS triggers."},{"lang":"es","value":"EGavilanMedia User Registration and Login System With Admin Panel versión 1.0, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en la Admin Profile Page.&#xa0;Esta vulnerabilidad puede resultar en que el atacante inyecte una carga útil de tipo XSS en el Admin Full Name y cada vez que el administrador visita la página del Perfil desde el panel de administración, se desencadena el ataque de tipo XSS."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:egavilanmedia:user_registration_and_login_system_with_admin_panel:1.0:*:*:*:*:*:*:*","matchCriteriaId":"4E4236EE-3F31-4395-9CD5-D00F52F6B3C2"}]}]}],"references":[{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hemantsolo/CVE-Reference/blob/main/CVE-2020-29231.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25498","sourceIdentifier":"cve@mitre.org","published":"2021-01-06T22:15:12.737","lastModified":"2026-07-09T00:17:02.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and \"Keyword\" in URL Filter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el enrutador Beetel 777VR1, puede ser explotada por medio del nombre del servidor NTP en System Time y \"Keyword\" en el filtro de URL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:beetel:777vr1_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7E956EE4-8520-422B-8B43-2DF22A139E3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:beetel:777vr1:-:*:*:*:*:*:*:*","matchCriteriaId":"AF58180F-9493-4B69-8C29-F2FF33C73BAB"}]}]}],"references":[{"url":"https://github.com/the-girl-who-lived/CVE-2020-25498","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/qeVHvmS5wtI","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/u_6yBIMF74A","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/the-girl-who-lived/CVE-2020-25498","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/qeVHvmS5wtI","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/u_6yBIMF74A","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-35262","sourceIdentifier":"cve@mitre.org","published":"2021-01-06T22:15:12.800","lastModified":"2026-07-09T01:16:45.153","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in Digisol DG-HR3400 can be exploited via the NTP server name in Time and date module and \"Keyword\" in URL Filter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en Digisol DG-HR3400, puede ser explotada por medio del nombre del servidor NTP en el módulo de fecha y hora y \"Keyword\" en el Filtro URL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:digisol:dg-hr3400_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"25CF9101-1C87-4C76-9E7D-E77FE18EBCFF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:digisol:dg-hr3400:-:*:*:*:*:*:*:*","matchCriteriaId":"F6E6951B-4D89-4D90-A98D-51696EA7BD5F"}]}]}],"references":[{"url":"https://github.com/the-girl-who-lived/CVE-2020-35262","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/E5wEzf-gkOE","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/the-girl-who-lived/CVE-2020-35262","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/E5wEzf-gkOE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26664","sourceIdentifier":"cve@mitre.org","published":"2021-01-08T18:15:13.403","lastModified":"2026-07-09T01:16:39.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file."},{"lang":"es","value":"Una vulnerabilidad en la función EbmlTypeDispatcher::send en VideoLAN VLC media player versión 3.0.11, permite a atacantes desencadenar un desbordamiento del búfer en la región heap de la memoria por medio de un archivo .mkv diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:videolan:vlc_media_player:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.12","matchCriteriaId":"A0721E05-5EEC-4D4F-862A-05DE55D494FC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}]}]}],"references":[{"url":"https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00012.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202101-37","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4834","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.githubusercontent.com/henices/db11664dd45b9f322f8514d182aef5ea/raw/d56940c8bf211992bf4f3309a85bb2b69383e511/CVE-2020-26664.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2022/06/msg00012.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202101-37","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4834","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23630","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T15:15:12.907","lastModified":"2026-07-09T00:16:59.943","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A blind SQL injection vulnerability exists in zzcms ver201910 based on time (cookie injection)."},{"lang":"es","value":"Se presenta una vulnerabilidad de inyección SQL ciega en zzcms versión ver201910 basada en tiempo (inyección de cookies)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zzcms:zzcms:201910:*:*:*:*:*:*:*","matchCriteriaId":"783BABB9-58F7-458E-B214-5CE4B34239FA"}]}]}],"references":[{"url":"https://github.com/Pandora1m2/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Pandora1m2/zzcms201910/issues/1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Pandora1m2/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Pandora1m2/zzcms201910/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2018-8044","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.180","lastModified":"2026-07-09T00:16:50.437","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys."},{"lang":"es","value":"K7Computing Pvt Ltd K7Antivirus Premium versión 15.1.0.53, está afectado por: un Control de acceso incorrecto.&#xa0;El impacto es: una Ejecución de Procesos Locales (local).&#xa0;El componente es: la biblioteca K7Sentry.sys"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-8724","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.257","lastModified":"2026-07-09T00:16:50.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe."},{"lang":"es","value":"K7Computing Pvt Ltd K7AntiVirus Premium versión 15.1.0.53, está afectado por: un Control de acceso incorrecto.&#xa0;El impacto es: alcanzar privilegios (local).&#xa0;El componente es: el archivo K7TSMngr.exe"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-8725","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.337","lastModified":"2026-07-09T00:16:50.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe."},{"lang":"es","value":"K7Computing Pvt Ltd K7AntiVirus Premium versión 15.01.00.53, está afectado por: un Desbordamiento del Búfer.&#xa0;El impacto es: ejecutar código arbitrario (local).&#xa0;El componente es: el archivo K7TSMngr.exe"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-8726","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.413","lastModified":"2026-07-09T00:16:50.813","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe."},{"lang":"es","value":"K7Computing Pvt Ltd K7Antivirus Premium versión 15.1.0.53, está afectado por: Desbordamiento de Búfer.&#xa0;El impacto es: ejecutar código arbitrario (local).&#xa0;El componente es: Archivo K7TSMngr.exe"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-9332","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.493","lastModified":"2026-07-09T00:16:50.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local)."},{"lang":"es","value":"K7Computing Pvt Ltd K7AntiVirus Premium versión 15.01.00.53, está afectado por: un Control de Acceso Incorrecto.&#xa0;El impacto es: alcanzar privilegios (local)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-9333","sourceIdentifier":"cve@mitre.org","published":"2021-01-11T16:15:13.587","lastModified":"2026-07-09T00:16:51.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe."},{"lang":"es","value":"K7Computing Pvt Ltd K7AntiVirus Premium versión 15.1.0.53, está afectado por: un Desbordamiento de Búfer.&#xa0;El impacto es: ejecutar código arbitrario (local).&#xa0;El componente es: el archivo K7TSMngr.exe"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"},{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:antivrius:*:*:*:*:premium:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"721DCDB7-8342-44E2-AB03-E7F5E62E5EA9"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:enterprise_security:*:*:*:*:*:*:*:*","versionEndExcluding":"14.2.0001","matchCriteriaId":"6329F23D-B675-4C2E-95BA-FDF600653511"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:total_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"D20E597F-D94E-4C17-8926-FF75D8AF5DFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:k7computing:ultimate_security:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0.0001","matchCriteriaId":"73A7AB9E-C6FF-4D74-A65B-F782E117FD76"}]}]}],"references":[{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.k7computing.com/index.php?/selfhelp/view-article/Advisory-issued-on-6th-January-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-20950","sourceIdentifier":"cve@mitre.org","published":"2021-01-19T13:15:11.887","lastModified":"2026-07-09T00:16:53.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in Microchip Libraries for Applications 2018-11-26 All up to 2018-11-26. The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure."},{"lang":"es","value":"Un ataque de Bleichenbacher en el relleno PKCS#1 versión v1.5 para RSA en las Bibliotecas de Microchip para Aplicaciones en todas las versiones del 26-11-2018 hasta el 26-11-2018.&#xa0;La vulnerabilidad puede permitir a uno usar el ataque de oráculo de Bleichenbacher para descifrar un texto encriptado cifrado al hacer consultas sucesivas al servidor usando la biblioteca vulnerable, resultando en una divulgación de información remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ietf:public_key_cryptography_standards_\\#1:1.5:*:*:*:*:*:*:*","matchCriteriaId":"0563022F-D818-46C3-AF66-E84984174DA8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microchip:microchip_libraries_for_applications:*:*:*:*:*:*:*:*","versionEndIncluding":"2018-11-26","matchCriteriaId":"1D66BCB6-AC9B-4437-A0AB-645A353F2B4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.microchip.com/mplab/microchip-libraries-for-applications","source":"cve@mitre.org","tags":["Product"]},{"url":"http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.microchip.com/mplab/microchip-libraries-for-applications","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2020-28707","sourceIdentifier":"cve@mitre.org","published":"2021-01-19T22:15:12.537","lastModified":"2026-07-09T01:16:42.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Stockdio Historical Chart plugin before 2.8.1 for WordPress is affected by Cross Site Scripting (XSS) via stockdio_chart_historical-wp.js in wp-content/plugins/stockdio-historical-chart/assets/ because the origin of a postMessage() event is not validated. The stockdio_eventer function listens for any postMessage event. After a message event is sent to the application, this function sets the \"e\" variable as the event and checks that the types of the data and data.method are not undefined (empty) before proceeding to eval the data.method received from the postMessage. However, on a different website. JavaScript code can call window.open for the vulnerable WordPress instance and do a postMessage(msg,'*') for that object."},{"lang":"es","value":"El plugin Stockdio Historical Chart versiones anteriores a 2.8.1 para WordPress, está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS) por medio del archivo stockdio_chart_historical-wp.js en wp-content/plugins/stockdio-historical-chart/assets/ debido a que el origen de un evento postMessage() no está comprobado.&#xa0;La función stockdio_eventer escucha cualquier evento postMessage.&#xa0;Después que un evento de mensaje es enviado a la aplicación, esta función establece la variable \"e\" como evento y comprueba que los tipos de datos y el método de datos no estén indefinidos (vacíos) antes de proceder a evaluar el método de datos recibido del postMessage.&#xa0;Sin embargo, en un sitio web diferente.&#xa0;El código JavaScript puede llamar a window.open para la instancia vulnerable de WordPress y hacer un postMessage(msg,'*') para ese objeto"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stockdio:stockdio_historical_chart:*:*:*:*:*:wordpress:*:*","versionEndExcluding":"2.8.1","matchCriteriaId":"593F6C25-64BE-4733-A6AB-39B3A8046F75"}]}]}],"references":[{"url":"https://jondow.eu/cve-2020-28707-xss-in-stockdio-historical-chart-plugin-for-wordpress-before-version-281/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://wordpress.org/plugins/stockdio-historical-chart/#developers","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://jondow.eu/cve-2020-28707-xss-in-stockdio-historical-chart-plugin-for-wordpress-before-version-281/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://wordpress.org/plugins/stockdio-historical-chart/#developers","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-20949","sourceIdentifier":"cve@mitre.org","published":"2021-01-20T16:15:14.007","lastModified":"2026-07-09T00:16:53.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bleichenbacher's attack on PKCS #1 v1.5 padding for RSA in STM32 cryptographic firmware library software expansion for STM32Cube (UM1924). The vulnerability can allow one to use Bleichenbacher's oracle attack to decrypt an encrypted ciphertext by making successive queries to the server using the vulnerable library, resulting in remote information disclosure."},{"lang":"es","value":"El ataque de Bleichenbacher en el relleno PKCS #1 v1.5 para RSA en la expansión del software de la biblioteca de firmware criptográfico STM32 para STM32Cube (UM1924).&#xa0;La vulnerabilidad puede permitir que uno use un ataque de oráculo de Bleichenbacher para descifrar un texto cifrado encriptado al hacer consultas sucesivas al servidor usando la biblioteca vulnerable, resultando en la divulgación de información remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef0:-:*:*:*:*:*:*:*","matchCriteriaId":"B0981326-08C5-45AE-86E5-03AA53D8AE99"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef1:-:*:*:*:*:*:*:*","matchCriteriaId":"6E973ADD-9CA3-4397-AAE2-6420A71693A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef2:-:*:*:*:*:*:*:*","matchCriteriaId":"370E3056-6D03-43DD-AC0C-03F1FC2F45A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef3:-:*:*:*:*:*:*:*","matchCriteriaId":"EF8ABBD3-551D-42F0-8F21-CB705F77CD7A"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef4:-:*:*:*:*:*:*:*","matchCriteriaId":"FEAE19AE-8AC7-4F33-B270-7BE1CF133F24"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubef7:-:*:*:*:*:*:*:*","matchCriteriaId":"61425839-B519-4879-9FFB-28A579AA9CB8"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubeg0:-:*:*:*:*:*:*:*","matchCriteriaId":"F9D26D7E-341E-40D7-8E4E-86ECB8F95AC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubeg4:-:*:*:*:*:*:*:*","matchCriteriaId":"D8378F71-17DA-47ED-8940-FF1F840222BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubeh7:-:*:*:*:*:*:*:*","matchCriteriaId":"97FCCBE1-1180-44E3-A2A7-0791F1EA7D8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubeide:-:*:*:*:*:*:*:*","matchCriteriaId":"5889CEC2-874F-442C-A5B5-5A72587BAC71"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubel0:-:*:*:*:*:*:*:*","matchCriteriaId":"BA3026EA-EBE3-4FAC-A798-B795EAA46A37"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubel1:-:*:*:*:*:*:*:*","matchCriteriaId":"4725F9EB-2CD3-40A7-9C28-9175834A572B"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubel4:-:*:*:*:*:*:*:*","matchCriteriaId":"4945D83E-6D1F-4DA7-8E81-DB3683BDF7B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubel4\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"4DC4A9CA-1BA8-4E76-A67C-4BCE7452F08C"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubel5:-:*:*:*:*:*:*:*","matchCriteriaId":"B62B4EA2-EFE4-4649-B0CA-C90C938C6B4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubemonitor:-:*:*:*:*:*:*:*","matchCriteriaId":"3B18C9EB-828C-406B-BB98-E940D5CB97E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubemp1:-:*:*:*:*:*:*:*","matchCriteriaId":"305ABE3D-197F-47AB-AEA4-B3C092888783"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubemx:-:*:*:*:*:*:*:*","matchCriteriaId":"22DEAB2C-577B-45E6-B43A-DA5AE2BCBFCA"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubeprogrammer:-:*:*:*:*:*:*:*","matchCriteriaId":"DA2CB594-1178-4E8E-B989-EEE4F9E8C667"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubewb:-:*:*:*:*:*:*:*","matchCriteriaId":"F709593E-1EF2-44AA-BBBF-7D2618D40F50"},{"vulnerable":true,"criteria":"cpe:2.3:a:st:stm32cubewl:-:*:*:*:*:*:*:*","matchCriteriaId":"3BB96785-28FF-41E1-BBF4-27491CB2E2F4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ietf:public_key_cryptography_standards_\\#1:1.5:*:*:*:*:*:*:*","matchCriteriaId":"0563022F-D818-46C3-AF66-E84984174DA8"}]}]}],"references":[{"url":"http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.st.com/en/embedded-software/x-cube-cryptolib.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://archiv.infsec.ethz.ch/education/fs08/secsem/bleichenbacher98.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://bi-zone.medium.com/silence-will-fall-or-how-it-can-take-2-years-to-get-your-vuln-registered-e6134846f5bb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.st.com/en/embedded-software/x-cube-cryptolib.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-28874","sourceIdentifier":"cve@mitre.org","published":"2021-01-26T18:15:51.020","lastModified":"2026-07-09T01:16:44.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter)."},{"lang":"es","value":"El archivo reset-password.php en ProjectSend versiones anteriores a r1295, permite a atacantes remotos restablecer una contraseña debido a una lógica comercial incorrecta.&#xa0;Los errores no son apropiadamente considerados (un parámetro de token no válido)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-404"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:projectsend:projectsend:*:*:*:*:*:*:*:*","versionEndExcluding":"r1295","matchCriteriaId":"CABFA76F-189B-4190-A0BB-99B1D966A8BE"}]}]}],"references":[{"url":"https://github.com/projectsend/projectsend/commit/440204734e9a1687cb9887e1c887173d23c5a93e","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/projectsend/projectsend/commits/master","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/projectsend/projectsend/releases/tag/r1295","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/varandinawer/CVE-2020-28874","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/projectsend/projectsend/commit/440204734e9a1687cb9887e1c887173d23c5a93e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/projectsend/projectsend/commits/master","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/projectsend/projectsend/releases/tag/r1295","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/varandinawer/CVE-2020-28874","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-35854","sourceIdentifier":"cve@mitre.org","published":"2021-01-26T18:15:55.083","lastModified":"2026-07-09T01:16:45.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter."},{"lang":"es","value":"Textpattern versión 4.8.4 está afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en el parámetro Body"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:textpattern:textpattern:4.8.4:*:*:*:*:*:*:*","matchCriteriaId":"398F55CB-5C6D-405D-B0A3-69A176A55785"}]}]}],"references":[{"url":"https://riteshgohil-25.medium.com/textpattern-4-8-4-is-affected-by-cross-site-scripting-xss-in-the-body-parameter-b9a3d7da2a88","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.textpattern.co/demo","source":"cve@mitre.org","tags":["Product"]},{"url":"https://riteshgohil-25.medium.com/textpattern-4-8-4-is-affected-by-cross-site-scripting-xss-in-the-body-parameter-b9a3d7da2a88","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.textpattern.co/demo","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2020-36011","sourceIdentifier":"cve@mitre.org","published":"2021-01-26T18:15:55.147","lastModified":"2026-07-09T01:16:46.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Remarks, or Any Known Allergies field."},{"lang":"es","value":"Un problema de tipo cross-site scripting (XSS) en Add Patient Form en QDOCS Smart Hospital Management System versión 3.1, permite a un atacante remoto inyectar código arbitrario por medio de los campos Name, Guardian Name, Email, Address, Remarks, o Any Known Allergies"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qdocs:smart_hospital:3.1:*:*:*:*:*:*:*","matchCriteriaId":"32934C64-1EE4-4A12-8451-EB5859F7543B"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49290","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49290","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-36012","sourceIdentifier":"cve@mitre.org","published":"2021-01-27T13:15:12.620","lastModified":"2026-07-09T01:16:46.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field."},{"lang":"es","value":"Una vulnerabilidad de tipo XSS almacenado en BDTASK Multi-Store Inventory Management System versión 1.0, permite a un administrador local inyectar código arbitrario por medio del Customer Name Field"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bdtask:multi-store:1.0.0:*:*:*:*:wordpress:*:*","matchCriteriaId":"849C8ADD-10CB-4932-9980-6817BA2A9D2F"}]}]}],"references":[{"url":"https://kislay00.medium.com/m-store-multi-store-inventory-management-system-add-customer-stored-xss-875a376770ec","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://kislay00.medium.com/m-store-multi-store-inventory-management-system-add-customer-stored-xss-875a376770ec","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-3294","sourceIdentifier":"cve@mitre.org","published":"2021-02-09T00:15:12.267","lastModified":"2026-07-09T01:17:01.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CASAP Automated Enrollment System 1.0 is affected by cross-site scripting (XSS) in users.php. An attacker can steal a cookie to perform user redirection to a malicious website."},{"lang":"es","value":"CASAP Automated Enrollment System versión 1.0, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo users.php.&#xa0;Un atacante puede robar una cookie para llevar a cabo un redireccionamiento del usuario hacia un sitio web malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:casap_automated_enrollment_system_project:casap_automated_enrollment_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"AFA6FCDF-214D-46B9-BDC4-32B296AC4920"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161421/CASAP-Automated-Enrollment-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49469","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/download-code?nid=12210&title=CASAP+Automated+Enrollment+System+using+PHP%2FMySQLi+with+Source+Code","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161421/CASAP-Automated-Enrollment-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49469","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/download-code?nid=12210&title=CASAP+Automated+Enrollment+System+using+PHP%2FMySQLi+with+Source+Code","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25493","sourceIdentifier":"cve@mitre.org","published":"2021-02-11T18:15:14.537","lastModified":"2026-07-09T00:17:02.097","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Oclean Mobile Application 2.1.2 communicates with an external website using HTTP so it is possible to eavesdrop the network traffic. The content of HTTP payload is encrypted using XOR with a hardcoded key, which allows for the possibility to decode the traffic."},{"lang":"es","value":"La aplicación móvil Oclean versión 2.1.2, se comunica con un sitio web externo mediante HTTP, por lo que es posible escuchar el tráfico de la red.&#xa0;El contenido de la carga útil HTTP se cifra mediante XOR con una clave embebida, lo que permite la posibilidad de decodificar el tráfico"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-327"},{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oclean:oclean:2.1.2:*:*:*:*:*:*:*","matchCriteriaId":"AEE6D0D7-E109-4917-87F7-2CB4682CCAC4"}]}]}],"references":[{"url":"https://github.com/c3r34lk1ll3r/decrypt-oclean-traffic","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.yunding.noopsychebrushforeign","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/c3r34lk1ll3r/decrypt-oclean-traffic","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.yunding.noopsychebrushforeign","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2021-25296","sourceIdentifier":"cve@mitre.org","published":"2021-02-15T13:15:12.683","lastModified":"2026-07-09T13:39:49.130","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server."},{"lang":"es","value":"Nagios XI versión xi-5.7.5, esta afectada por una inyección de comandos del Sistema Operativo.&#xa0;La vulnerabilidad se presenta en el archivo /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php debido a un saneamiento inapropiado de la entrada controlada por el usuario autenticado mediante una única petición HTTP, que puede conllevar a una inyección de comandos del el servidor de Nagios XI"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-04T20:17:13.052541Z","id":"CVE-2021-25296","options":[{"exploitation":"active"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2022-01-18","cisaActionDue":"2022-02-01","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Nagios XI OS Command Injection","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.6","versionEndIncluding":"5.7.5","matchCriteriaId":"F16363BB-D503-4020-A9FA-D78B0ABE217C"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25296","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2021-25297","sourceIdentifier":"cve@mitre.org","published":"2021-02-15T13:15:12.793","lastModified":"2026-07-09T13:39:51.737","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server."},{"lang":"es","value":"Nagios XI versión xi-5.7.5, esta afectada por una inyección de comandos del Sistema Operativo.&#xa0;La vulnerabilidad se presenta en el archivo /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php debido a un saneamiento inapropiado de la entrada controlada por el usuario autenticado mediante una única petición HTTP, lo que puede conllevar a una inyección de comandos del sistema operativo en el servidor de Nagios XI"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-04T19:46:39.479223Z","id":"CVE-2021-25297","options":[{"exploitation":"active"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2022-01-18","cisaActionDue":"2022-02-01","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Nagios XI OS Command Injection","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.6","versionEndIncluding":"5.7.5","matchCriteriaId":"F16363BB-D503-4020-A9FA-D78B0ABE217C"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25297","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2021-25298","sourceIdentifier":"cve@mitre.org","published":"2021-02-15T13:15:12.857","lastModified":"2026-07-09T13:39:54.287","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command injection on the Nagios XI server."},{"lang":"es","value":"Nagios XI versión xi-5.7.5, esta afectada por una inyección de comandos del Sistema Operativo.&#xa0;La vulnerabilidad se presenta en el archivo /usr/local/nagiosxi/html/includes/configwizards/cloud-vm/cloud-vm.inc.php debido a un saneamiento inapropiado de la entrada controlada por el usuario autenticado mediante una única petición HTTP, lo que puede conducir a una inyección de comandos del Sistema Operativo en el servidor de Nagios XI"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-04T19:45:39.605939Z","id":"CVE-2021-25298","options":[{"exploitation":"active"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2022-01-18","cisaActionDue":"2022-02-01","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Nagios XI OS Command Injection","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5.6","versionEndIncluding":"5.7.5","matchCriteriaId":"F16363BB-D503-4020-A9FA-D78B0ABE217C"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/170924/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.fastly.com/blog/anatomy-of-a-command-injection-cve-2021-25296-7-8-with-metasploit-module-and","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25298","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2021-25299","sourceIdentifier":"cve@mitre.org","published":"2021-02-15T13:15:12.920","lastModified":"2026-07-09T01:16:47.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios XI version xi-5.7.5 is affected by cross-site scripting (XSS). The vulnerability exists in the file /usr/local/nagiosxi/html/admin/sshterm.php due to improper sanitization of user-controlled input. A maliciously crafted URL, when clicked by an admin user, can be used to steal his/her session cookies or it can be chained with the previous bugs to get one-click remote command execution (RCE) on the Nagios XI server."},{"lang":"es","value":"Nagios XI versión xi-5.7.5, esta afectada por una vulnerabilidad de tipo cross-site scripting (XSS).&#xa0;La vulnerabilidad se presenta en el archivo /usr/local/nagiosxi/html/admin/sshterm.php debido a un saneamiento inapropiado de la entrada controlada por el usuario.&#xa0;Una URL maliciosamente, cuando un usuario administrador hace clic en ella, puede ser usada para robar  las cookies de su sesión o puede ser encadenada con los bugs previos para obtener una ejecución de comandos remota (RCE) con un solo clic en el servidor de Nagios XI"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:*","matchCriteriaId":"EBFAF29F-D022-4E72-85E6-4642752B2516"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161561/Nagios-XI-5.7.5-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://assets.nagios.com/downloads/nagiosxi/versions.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/fs0c-sh/nagios-xi-5.7.5-bugs/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24841","sourceIdentifier":"cve@mitre.org","published":"2021-02-16T13:15:12.797","lastModified":"2026-07-09T00:17:00.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database."},{"lang":"es","value":"PNPSCADA versión 2.200816204020, permite una inyección SQL por medio del parámetro \"interf\" en el archivo /browse.jsp.&#xa0;Al explotar este problema podría permitir a un atacante comprometer a la aplicación, acceder o modificar datos o explotar vulnerabilidades latentes en la base de datos subyacente"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sdg:pnpscada:2.200816204020:*:*:*:*:*:*:*","matchCriteriaId":"AAECB1B3-BA16-4DBE-A85E-D1EAB0DE60DB"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/48757","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/48757","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-27328","sourceIdentifier":"cve@mitre.org","published":"2021-02-19T19:15:12.627","lastModified":"2026-07-09T01:16:48.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Yeastar NeoGate TG400 91.3.0.3 devices are affected by Directory Traversal. An authenticated user can decrypt firmware and can read sensitive information, such as a password or decryption key."},{"lang":"es","value":"Los dispositivos Yeastar NeoGate TG400 versión 91.3.0.3, están afectados por un Salto de Directorio.&#xa0;Un usuario autenticado puede descifrar el firmware y puede leer información confidencial, como una contraseña o una clave de descifrado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:yeastar:neogate_tg400_firmware:91.3.0.3:*:*:*:*:*:*:*","matchCriteriaId":"4F5677DF-B933-4CED-8BD7-D717970BC083"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:yeastar:neogate_tg400:-:*:*:*:*:*:*:*","matchCriteriaId":"9B68796A-C77A-4913-8028-8F70592F091F"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161560/Yeastar-TG400-GSM-Gateway-91.3.0.3-Path-Traversal.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/SQSamir/CVE-2021-27328","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/161560/Yeastar-TG400-GSM-Gateway-91.3.0.3-Path-Traversal.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/SQSamir/CVE-2021-27328","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24175","sourceIdentifier":"cve@mitre.org","published":"2021-02-22T16:15:12.780","lastModified":"2026-07-09T00:17:00.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling."},{"lang":"es","value":"Un desbordamiento del búfer en Yz1 versiones 0.30 y 0.32, como es usado en IZArc versión 4.4, ZipGenius versión 6.3.2.3116 y Explzh (extensión) versión 8.14, permite a atacantes ejecutar código arbitrario por medio de un archivo de almacenamiento diseñado, relacionado con el manejo de nombres de archivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yz1:yz1:0.30:*:*:*:*:*:*:*","matchCriteriaId":"D5DDB3CC-98EB-4CDA-942B-3BD21A372520"},{"vulnerable":true,"criteria":"cpe:2.3:a:yz1:yz1:0.32:*:*:*:*:*:*:*","matchCriteriaId":"3B9D1388-E64E-4032-BF03-9A43C69E752E"}]}]}],"references":[{"url":"https://gist.github.com/illikainen/315a420a9c28cbe882e16b8eba40b2e1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://illikainen.dev/advisories/014-yz1-izarc","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/illikainen/315a420a9c28cbe882e16b8eba40b2e1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/illikainen/ced14e08e00747fef613ba619bb25bb4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://illikainen.dev/advisories/014-yz1-izarc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27132","sourceIdentifier":"cve@mitre.org","published":"2021-02-27T06:15:12.493","lastModified":"2026-07-09T01:16:48.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header."},{"lang":"es","value":"Los dispositivos SerComm AG Combo VD625 versión AGSOT_2.1.0, permiten una inyección CRLF (para la inyección del encabezado HTTP) en la función download por medio del encabezado Content-Disposition"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:sercomm:agcombo_vd625_firmware:agsot_2.1.0:*:*:*:*:*:*:*","matchCriteriaId":"1D10ACE6-DEF8-404E-9224-FE32A4E68F7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:sercomm:agcombo_vd625:-:*:*:*:*:*:*:*","matchCriteriaId":"230B02A1-F952-494D-8C13-789687827D4B"}]}]}],"references":[{"url":"https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24036","sourceIdentifier":"cve@mitre.org","published":"2021-03-04T13:15:14.907","lastModified":"2026-07-09T00:17:00.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code."},{"lang":"es","value":"Una inyección de objetos PHP en el endpoint Ajax del backend en ForkCMS versiones por debajo de 5.8.3, permite a un usuario remoto autenticado ejecutar código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*","versionEndExcluding":"5.8.3","matchCriteriaId":"64E1FEDE-E74B-44AC-B557-DBF79092E2DF"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161764/ForkCMS-PHP-Object-Injection.html","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2021/Mar/31","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/ForkCMS-PHP-Object-Injection-CVE-2020-24036","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-04","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/ForkCMS-PHP-Object-Injection-CVE-2020-24036","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-04","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24912","sourceIdentifier":"cve@mitre.org","published":"2021-03-04T13:15:14.957","lastModified":"2026-07-09T00:17:01.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) reflejado en qcubed (todas las versiones, incluyendo 3.1.1) en el archivo profile.php por medio del parámetro stQuery permite a atacantes no autenticados robar sesiones de usuarios autenticados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.1","matchCriteriaId":"AC2AE768-7638-4055-A2FC-F255EF9E99BA"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161763/QCubed-3.1.1-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2021/Mar/30","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-Cross-Site-Scripting-CVE-2020-24912","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-03","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-Cross-Site-Scripting-CVE-2020-24912","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24913","sourceIdentifier":"cve@mitre.org","published":"2021-03-04T13:15:15.033","lastModified":"2026-07-09T00:17:01.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en qcubed (todas las versiones, incluyendo la 3.1.1) en el archivo profile.php por medio del parámetro strQuery permite a un atacante no autenticado acceder a la base de datos inyectando código SQL por medio de una petición POST diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.1","matchCriteriaId":"AC2AE768-7638-4055-A2FC-F255EF9E99BA"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161759/QCubed-3.1.1-SQL-Injection.html","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2021/Mar/29","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/30","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-SQL-Injection-CVE-2020-24913","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-02","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-SQL-Injection-CVE-2020-24913","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-24914","sourceIdentifier":"cve@mitre.org","published":"2021-03-04T13:15:15.110","lastModified":"2026-07-09T00:17:01.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A PHP object injection bug in profile.php in qcubed (all versions including 3.1.1) unserializes the untrusted data of the POST-variable \"strProfileData\" and allows an unauthenticated attacker to execute code via a crafted POST request."},{"lang":"es","value":"Un bug de inyección de objetos PHP en el archivo profile.php en qcubed (todas las versiones, incluyendo 3.1.1) anula la serialización de los datos no confiables de la variable POST \"strProfileData\" y permite a un atacante no autenticado ejecutar código por medio de una petición POST diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.1","matchCriteriaId":"AC2AE768-7638-4055-A2FC-F255EF9E99BA"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/161758/QCubed-3.1.1-PHP-Object-Injection.html","source":"cve@mitre.org"},{"url":"http://seclists.org/fulldisclosure/2021/Mar/28","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-PHP-Object-Injection-CVE-2020-24914","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-01","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"http://seclists.org/fulldisclosure/2021/Mar/28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://tech.feedyourhead.at/content/QCubed-PHP-Object-Injection-CVE-2020-24914","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisories/ait-sa-20210215-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27574","sourceIdentifier":"cve@mitre.org","published":"2021-03-08T21:15:15.590","lastModified":"2026-07-09T01:16:42.507","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF). If an authenticated user visits a malicious page, unintended actions could be performed in the web application as the authenticated user."},{"lang":"es","value":"Maxum Rumpus versiones 8.2.13 y 8.2.14 está afectado por un ataque de tipo cross-site request forgery (CSRF).&#xa0;Si un usuario autenticado visita una página maliciosa, se podrían llevar a cabo acciones no deseadas en la aplicación web como un usuario autenticado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.13:*:*:*:*:*:*:*","matchCriteriaId":"0C097C21-5005-479E-AC4E-9F277FB54941"},{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.14:*:*:*:*:*:*:*","matchCriteriaId":"0E6FA090-CD8D-4392-93FB-08CE89D422E4"}]}]}],"references":[{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27575","sourceIdentifier":"cve@mitre.org","published":"2021-03-08T22:15:13.237","lastModified":"2026-07-09T01:16:42.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation."},{"lang":"es","value":"Maxum Rumpus versiones v8.2.13 y 8.2.14, está afectado por una vulnerabilidad de inyección de comandos.&#xa0;La administración web contiene una funcionalidad en la que los administradores pueden administrar a los usuarios.&#xa0;El formulario de edición de usuarios contiene un parámetro vulnerable a la inyección de comandos debido a una comprobación insuficiente"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.13:*:*:*:*:*:*:*","matchCriteriaId":"0C097C21-5005-479E-AC4E-9F277FB54941"},{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.14:*:*:*:*:*:*:*","matchCriteriaId":"0E6FA090-CD8D-4392-93FB-08CE89D422E4"}]}]}],"references":[{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27576","sourceIdentifier":"cve@mitre.org","published":"2021-03-08T22:15:13.330","lastModified":"2026-07-09T01:16:42.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability."},{"lang":"es","value":"Maxum Rumpus versiones 8.2.13 y 8.2.14, está afectado por un vulnerabilidad de tipo cross-site scripting (XSS).&#xa0;Los usuarios son capaces de crear carpetas en la aplicación web.&#xa0;El nombre de la carpeta no está suficientemente validado, resultando en una vulnerabilidad de tipo cross-site scripting almacenado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.13:*:*:*:*:*:*:*","matchCriteriaId":"0C097C21-5005-479E-AC4E-9F277FB54941"},{"vulnerable":true,"criteria":"cpe:2.3:a:maxum:rumpus:8.2.14:*:*:*:*:*:*:*","matchCriteriaId":"0E6FA090-CD8D-4392-93FB-08CE89D422E4"}]}]}],"references":[{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://tvrbk.github.io/cve/2021/03/07/rumpus.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29238","sourceIdentifier":"cve@mitre.org","published":"2021-03-10T03:15:12.320","lastModified":"2026-07-09T01:16:44.650","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request."},{"lang":"es","value":"Un desbordamiento de búfer entero en el servidor web Nginx de ExpressVPN Router versión 1 permite a los atacantes remotos obtener informaciones sensibles cuando el servidor se ejecuta como proxy inverso a través de una solicitud especialmente diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:expressvpn:expressvpn:1.0:*:*:*:*:*:*:*","matchCriteriaId":"9FD735FC-9630-4064-AD6D-11B46EAFE752"}]}]}],"references":[{"url":"http://ja1sharma.com/blog/2021/CVE-2020-29238/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/162152/ExpressVPN-VPN-Router-1.0-Integer-Overflow.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugcrowd.com/disclosures/4e8d5325-8e49-4ea3-962a-a088bbb73a3f/expressvpn-router-integer-buffer-overflow-server-info-disclosure-when-router-s-nginx-server-used-as-reverse-proxy-server","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://ja1sharma.com/blog/2021/CVE-2020-29238/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/162152/ExpressVPN-VPN-Router-1.0-Integer-Overflow.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://bugcrowd.com/disclosures/4e8d5325-8e49-4ea3-962a-a088bbb73a3f/expressvpn-router-integer-buffer-overflow-server-info-disclosure-when-router-s-nginx-server-used-as-reverse-proxy-server","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27695","sourceIdentifier":"cve@mitre.org","published":"2021-03-15T17:15:22.377","lastModified":"2026-07-09T01:16:48.967","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple stored cross-site scripting (XSS) vulnerabilities in openMAINT 2.1-3.3-b allow remote attackers to inject arbitrary web script or HTML via any \"Add\" sections, such as Add Card Building & Floor, or others in the Name and Code Parameters."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo cross-site scripting (XSS) almacenado en openMAINT versión 2.1-3.3-b, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio de cualquier sección \"Add\", tal y como Add Card Building &amp; Floor, u otras en los parámetros de Name y Code"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openmaint:openmaint:2.1-3.3-b:*:*:*:*:*:*:*","matchCriteriaId":"5CCCF34B-387E-480D-9648-681FFF7AB12E"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/49649","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49649","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-28873","sourceIdentifier":"cve@mitre.org","published":"2021-03-17T13:15:14.937","lastModified":"2026-07-09T01:16:43.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Fluxbb 1.5.11 is affected by a denial of service (DoS) vulnerability by sending an extremely long password via the user login form. When a long password is sent, the password hashing process will result in CPU and memory exhaustion on the server."},{"lang":"es","value":"Fluxbb versión 1.5.11, está afectado por una vulnerabilidad de denegación de servicio (DoS) al enviar una contraseña extremadamente larga por medio del formulario de inicio de sesión del usuario.&#xa0;Cuando es enviada una contraseña larga, el proceso de hash de contraseña dará como resultado el agotamiento de la CPU y la memoria en el servidor"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-916"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fluxbb:fluxbb:1.5.11:*:*:*:*:*:*:*","matchCriteriaId":"4294CBC2-85BA-4C0F-90D3-E655F78495DF"}]}]}],"references":[{"url":"https://www.acunetix.com/vulnerabilities/web/long-password-denial-of-service/#:~:text=By%20sending%20a%20very%20long%2Ca%20vulnerable%20password%20hashing%20implementation","source":"cve@mitre.org"},{"url":"https://www.acunetix.com/vulnerabilities/web/long-password-denial-of-service/#:~:text=By%20sending%20a%20very%20long%2Ca%20vulnerable%20password%20hashing%20implementation","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-26215","sourceIdentifier":"cve@mitre.org","published":"2021-03-18T16:15:14.357","lastModified":"2026-07-09T01:16:48.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php."},{"lang":"es","value":"SeedDMS versión 5.1.x, está afectado por un ataque de tipo cross-site request forgery (CSRF) en el archivo out.EditDocument.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seeddms:seeddms:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.1.21","matchCriteriaId":"FC8816E6-32EC-4E41-9150-439FD6AD0823"}]}]}],"references":[{"url":"https://tuhin1729.medium.com/cve-2021-26215-7ce6800be822","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tuhin1729.medium.com/cve-2021-26215-7ce6800be822","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-26216","sourceIdentifier":"cve@mitre.org","published":"2021-03-18T16:15:14.420","lastModified":"2026-07-09T01:16:48.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php."},{"lang":"es","value":"SeedDMS versión 5.1.x, está afectado por un ataque de tipo cross-site request forgery (CSRF) en el archivo out.EditFolder.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seeddms:seeddms:*:*:*:*:*:*:*:*","versionStartIncluding":"5.1.0","versionEndIncluding":"5.1.21","matchCriteriaId":"FC8816E6-32EC-4E41-9150-439FD6AD0823"}]}]}],"references":[{"url":"https://tuhin1729.medium.com/cve-2021-26216-ffb33321dc91","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tuhin1729.medium.com/cve-2021-26216-ffb33321dc91","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-28936","sourceIdentifier":"cve@mitre.org","published":"2021-03-29T13:15:12.380","lastModified":"2026-07-09T01:16:49.867","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management administrator password can be changed by sending a specially crafted HTTP GET request. The administrator username has to be known (default:admin) whereas no previous authentication is required."},{"lang":"es","value":"La contraseña de administración Web de Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1), puede ser cambiado mediante el envío de una petición HTTP GET especialmente diseñada.&#xa0;El nombre de usuario del administrador debe ser conocido (predeterminado: admin), mientras que no sea requerida una autenticación previa"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acexy:wireless-n_wifi_repeater_firmware:28.08.06.1:*:*:*:*:*:*:*","matchCriteriaId":"8F4EBA90-1BC8-4A54-B5C8-E6A681249E3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acexy:wireless-n_wifi_repeater:1.0:*:*:*:*:*:*:*","matchCriteriaId":"4B718A0D-7C4B-456A-A3DA-BD74F4A087D7"}]}]}],"references":[{"url":"https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-28937","sourceIdentifier":"cve@mitre.org","published":"2021-03-29T13:15:12.787","lastModified":"2026-07-09T01:16:49.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP."},{"lang":"es","value":"La página /password.html de la interfaz de administración web del Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1), contiene la contraseña de la cuenta de administrador en texto plano.&#xa0;La página puede ser interceptada en HTTP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acexy:wireless-n_wifi_repeater_firmware:28.08.06.1:*:*:*:*:*:*:*","matchCriteriaId":"8F4EBA90-1BC8-4A54-B5C8-E6A681249E3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acexy:wireless-n_wifi_repeater:1.0:*:*:*:*:*:*:*","matchCriteriaId":"4B718A0D-7C4B-456A-A3DA-BD74F4A087D7"}]}]}],"references":[{"url":"https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-30109","sourceIdentifier":"cve@mitre.org","published":"2021-04-05T13:15:11.657","lastModified":"2026-07-09T01:16:52.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Froala Editor 3.2.6 is affected by Cross Site Scripting (XSS). Under certain conditions, a base64 crafted string leads to persistent Cross-site scripting (XSS) vulnerability within the hyperlink creation module."},{"lang":"es","value":"Froala Editor versión 3.2.6, está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS).&#xa0;Bajo determinadas condiciones, una cadena diseñada en base64 conlleva a una vulnerabilidad de tipo Cross-site scripting (XSS) persistente dentro del módulo de creación de hipervínculos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:froala:froala_editor:3.2.6:*:*:*:*:*:*:*","matchCriteriaId":"3B081DF8-3353-4785-891E-6F737623268C"}]}]}],"references":[{"url":"https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Hackdwerg/CVE-2021-30109/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-28927","sourceIdentifier":"cve@mitre.org","published":"2021-04-07T15:15:13.623","lastModified":"2026-07-09T01:16:49.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The text-to-speech engine in libretro RetroArch for Windows 1.9.0 passes unsanitized input to PowerShell through platform_win32.c via the accessibility_speak_windows function, which allows attackers who have write access on filesystems that are used by RetroArch to execute code via command injection using specially a crafted file and directory names."},{"lang":"es","value":"El motor de text-to-speech en libretro RetroArch para Windows versión 1.9.0 pasa la entrada no saneada a PowerShell mediante el archivo platform_win32.c por medio de la función accessibility_speak_windows, que permite a atacantes que presentan acceso de escritura en los sistemas de archivos que usa RetroArch para ejecutar código por medio de la inyección de comandos usando especialmente un nombres de archivos y directorios diseñados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libretro:retroarch:*:*:*:*:*:*:*:*","versionStartIncluding":"1.9.0","versionEndIncluding":"1.9.4","matchCriteriaId":"76E4437F-8065-4577-A04A-2FDFE7EA623A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://github.com/libretro/RetroArch/blob/d3dc3ee989ec6a4903c689907ffc47027f71f776/frontend/drivers/platform_win32.c","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://labs.bishopfox.com/advisories/retroarch-for-windows-version-1.9.0","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/libretro/RetroArch/blob/d3dc3ee989ec6a4903c689907ffc47027f71f776/frontend/drivers/platform_win32.c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://labs.bishopfox.com/advisories/retroarch-for-windows-version-1.9.0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21883","sourceIdentifier":"cve@mitre.org","published":"2021-04-09T13:15:12.957","lastModified":"2026-07-09T00:16:57.437","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover."},{"lang":"es","value":"Unibox U-50 versión 2.4 y UniBox Enterprise Series versión 2.4 y UniBox Campus Series versión 2.4, contienen una vulnerabilidad de inyección de comandos del Sistema Operativo en /tools/ping, que puede conllevar a la toma de control completa del dispositivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u50_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"882BCD30-71B7-40AD-838D-5707B9FD7806"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u50:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6A2612-10F5-4D18-BD2B-08DB5014C79F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u500_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"9E7242A4-C7F8-40B2-9CF3-43CE25CDA212"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u500:-:*:*:*:*:*:*:*","matchCriteriaId":"1A42EF4C-6456-484C-8440-9B179BD0828F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u1000_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"7A1448BA-9CCD-4F9B-B5D5-7558DC630751"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u1000:-:*:*:*:*:*:*:*","matchCriteriaId":"6D5DF97B-66A2-4E8E-9A08-BA8651693AC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u2500_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"F421531A-9A29-49A5-8E9B-B98306FEACD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u2500:-:*:*:*:*:*:*:*","matchCriteriaId":"0A83C2FA-A976-4837-A86F-239A876701AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u5000_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"D83AC5AA-3623-42D3-B83A-B051FC4B806D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u5000:-:*:*:*:*:*:*:*","matchCriteriaId":"90E5BF46-EF2F-4409-81F6-A58A77427EDB"}]}]}],"references":[{"url":"https://s3curityb3ast.github.io/KSA-Dev-009.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mail-archive.com/fulldisclosure@seclists.org/msg07140.html","source":"cve@mitre.org"},{"url":"https://s3curityb3ast.github.io/KSA-Dev-009.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mail-archive.com/fulldisclosure%40seclists.org/msg07140.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2020-21884","sourceIdentifier":"cve@mitre.org","published":"2021-04-09T13:15:13.020","lastModified":"2026-07-09T00:16:57.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device."},{"lang":"es","value":"Unibox SMB versión 2.4 y UniBox Enterprise Series versión 2.4 y UniBox Campus Series versión 2.4, contienen una vulnerabilidad de tipo cross-site request forgery (CSRF) en /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 en el que una petición HTTP especialmente diseñada puede reconfigurar el dispositivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u50_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"882BCD30-71B7-40AD-838D-5707B9FD7806"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u50:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6A2612-10F5-4D18-BD2B-08DB5014C79F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u500_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"9E7242A4-C7F8-40B2-9CF3-43CE25CDA212"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u500:-:*:*:*:*:*:*:*","matchCriteriaId":"1A42EF4C-6456-484C-8440-9B179BD0828F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u1000_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"7A1448BA-9CCD-4F9B-B5D5-7558DC630751"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u1000:-:*:*:*:*:*:*:*","matchCriteriaId":"6D5DF97B-66A2-4E8E-9A08-BA8651693AC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u2500_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"F421531A-9A29-49A5-8E9B-B98306FEACD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u2500:-:*:*:*:*:*:*:*","matchCriteriaId":"0A83C2FA-A976-4837-A86F-239A876701AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:indionetworks:unibox_u5000_firmware:2.4:*:*:*:*:*:*:*","matchCriteriaId":"D83AC5AA-3623-42D3-B83A-B051FC4B806D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:indionetworks:unibox_u5000:-:*:*:*:*:*:*:*","matchCriteriaId":"90E5BF46-EF2F-4409-81F6-A58A77427EDB"}]}]}],"references":[{"url":"https://s3curityb3ast.github.io/KSA-Dev-008.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mail-archive.com/fulldisclosure@seclists.org/msg07139.html","source":"cve@mitre.org"},{"url":"https://s3curityb3ast.github.io/KSA-Dev-008.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mail-archive.com/fulldisclosure%40seclists.org/msg07139.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2020-24285","sourceIdentifier":"cve@mitre.org","published":"2021-04-12T11:15:11.620","lastModified":"2026-07-09T00:17:00.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"INTELBRAS TELEFONE IP TIP200 version 60.61.75.22 allows an attacker to obtain sensitive information through /cgi-bin/cgiServer.exx."},{"lang":"es","value":"INTELBRAS TELEFONE IP TIP200 versión 60.61.75.22, permite a un atacante obtener información confidencial por medio del archivo /cgi-bin/cgiServer.exx"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:intelbras:tip200_firmware:60.61.75.22:*:*:*:*:*:*:*","matchCriteriaId":"45DC9E69-4822-4E88-BE2A-F4BA986DAD1E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:intelbras:tip200:-:*:*:*:*:*:*:*","matchCriteriaId":"CA0FACFB-D2B5-4B61-9B07-8AB1841C513B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:intelbras:tip200lite_firmware:60.61.75.22:*:*:*:*:*:*:*","matchCriteriaId":"24920AA6-428D-42F1-8C39-BBFF440B07B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:intelbras:tip200lite:-:*:*:*:*:*:*:*","matchCriteriaId":"AEC5DA91-45C3-4E77-A113-5DB9B9DF5F2C"}]}]}],"references":[{"url":"https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/SecLoop/CVE/blob/main/telefone_ip_tip200.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27990","sourceIdentifier":"cve@mitre.org","published":"2021-04-14T14:15:13.977","lastModified":"2026-07-09T01:16:49.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities."},{"lang":"es","value":"Appspace versión 6.2.4 es vulnerable a un mecanismo de autenticación roto donde se puede llamar directamente a páginas como /medianet/mail.aspx y el framework es expuesto con diseños, menús y funcionalidades"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:appspace:appspace:6.2.4:*:*:*:*:*:*:*","matchCriteriaId":"6AD7EBEE-1FA6-4C7D-ACE7-B3D7D62373EB"}]}]}],"references":[{"url":"https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/syedsohaibkarim/PoC-BrokenAuth-AppSpace6.2.4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-25679","sourceIdentifier":"cve@mitre.org","published":"2021-04-20T12:15:13.120","lastModified":"2026-07-09T01:16:47.160","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be confirmed during primary research. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched."},{"lang":"es","value":"** NO SOPORTADO CUANDO SE ASIGNÓ ** El software AdTran Personal Phone Manager es vulnerable a problemas de tipo cross-site scripting (XSS) almacenado y autenticado.&#xa0;Estos problemas impactan a versiones mínimas 10.8.1 y por debajo, pero también pueden potencialmente impactar a versiones posteriores, ya que no han sido previamente reveladas.&#xa0;Solo versión 10.8.1, pudo ser capaz de ser confirmada durante la investigación primaria.&#xa0;NOTA: Los dispositivos NetVanta 7060 y NetVanta 7100 afectados son considerados en Fin de Vida y, como tal, este problema no será parcheado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"adtran","product":"personal_phone_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:adtran:personal_phone_manager:*:*:*:*:*:*:*:*"],"versions":[{"version":"*","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-14T17:59:39.242886Z","id":"CVE-2021-25679","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adtran:personal_phone_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"10.8.1","matchCriteriaId":"E272222C-80C0-4738-B876-AAC9CADB2EC9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7060:-:*:*:*:*:*:*:*","matchCriteriaId":"DDFEB4F1-3C9B-479F-AAB8-7B585265485F"},{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7100:-:*:*:*:*:*:*:*","matchCriteriaId":"EED7D983-AA17-429C-B55B-60591D34ADD5"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/162268/Adtran-Personal-Phone-Manager-10.8.1-Persistent-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://depthsecurity.com/blog/vulnerability-disclosure","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25679.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/162268/Adtran-Personal-Phone-Manager-10.8.1-Persistent-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://depthsecurity.com/blog/vulnerability-disclosure","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25679.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-25680","sourceIdentifier":"cve@mitre.org","published":"2021-04-20T12:15:13.230","lastModified":"2026-07-09T01:16:47.310","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting (XSS) issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be confirmed during primary research. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched."},{"lang":"es","value":"** NO SOPORTADO CUANDO SE ASIGNÓ ** El software AdTran Personal Phone Manager es vulnerable a múltiples problemas de tipo cross-site scripting (XSS) reflejado.&#xa0;Estos problemas impactan a versiones mínimas 10.8.1 y anteriores, pero potencialmente impactan a versiones posteriores, ya que no han sido previamente reveladas.&#xa0;Solo versión 10.8.1 fue capaz de ser confirmada durante la investigación primaria.&#xa0;NOTA: Los dispositivos NetVanta 7060 y NetVanta 7100 afectados son considerados en Fin de Vida y, como tal, este problema no será parcheado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adtran:personal_phone_manager:*:*:*:*:*:*:*:*","versionEndIncluding":"10.8.1","matchCriteriaId":"E272222C-80C0-4738-B876-AAC9CADB2EC9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7060:-:*:*:*:*:*:*:*","matchCriteriaId":"DDFEB4F1-3C9B-479F-AAB8-7B585265485F"},{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7100:-:*:*:*:*:*:*:*","matchCriteriaId":"EED7D983-AA17-429C-B55B-60591D34ADD5"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/162269/Adtran-Personal-Phone-Manager-10.8.1-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25680.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/162269/Adtran-Personal-Phone-Manager-10.8.1-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25680.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-25681","sourceIdentifier":"cve@mitre.org","published":"2021-04-20T12:15:13.290","lastModified":"2026-07-09T01:16:47.437","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"AdTran Personal Phone Manager 10.8.1 software is vulnerable to an issue that allows for exfiltration of data over DNS. This could allow for exposed AdTran Personal Phone Manager web servers to be used as DNS redirectors to tunnel arbitrary data over DNS. NOTE: The affected appliances NetVanta 7060 and NetVanta 7100 are considered End of Life and as such this issue will not be patched."},{"lang":"es","value":"** NO SOPORTADO CUANDO SE ASIGNÓ ** El software AdTran Personal Phone Manager versión 10.8.1, es vulnerable a un problema que permite la exfiltración de datos por medio de DNS.&#xa0;Esto podría permitir a servidores web expuestos de AdTran Personal Phone Manager ser usados como redirectores de DNS para canalizar datos arbitrarios por medio de DNS.&#xa0;NOTA: Los dispositivos NetVanta 7060 y NetVanta 7100 afectados son considerados en Fin de Vida y, como tal, este problema no será parcheado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adtran:personal_phone_manager:10.8.1:*:*:*:*:*:*:*","matchCriteriaId":"B4CF09B1-B108-46A1-9F74-CB9C218CC242"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7060:-:*:*:*:*:*:*:*","matchCriteriaId":"DDFEB4F1-3C9B-479F-AAB8-7B585265485F"},{"vulnerable":false,"criteria":"cpe:2.3:h:adtran:netvanta_7100:-:*:*:*:*:*:*:*","matchCriteriaId":"EED7D983-AA17-429C-B55B-60591D34ADD5"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/162280/Adtran-Personal-Phone-Manager-10.8.1-DNS-Exfiltration.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25681.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/162280/Adtran-Personal-Phone-Manager-10.8.1-DNS-Exfiltration.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/3ndG4me/AdTran-Personal-Phone-Manager-Vulns/blob/main/CVE-2021-25681.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-28860","sourceIdentifier":"cve@mitre.org","published":"2021-05-03T12:15:07.467","lastModified":"2026-07-09T01:16:49.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS)."},{"lang":"es","value":"En Node.js mixme, antes de la versión v0.5.1, un atacante puede agregar o alterar las propiedades de un objeto por medio de \"__proto__\" por medio de las funciones mutate() y merge(). El atributo contaminado se asignará directamente a cada objeto del programa. Esto pondrá en riesgo la disponibilidad del programa y provocará una potencial denegación de servicio (DoS)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1321"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adaltas:mixme:*:*:*:*:*:node.js:*:*","versionEndExcluding":"0.5.1","matchCriteriaId":"D3B742DF-38E8-406C-BA55-3238A57DC138"}]}]}],"references":[{"url":"https://github.com/adaltas/node-mixme/commit/cfd5fbfc32368bcf7e06d1c5985ea60e34cd4028","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/adaltas/node-mixme/issues/1","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/adaltas/node-mixme/security/advisories/GHSA-79jw-6wg7-r9g4","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210618-0005/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.npmjs.com/~david","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/adaltas/node-mixme/commit/cfd5fbfc32368bcf7e06d1c5985ea60e34cd4028","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/adaltas/node-mixme/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/adaltas/node-mixme/security/advisories/GHSA-79jw-6wg7-r9g4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20210618-0005/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.npmjs.com/~david","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27518","sourceIdentifier":"cve@mitre.org","published":"2021-05-04T14:15:08.750","lastModified":"2026-07-09T01:16:42.377","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"All versions of Windscribe VPN for Mac and Windows <= v2.02.10 contain a local privilege escalation vulnerability in the WindscribeService component. A low privilege user could leverage several openvpn options to execute code as root/SYSTEM."},{"lang":"es","value":"Todas las versiones de Windscribe VPN para Mac y Windows versiones anteriores a v2.02.10 incluyéndola, contienen una vulnerabilidad de escalada de privilegios local en el componente WindscribeService.&#xa0;Un usuario con pocos privilegios podría aprovechar varias opciones de openvpn para ejecutar código como root/SYSTEM"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:windscribe:windscribe:*:*:*:*:*:macos:*:*","versionEndIncluding":"2.02.10","matchCriteriaId":"BB9C1E0C-7FB8-43FB-A935-8EBC70629C36"},{"vulnerable":true,"criteria":"cpe:2.3:a:windscribe:windscribe:*:*:*:*:*:windows:*:*","versionEndIncluding":"2.02.10","matchCriteriaId":"1BC844CB-CC38-44DB-9D11-AB423B26A22D"}]}]}],"references":[{"url":"https://jeffs.sh/CVEs/CVE-2020-27518.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://jeffs.sh/CVEs/CVE-2020-27518.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-29039","sourceIdentifier":"cve@mitre.org","published":"2021-05-16T15:15:07.457","lastModified":"2026-07-09T01:16:50.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Asset module's categories administration page in Liferay Portal 7.3.4 allows remote attackers to inject arbitrary web script or HTML via the site name."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la página de administración de categorías del módulo Asset en Liferay Portal versión 7.3.4, permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios por medio del nombre del sitio"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.4:*:*:*:*:*:*:*","matchCriteriaId":"2C673509-5436-44DF-AFCE-BE5C3188D62F"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120777766","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120777766","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29040","sourceIdentifier":"cve@mitre.org","published":"2021-05-16T16:15:07.213","lastModified":"2026-07-09T01:16:50.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The JSON web services in Liferay Portal 7.3.4 and earlier, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 20 and 7.2 before fix pack 10 may provide overly verbose error messages, which allows remote attackers to use the contents of error messages to help launch another, more focused attacks via crafted inputs."},{"lang":"es","value":"Los servicios web JSON en Liferay Portal versiones 7.3.4 y anteriores, y Liferay DXP  versiones 7.0 anteriores al fixpack 97, versiones 7.1 anteriores al fixpack 20 y versiones 7.2 anteriores al fixpack 10, pueden proporcionar mensajes de error demasiado detallados, lo que permite a atacantes remotos usar el contenido del error de mensajes para ayudar a lanzar otros ataques más enfocados por medio de entradas diseñadas"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.0","matchCriteriaId":"235AC67E-2BF0-4E1E-BC82-26D10A1A552D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionEndIncluding":"7.3.4","matchCriteriaId":"5513FCC4-B6FB-4C86-81E6-05059FCD8DEB"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743429","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743429","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29041","sourceIdentifier":"cve@mitre.org","published":"2021-05-16T16:15:07.260","lastModified":"2026-07-09T01:16:51.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Denial-of-service (DoS) vulnerability in the Multi-Factor Authentication module in Liferay DXP 7.3 before fix pack 1 allows remote authenticated attackers to prevent any user from authenticating by (1) enabling Time-based One-time password (TOTP) on behalf of the other user or (2) modifying the other user's TOTP shared secret."},{"lang":"es","value":"Una vulnerabilidad de denegación de servicio (DoS) en el módulo de autenticación Multi-Factor en Liferay DXP versiones 7.3 anteriores al fixpack 1, permite a atacantes autenticados remotos impedir a cualquier usuario autenticarse al (1) habilitar la contraseña única basada en el tiempo (TOTP) en nombre del otro usuario o (2) modificar el secreto compartido de TOTP del otro usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"5C0B6536-11D4-48A1-8EC8-FCDFFFD07540"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17131","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17131","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29047","sourceIdentifier":"cve@mitre.org","published":"2021-05-16T16:15:07.297","lastModified":"2026-07-09T01:16:51.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The SimpleCaptcha implementation in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.3 before fix pack 1 does not invalidate CAPTCHA answers after it is used, which allows remote attackers to repeatedly perform actions protected by a CAPTCHA challenge by reusing the same CAPTCHA answer."},{"lang":"es","value":"La implementación de SimpleCaptcha en Liferay Portal versiones 7.3.4, 7.3.5 y Liferay DXP versiones 7.3 anteriores al fixpack 1, no invalida las respuestas CAPTCHA después de su uso, lo que permite a atacantes remotos llevar a cabo repetidamente acciones protegidas por un desafío CAPTCHA reutilizando la misma respuesta CAPTCHA"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"5C0B6536-11D4-48A1-8EC8-FCDFFFD07540"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.4:*:*:*:*:*:*:*","matchCriteriaId":"2C673509-5436-44DF-AFCE-BE5C3188D62F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.5:*:*:*:*:*:*:*","matchCriteriaId":"2B842A08-1EDB-4232-89C9-9B966E251B3B"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743467","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743467","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29043","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T11:15:07.127","lastModified":"2026-07-09T01:16:51.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Portal Store module in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 does not obfuscate the S3 store's proxy password, which allows attackers to steal the proxy password via man-in-the-middle attacks or shoulder surfing."},{"lang":"es","value":"El módulo Portal Store en Liferay Portal versiones 7.0.0 hasta 7.3.5 y Liferay DXP versiones 7.0 anteriores al fixpack 97, versiones 7.1 anteriores al fixpack 21, versiones 7.2 anteriores al fixpack 10 y versiones 7.3 anteriores a fixpack 1, no oculta la contraseña de proxy de la tienda S3, el cual permite a atacantes robar la contraseña del proxy por medio de ataques de tipo man-in-the-middle o navegación lateral"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.3.5","matchCriteriaId":"E447EF84-77FA-448B-8E40-DB216B9B715E"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743515","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29044","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T11:15:07.210","lastModified":"2026-07-09T01:16:51.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Site module's membership request administration pages in Liferay Portal 7.0.0 through 7.3.5, and Liferay DXP 7.0 before fix pack 97, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_site_my_sites_web_portlet_MySitesPortlet_comments parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en las páginas de administración de peticiones de membresía del módulo Site en Liferay Portal versiones 7.0.0 hasta 7.3.5, y Liferay DXP versiones 7.0 anteriores al fixpack 97, versiones 7.1 anteriores al fixpack 21, versiones 7.2 anteriores al fixpack 10 y versiones 7.3 anteriores al fixpack 1, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro _com_liferay_site_my_sites_web_portlet_MySitesPortlet_comments"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.3.5","matchCriteriaId":"E447EF84-77FA-448B-8E40-DB216B9B715E"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743548","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743548","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29045","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T11:15:07.243","lastModified":"2026-07-09T01:16:51.683","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Redirect module's redirection administration page in Liferay Portal 7.3.2 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_redirect_web_internal_portlet_RedirectPortlet_destinationURL parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en la página de administración de redireccionamiento del módulo Redirect en Liferay Portal versiones 7.3.2 hasta 7.3.5, y Liferay DXP versiones 7.3 anteriores a fixpack 1, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro _com_liferay_redirect_web_internal_portlet_RedirectPortlet_destinationURL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndIncluding":"7.3.5","matchCriteriaId":"A622610B-E145-43E4-AFC6-A4A196296301"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743484","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743484","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29046","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T11:15:07.277","lastModified":"2026-07-09T01:16:51.797","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_asset_categories_admin_web_portlet_AssetCategoriesAdminPortlet_title parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en el campo de entrada del selector de categoría del módulo Asset en Liferay Portal versión 7.3.5 y Liferay DXP versiones 7.3 anteriores a fixpack 1, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro _com_liferay_asset_categories_admin_web_portlet_AssetCategoriesAdminPortlet_title"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.5:*:*:*:*:*:*:*","matchCriteriaId":"2B842A08-1EDB-4232-89C9-9B966E251B3B"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743501","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29053","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T11:15:07.307","lastModified":"2026-07-09T01:16:52.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple SQL injection vulnerabilities in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1 allow remote authenticated users to execute arbitrary SQL commands via the classPKField parameter to (1) CommerceChannelRelFinder.countByC_C, or (2) CommerceChannelRelFinder.findByC_C."},{"lang":"es","value":"Múltiples vulnerabilidades de inyección SQL en Liferay Portal versión 7.3.5 y Liferay DXP versiones 7.3 anteriores a fixpack 1, permiten a usuarios autenticados remotos ejecutar comandos SQL arbitrarios por medio del parámetro classPKField para (1) el archivo CommerceChannelRelFinder.countByC_C, o (2) el archivo CommerceChannelRelFinder.findByC_C"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.5:*:*:*:*:*:*:*","matchCriteriaId":"2B842A08-1EDB-4232-89C9-9B966E251B3B"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120778225","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120778225","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29048","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T12:15:07.427","lastModified":"2026-07-09T01:16:52.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Layout module's page administration page in Liferay Portal 7.3.4, 7.3.5 and Liferay DXP 7.2 before fix pack 11 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_name parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en la página de administración page del módulo Layout en Liferay Portal versiones 7.3.4, 7.3.5 y Liferay DXP versiones 7.2 anteriores a fixpack 11 y versiones 7.3 anteriores a fixpack 1, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro _com_liferay_layout_admin_web_portlet_GroupPagesPortlet_name"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.4:*:*:*:*:*:*:*","matchCriteriaId":"2C673509-5436-44DF-AFCE-BE5C3188D62F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.5:*:*:*:*:*:*:*","matchCriteriaId":"2B842A08-1EDB-4232-89C9-9B966E251B3B"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743601","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743601","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29051","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T12:15:07.460","lastModified":"2026-07-09T01:16:52.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Asset module's Asset Publisher app in Liferay Portal 7.2.1 through 7.3.5, and Liferay DXP 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 1 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_XXXXXXXXXXXX_assetEntryId parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en la aplicación Asset Publisher del módulo Asset en Liferay Portal versiones 7.2.1 hasta 7.3.5, y Liferay DXP versiones 7.1 anteriores a fixpack 21, versiones 7.2 anteriores a fixpack 10 y versiones 7.3 anteriores a fixpack 1, permite a atacantes remotos inyectar un script web o HTML arbitrario por medio del parámetro _com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_XXXXXXXXXXXX_assetEntryId"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.3.5","matchCriteriaId":"38A0581E-BA9F-4B6D-AFEE-28AAA8CE31F6"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743580","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743580","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29052","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T12:15:07.490","lastModified":"2026-07-09T01:16:52.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Data Engine module in Liferay Portal 7.3.0 through 7.3.5, and Liferay DXP 7.3 before fix pack 1 does not check permissions in DataDefinitionResourceImpl.getSiteDataDefinitionByContentTypeByDataDefinitionKey, which allows remote authenticated users to view DDMStructures via GET API calls."},{"lang":"es","value":"El módulo Data Engine en Liferay Portal versiones 7.3.0 hasta 7.3.5 y Liferay DXP versiones 7.3 anteriores a fixpack 1 no comprueba los permisos en DataDefinitionResourceImpl.getSiteDataDefinitionByContentTypeByDataDefinitionKey, que permite a los usuarios autenticados remotos visualizar estructuras DDMS por medio de llamadas a la API GET"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndIncluding":"7.3.5","matchCriteriaId":"FF368A19-1F80-4A53-82C8-DDF6895F9992"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743159","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/id/120743159","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-21813","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T18:15:07.450","lastModified":"2026-07-09T00:16:54.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114."},{"lang":"es","value":"Se presenta un problema de desreferencia de puntero null en GNU LibreDWG versión 0.10.2641, por medio del archivo output_TEXT ../../programs/dwg2SVG.c:114, que causa una denegación de servicio (bloqueo de la aplicación)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890969","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890969","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21814","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.457","lastModified":"2026-07-09T00:16:54.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97."},{"lang":"es","value":"Se presenta un problema de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10.2641, por medio del archivo htmlwescape ../../programs/escape.c:97"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891083","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891083","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21815","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.490","lastModified":"2026-07-09T00:16:54.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A null pointer deference issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114, which causes a denial of service (application crash)."},{"lang":"es","value":"Se presenta un problema de desreferencia de puntero null en GNU LibreDWG versión 0.10.2641 por medio del archivo output_TEXT ../../programs/dwg2SVG.c:114, que causa una denegación de servicio (bloqueo de la aplicación)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890932","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890932","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21816","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.520","lastModified":"2026-07-09T00:16:54.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heab based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:46."},{"lang":"es","value":"Se presenta un problema de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10.2641, por medio del archivo htmlescape ../../programs/escape.c:46"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890865","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890865","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21817","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.550","lastModified":"2026-07-09T00:16:55.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A null pointer dereference issue exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:29. which causes a denial of service (application crash)."},{"lang":"es","value":"Se presenta un problema de desreferencia de puntero null en GNU LibreDWG versión 0.10.2641, por medio del archivo htmlescape ../../programs/escape.c:29.&#xa0;lo que causa una denegación de servicio (bloqueo de la aplicación)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issue-547887727","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issue-547887727","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21818","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.580","lastModified":"2026-07-09T00:16:55.210","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10.2641, por medio de el archivo htmlescape ../../programs/escape.c:48"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891053","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572891053","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21819","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T19:15:07.610","lastModified":"2026-07-09T00:16:55.330","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641via htmlescape ../../programs/escape.c:51."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10.2641, por medio del archivo htmlescape ../../programs/escape.c:51"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10.2641:*:*:*:*:*:*:*","matchCriteriaId":"767F5F8A-A209-4A53-B40E-4C30602BA5CB"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890901","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/182#issuecomment-572890901","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21827","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T20:15:07.413","lastModified":"2026-07-09T00:16:55.447","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento del búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio del archivo ./../src/decode.c:2379 de la función read_2004_compressed_section"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://cwe.mitre.org/data/definitions/122.html","source":"cve@mitre.org","tags":["Technical Description"]},{"url":"https://github.com/LibreDWG/libredwg/issues/183","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://cwe.mitre.org/data/definitions/122.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]},{"url":"https://github.com/LibreDWG/libredwg/issues/183","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21830","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.297","lastModified":"2026-07-09T00:16:55.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulneraibility exists in GNU LibreDWG 0.10 via bit_calc_CRC ../../src/bits.c:2213."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función bit_calc_CRC del archivo ../../src/bits.c:2213"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493134","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493134","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21832","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.337","lastModified":"2026-07-09T00:16:55.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2417."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función read_2004_compressed_section del archivo../../src/decode.c:2417"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492612","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492612","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21833","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.367","lastModified":"2026-07-09T00:16:55.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_classes ../../src/decode.c:2440."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de: la función read_2004_section_classes del archivo../../src/decode.c:2440"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493364","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493364","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21834","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.400","lastModified":"2026-07-09T00:16:56.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A null pointer deference issue exists in GNU LibreDWG 0.10 via get_bmp ../../programs/dwgbmp.c:164."},{"lang":"es","value":"Se presenta un problema de deferencia de puntero null en GNU LibreDWG versión 0.10, por medio de la función get_bmp del archivo ../../programs/dwgbmp.c:164"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492468","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492468","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21835","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.433","lastModified":"2026-07-09T00:16:56.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A null pointer deference issue exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2337."},{"lang":"es","value":"Se presenta un problema de deferencia de puntero null en GNU LibreDWG versión 0.10, por medio de la función read_2004_compressed_section del archivo ../../src/decode.c:2337"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493046","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493046","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21836","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.463","lastModified":"2026-07-09T00:16:56.260","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_preview ../../src/decode.c:3175."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función read_2004_section_preview del archivo ../../src/decode.c:3175"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493437","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493437","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21838","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.493","lastModified":"2026-07-09T00:16:56.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via: read_2004_section_appinfo ../../src/decode.c:2842."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función: read_2004_section_appinfo del archivo ../../src/decode.c:2842"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492816","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492816","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21839","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.523","lastModified":"2026-07-09T00:16:56.660","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in GNU LibreDWG 0.10. Crafted input will lead to an memory leak in dwg_decode_eed ../../src/decode.c:3638."},{"lang":"es","value":"Se detectó un problema en GNU LibreDWG versión 0.10.&#xa0;Una entrada diseñada conllevará a una pérdida de memoria en la función dwg_decode_eed del archivo../../src/decode.c:3638"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://cwe.mitre.org/data/definitions/401.html","source":"cve@mitre.org","tags":["Technical Description"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492707","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://cwe.mitre.org/data/definitions/401.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574492707","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21840","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.557","lastModified":"2026-07-09T00:16:56.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_search_sentinel ../../src/bits.c:1985."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función bit_search_sentinel del archivo ../../src/bits.c:1985"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493513","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493513","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21841","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T21:15:07.587","lastModified":"2026-07-09T00:16:56.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_B ../../src/bits.c:135."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función bit_read_B de archivo ../../src/bits.c:135"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493775","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493775","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21831","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T22:15:07.377","lastModified":"2026-07-09T00:16:55.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_handles ../../src/decode.c:2637."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función read_2004_section_handles del archivo ../../src/decode.c:2637"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493267","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493267","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21842","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T22:15:07.407","lastModified":"2026-07-09T00:16:57.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_section_revhistory ../../src/decode.c:3051."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función read_2004_section_revhistory del archivo ../../src/decode.c:3051"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493684","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493684","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21843","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T22:15:07.437","lastModified":"2026-07-09T00:16:57.210","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A heap based buffer overflow vulnerability exits in GNU LibreDWG 0.10 via bit_read_RC ../../src/bits.c:318."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento de búfer en la región heap de la memoria en GNU LibreDWG versión 0.10, por medio de la función bit_read_RC del archivo ../../src/bits.c:318"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493857","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493857","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21844","sourceIdentifier":"cve@mitre.org","published":"2021-05-17T22:15:07.463","lastModified":"2026-07-09T00:16:57.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code (remote). The component is: read_2004_section_header ../../src/decode.c:2580."},{"lang":"es","value":"GNU LibreDWG versión 0.10, está afectado por: memcpy-param-overlap.&#xa0;El impacto es: ejecutar código arbitrario (remoto).&#xa0;El componente es: read_2004_section_header en el archivo ../../src/decode.c:2580"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:libredwg:0.10:*:*:*:*:*:*:*","matchCriteriaId":"C3E7D34E-1D80-4CF0-8110-412C6D8514EF"}]}]}],"references":[{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493607","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/LibreDWG/libredwg/issues/188#issuecomment-574493607","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2017-17674","sourceIdentifier":"cve@mitre.org","published":"2021-05-19T14:15:07.263","lastModified":"2026-07-09T00:16:49.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BMC Remedy Mid Tier 9.1SP3 is affected by remote and local file inclusion. Due to the lack of restrictions on what can be targeted, the system can be vulnerable to attacks such as system fingerprinting, internal port scanning, Server Side Request Forgery (SSRF), or remote code execution (RCE)."},{"lang":"es","value":"BMC Remedy Mid Tier versión 9.1SP3, está afectado por la inclusión de archivos locales y remotos. Debido a una falta de restricciones sobre lo que puede ser atacado, el sistema puede ser vulnerable a ataques como el sistema de huellas dactilares, el escaneo de puertos internos, un Server Side Request Forgery (SSRF) o una ejecución de código remota (RCE)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bmc:remedy_mid-tier:9.1:sp3:*:*:*:*:*:*","matchCriteriaId":"0EB1B5E3-12D9-4A40-A5F9-B7D787B4E651"}]}]}],"references":[{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2017-17675","sourceIdentifier":"cve@mitre.org","published":"2021-05-19T14:15:07.297","lastModified":"2026-07-09T00:16:49.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BMC Remedy Mid Tier 9.1SP3 is affected by log hijacking. Remote logging can be accessed by unauthenticated users, allowing for an attacker to hijack the system logs. This data can include user names and HTTP data."},{"lang":"es","value":"BMC Remedy Mid Tier versión 9.1SP3, está afectado por un secuestro de registros.&#xa0;Unos usuarios no autenticados remotos pueden ser accedidos al registro, permitiendo a un atacante apropiarse de los registros del sistema.&#xa0;Estos datos pueden incluir nombres de usuario y datos HTTP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bmc:remedy_mid-tier:9.1:sp3:*:*:*:*:*:*","matchCriteriaId":"0EB1B5E3-12D9-4A40-A5F9-B7D787B4E651"}]}]}],"references":[{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2017-17677","sourceIdentifier":"cve@mitre.org","published":"2021-05-19T14:15:07.330","lastModified":"2026-07-09T00:16:49.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the right to create reports can use BIRT templates to run code."},{"lang":"es","value":"BMC Remedy versión 9.1SP3, está afectado por una ejecución del código autenticado.&#xa0;Unos usuarios autenticados que presentan derecho a crear informes pueden usar plantillas BIRT para ejecutar código"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bmc:remedy_mid-tier:9.1:sp3:*:*:*:*:*:*","matchCriteriaId":"0EB1B5E3-12D9-4A40-A5F9-B7D787B4E651"}]}]}],"references":[{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2017-17678","sourceIdentifier":"cve@mitre.org","published":"2021-05-19T14:15:07.367","lastModified":"2026-07-09T00:16:49.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BMC Remedy Mid Tier 9.1SP3 is affected by cross-site scripting (XSS). A DOM-based cross-site scripting vulnerability was discovered in a legacy utility."},{"lang":"es","value":"BMC Remedy Mid Tier versión 9.1SP3, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS).&#xa0;Se detectó una vulnerabilidad de tipo cross-site scripting basada en DOM en una utilidad heredada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bmc:remedy_mid-tier:9.1:sp3:*:*:*:*:*:*","matchCriteriaId":"0EB1B5E3-12D9-4A40-A5F9-B7D787B4E651"}]}]}],"references":[{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://docs.bmc.com/docs/ars91/en/9-1-00-fixes-available-for-remedy-ar-system-security-vulnerabilities-800555806.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://seclists.org/fulldisclosure/2017/Oct/52","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27821","sourceIdentifier":"cve@mitre.org","published":"2021-05-25T14:15:07.510","lastModified":"2026-07-09T01:16:49.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Web Interface for OpenWRT LuCI version 19.07 and lower has been discovered to have a cross-site scripting vulnerability."},{"lang":"es","value":"Se ha detectado que la Interfaz Web para OpenWRT LuCI versión 19.07 y anteriores presenta una vulnerabilidad de tipo cross-site scripting que puede conllevar a que los atacantes ejecuten código arbitrario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openwrt:luci:*:*:*:*:*:*:*:*","versionEndIncluding":"19.07.0","matchCriteriaId":"77B636D3-0A11-41B4-A71C-6A954F1D4EB5"}]}]}],"references":[{"url":"https://openwrt.org/advisory/start","source":"cve@mitre.org"},{"url":"https://openwrt.org/releases/19.07/start","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2021-33425","sourceIdentifier":"cve@mitre.org","published":"2021-05-25T14:15:07.760","lastModified":"2026-07-09T01:16:55.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability was discovered in the Web Interface for OpenWRT LuCI version 19.07 which allows attackers to inject arbitrary Javascript in the OpenWRT Hostname via the Hostname Change operation."},{"lang":"es","value":"Se detectó una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la Interfaz Web para OpenWRT LuCI versión 19.07, que permite a atacantes inyectar JavaScript arbitrario en el Hostname  de OpenWRT por medio de la operación Hostname Change"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:openwrt:openwrt:19.07.0:-:*:*:*:*:*:*","matchCriteriaId":"4FA469E2-9E63-4C9A-8EBA-10C8C870063A"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/11/09/1","source":"cve@mitre.org","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/11/09/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27676","sourceIdentifier":"cve@mitre.org","published":"2021-05-26T11:15:08.890","lastModified":"2026-07-09T01:16:48.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Centreon version 20.10.2 is affected by a cross-site scripting (XSS) vulnerability. The dep_description (Dependency Description) and dep_name (Dependency Name) parameters are vulnerable to stored XSS. A user has to log in and go to the Configuration > Notifications > Hosts page."},{"lang":"es","value":"Centreon versión 20.10.2, está afectada por una vulnerabilidad de tipo cross-site scripting (XSS).&#xa0;Los parámetros dep_description (Dependency Description) y dep_name (Dependency Name) son vulnerables a ataques de tipo XSS almacenado.&#xa0;Un usuario debe iniciar sesión e ir a la página Configuration ) Notifications ) Hosts"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:centreon:centreon:20.10.2:*:*:*:*:*:*:*","matchCriteriaId":"E0D9A8BF-BA27-4CB3-B235-A46138F478DC"}]}]}],"references":[{"url":"https://github.com/centreon/centreon/pull/9587","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/centreon/centreon/pull/9587","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26677","sourceIdentifier":"cve@mitre.org","published":"2021-05-26T12:15:15.840","lastModified":"2026-07-09T01:16:40.697","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Any user logged in to a vFairs 3.3 virtual conference or event can perform SQL injection with a malicious query to the API."},{"lang":"es","value":"Cualquier usuario que haya iniciado sesión en una conferencia o evento virtual de vFairs versión 3.3 puede llevar a cabo una inyección SQL con una consulta maliciosa a la API"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vfairs:vfairs:3.3:*:*:*:*:*:*:*","matchCriteriaId":"268E584B-2BC1-4FA1-89F9-0E536422CCA3"}]}]}],"references":[{"url":"https://api.vfairs.com/v1/users/","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://api.vfairs.com/v1/users/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26678","sourceIdentifier":"cve@mitre.org","published":"2021-05-26T12:15:15.873","lastModified":"2026-07-09T01:16:40.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vFairs 3.3 is affected by Remote Code Execution. Any user logged in to a vFairs virtual conference or event can abuse the functionality to upload a profile picture in order to place a malicious PHP file on the server and gain code execution."},{"lang":"es","value":"vFairs versión 3.3 está afectado por una Ejecución de Código Remota.&#xa0;Cualquier usuario que haya iniciado sesión en una conferencia o evento virtual de vFairs puede abusar de la funcionalidad para cargar una imagen de perfil con el fin de colocar un archivo PHP malicioso en el servidor y consegruir una ejecución de código"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vfairs:vfairs:3.3:*:*:*:*:*:*:*","matchCriteriaId":"268E584B-2BC1-4FA1-89F9-0E536422CCA3"}]}]}],"references":[{"url":"https://api.vfairs.com/v1/profiles","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://api.vfairs.com/v1/profiles","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26679","sourceIdentifier":"cve@mitre.org","published":"2021-05-26T12:15:15.900","lastModified":"2026-07-09T01:16:40.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their own, an HTTP POST request can be made update their profile description or supply a new profile image. This can lead to potential cross-site scripting attacks on any user, or upload malicious PHP webshells as \"profile pictures.\" The user IDs can be easily determined by other responses from the API for an event or chat room."},{"lang":"es","value":"vFairs versión 3.3 está afectado por permisos no seguros.&#xa0;Cualquier usuario que haya iniciado sesión en una conferencia o evento virtual de vFairs puede modificar la información de perfil o la imagen de perfil de cualquier otro usuario.&#xa0;Después de recibir el número de identificación único de cualquier usuario y el suyo propio, puede ser realizada una petición HTTP POST para actualizar la descripción de su perfil o proporcionar una nueva imagen de perfil.&#xa0;Esto puede conllevar a posibles ataques de tipo cross-site scripting en cualquier usuario, o cargar webshells PHP maliciosos como \"profile pictures\".&#xa0;Los ID de usuario se pueden determinar fácilmente mediante otras respuestas de la API para un evento o sala de chat"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vfairs:vfairs:3.3:*:*:*:*:*:*:*","matchCriteriaId":"268E584B-2BC1-4FA1-89F9-0E536422CCA3"}]}]}],"references":[{"url":"https://api.vfairs.com/v1/profiles","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://api.vfairs.com/v1/profiles?access_key=","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://api.vfairs.com/v1/profiles","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://api.vfairs.com/v1/profiles?access_key=","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26680","sourceIdentifier":"cve@mitre.org","published":"2021-05-26T12:15:15.930","lastModified":"2026-07-09T01:16:41.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In vFairs 3.3, any user logged in to a vFairs virtual conference or event can modify any other users profile information to include a cross-site scripting payload. The user data stored by the database includes HTML tags that are intentionally rendered out onto the page, and this can be abused to perform XSS attacks."},{"lang":"es","value":"En vFairs versión 3.3, cualquier usuario que haya iniciado sesión en una conferencia o evento virtual de vFairs puede modificar cualquier información de perfil de otros usuarios para incluir una carga útil de tipo cross-site scripting.&#xa0;Los datos de usuario almacenados por la base de datos incluyen etiquetas HTML que son renderizadas intencionalmente en la página, y esto puede ser abusado para llevar a cabo ataques de tipo XSS"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vfairs:vfairs:3.3:*:*:*:*:*:*:*","matchCriteriaId":"268E584B-2BC1-4FA1-89F9-0E536422CCA3"}]}]}],"references":[{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.huntress.com/blog/zero-day-vulnerabilities-in-popular-event-management-platforms-could-leave-msps-open-to-attack","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-29049","sourceIdentifier":"cve@mitre.org","published":"2021-06-09T19:15:09.567","lastModified":"2026-07-09T01:16:52.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Portal Workflow module's edit process page in Liferay DXP 7.0 before fix pack 99, 7.1 before fix pack 23, 7.2 before fix pack 12 and 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the currentURL parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la página de proceso de edición del módulo Portal Workflow en Liferay versiones 7.0 anteriores a fix pack 99, versiones 7.1 anteriores a fix pack 23, versiones 7.2 anteriores a fix pack 12 and versiones 7.3 anteriores a fix pack 1, permite a atacantes remotos inyectar scripts web o HTML arbitrarios por medio del parámetro currentURL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:sp2:*:*:*:*:*:*","matchCriteriaId":"20A79D2A-0D7B-48C8-A470-F39E4CF34BF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:sp5:*:*:*:*:*:*","matchCriteriaId":"41CD3704-16DA-42F6-B8B2-A374DE208C34"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17211","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17211","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-31658","sourceIdentifier":"cve@mitre.org","published":"2021-06-10T15:15:09.420","lastModified":"2026-07-09T01:16:53.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is affected by an Array index error. The interface that provides the \"device description\" function only judges the length of the received data, and does not filter special characters. This vulnerability will cause the application to crash, and all device configuration information will be erased."},{"lang":"es","value":"TP-Link TL-SG2005, TL-SG2008, etc. versiones 1.0.0 Build 20180529 Rel.40524 está afectado por un error de índice de matriz. La interfaz que proporciona la función \"device description\" sólo juzga la longitud de los datos recibidos, y no filtra los caracteres especiales. Esta vulnerabilidad causará que la aplicación se bloquee y toda la información de configuración del dispositivo será borrada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:P","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-sg2005_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*","matchCriteriaId":"E8150744-4213-428D-8411-F3A506FBE20D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-sg2005:-:*:*:*:*:*:*:*","matchCriteriaId":"73489BCA-57B8-4418-A61A-BF4599F575D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-sg2008_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*","matchCriteriaId":"77DD8C98-211B-4E6B-AFAE-1D49D7EA8574"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-sg2008:-:*:*:*:*:*:*:*","matchCriteriaId":"7B0AC813-1BE8-48D0-AD7C-AA443FB307E6"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-31658","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-31658","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-31659","sourceIdentifier":"cve@mitre.org","published":"2021-06-10T15:15:09.457","lastModified":"2026-07-09T01:16:53.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link TL-SG2005, TL-SG2008, etc. 1.0.0 Build 20180529 Rel.40524 is vulnerable to Cross Site Request Forgery (CSRF). All configuration information is placed in the URL, without any additional token authentication information. A malicious link opened by the switch administrator may cause the password of the switch to be modified and the configuration file to be tampered with."},{"lang":"es","value":"TP-Link TL-SG2005, TL-SG2008, etc. versiones 1.0.0 Build 20180529 Rel.40524 es vulnerable a taques de tipo Cross Site Request Forgery (CSRF). Toda la información de configuración se coloca en la URL, sin ninguna información adicional de autenticación de token. Un enlace malicioso abierto por el administrador del switch puede causar la modificación de la contraseña del switch y la manipulación del archivo de configuración"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-sg2005_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*","matchCriteriaId":"E8150744-4213-428D-8411-F3A506FBE20D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-sg2005:-:*:*:*:*:*:*:*","matchCriteriaId":"73489BCA-57B8-4418-A61A-BF4599F575D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-sg2008_firmware:1.0.0:build_20180529_rel.40524:*:*:*:*:*:*","matchCriteriaId":"77DD8C98-211B-4E6B-AFAE-1D49D7EA8574"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-sg2008:-:*:*:*:*:*:*:*","matchCriteriaId":"7B0AC813-1BE8-48D0-AD7C-AA443FB307E6"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-31659","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-31659","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-28979","sourceIdentifier":"cve@mitre.org","published":"2021-06-16T12:15:12.580","lastModified":"2026-07-09T01:16:50.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked."},{"lang":"es","value":"SafeNet KeySecure Management Console versión 8.12.0, es vulnerable a ataques de división de respuestas HTTP. Un atacante remoto podría explotar esta vulnerabilidad usando una URL especialmente diseñada para causar que el servidor devuelva una respuesta dividida, una vez que se haga clic en la URL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:thalesgroup:safenet_keysecure:*:*:*:*:*:*:*:*","versionEndIncluding":"8.12.0","matchCriteriaId":"BB337F14-2E9D-4105-9EC4-2DF01F9528AA"}]}]}],"references":[{"url":"https://www.gruppotim.it/redteam","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.thalesgroup.com/en","source":"nvd@nist.gov","tags":["Vendor Advisory"]},{"url":"https://www.gruppotim.it/redteam","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-34202","sourceIdentifier":"cve@mitre.org","published":"2021-06-16T19:15:39.263","lastModified":"2026-07-09T01:16:55.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640) 1.01B04. Ordinary permissions can be elevated to administrator permissions, resulting in local arbitrary code execution. An attacker can combine other vulnerabilities to further achieve the purpose of remote code execution."},{"lang":"es","value":"Se presentan múltiples vulnerabilidades fuera de límites en algunos procesos de D-Link AC2600(DIR-2640) versión 1.01B04. Los permisos ordinarios pueden ser elevados a permisos de administrador, resultando en una ejecución de código arbitrario local. Un atacante puede combinar otras vulnerabilidades para lograr aun más el propósito de una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-2640-us_firmware:1.01b04:*:*:*:*:*:*:*","matchCriteriaId":"1E8DB0D1-B2E6-457A-A4A5-C6AE9EB82624"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-2640-us:-:*:*:*:*:*:*:*","matchCriteriaId":"894C2BD1-B610-4F15-864E-92D6B515488D"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34202","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-34201","sourceIdentifier":"cve@mitre.org","published":"2021-06-16T20:15:07.573","lastModified":"2026-07-09T01:16:55.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing the process crashes or changes."},{"lang":"es","value":"D-Link DIR-2640-US versión 1.01B04 es vulnerable al Desbordamiento del Búfer. Se presentan múltiples vulnerabilidades de desbordamiento de búfer en algunos procesos de D-Link AC2600(DIR-2640). Los usuarios locales ordinarios pueden sobrescribir las variables globales en la sección .bss, causando el bloqueo del proceso o cambios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-2640-us_firmware:1.01b04:*:*:*:*:*:*:*","matchCriteriaId":"1E8DB0D1-B2E6-457A-A4A5-C6AE9EB82624"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-2640-us:-:*:*:*:*:*:*:*","matchCriteriaId":"894C2BD1-B610-4F15-864E-92D6B515488D"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34201","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-34203","sourceIdentifier":"cve@mitre.org","published":"2021-06-16T20:15:07.610","lastModified":"2026-07-09T01:16:55.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-2640-US 1.01B04 is vulnerable to Incorrect Access Control. Router ac2600 (dir-2640-us), when setting PPPoE, will start quagga process in the way of whole network monitoring, and this function uses the original default password and port. An attacker can easily use telnet to log in, modify routing information, monitor the traffic of all devices under the router, hijack DNS and phishing attacks. In addition, this interface is likely to be questioned by customers as a backdoor, because the interface should not be exposed."},{"lang":"es","value":"D-Link DIR-2640-US versión 1.01B04 es vulnerable al Control de Acceso Incorrecto. El router ac2600 (dir-2640-us), cuando se configura PPPoE, iniciará el proceso quagga en la manera de monitorización de toda la red, y esta función usa la contraseña y el puerto originales predeterminado. Un atacante puede usar fácilmente telnet para iniciar sesión, modificar la información de enrutamiento, monitorear el tráfico de todos los dispositivos bajo el router, secuestrar el DNS y los ataques de phishing. Además, es probable que esta interfaz sea cuestionada por los clientes como una puerta trasera, ya que la interfaz no debería estar expuesta"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:N","baseScore":4.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-2640-us_firmware:1.01b04:*:*:*:*:*:*:*","matchCriteriaId":"1E8DB0D1-B2E6-457A-A4A5-C6AE9EB82624"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-2640-us:-:*:*:*:*:*:*:*","matchCriteriaId":"894C2BD1-B610-4F15-864E-92D6B515488D"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34203","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34203","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-34204","sourceIdentifier":"cve@mitre.org","published":"2021-06-16T20:15:07.647","lastModified":"2026-07-09T01:16:55.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-2640-US 1.01B04 is affected by Insufficiently Protected Credentials. D-Link AC2600(DIR-2640) stores the device system account password in plain text. It does not use linux user management. In addition, the passwords of all devices are the same, and they cannot be modified by normal users. An attacker can easily log in to the target router through the serial port and obtain root privileges."},{"lang":"es","value":"D-Link DIR-2640-US versión 1.01B04, está afectado por Credenciales insuficientemente protegidas. D-Link AC2600(DIR-2640) almacena la contraseña de la cuenta del sistema del dispositivo en texto plano. No usa la administración de usuarios de Linux. Además, las contraseñas de todos los dispositivos son las mismas, y no pueden ser modificadas por usuarios normales. Un atacante puede entrar fácilmente en el router objetivo mediante el puerto serie y alcanzar privilegios de root"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-2640-us_firmware:1.01b04:*:*:*:*:*:*:*","matchCriteriaId":"1E8DB0D1-B2E6-457A-A4A5-C6AE9EB82624"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-2640-us:-:*:*:*:*:*:*:*","matchCriteriaId":"894C2BD1-B610-4F15-864E-92D6B515488D"}]}]}],"references":[{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34204","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2021-34204","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-21517","sourceIdentifier":"cve@mitre.org","published":"2021-06-21T15:15:07.977","lastModified":"2026-07-09T00:16:54.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en MetInfo versión 7.0.0, por medio del parámetro gourl en el archivo login.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:metinfo:metinfo:7.0.0:-:*:*:*:*:*:*","matchCriteriaId":"65A2CB16-CC11-4C8B-9CCC-7241BDD92E0C"}]}]}],"references":[{"url":"https://github.com/lvyyevd/cms/blob/master/metinfo/metinfo7.0.0.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://u.mituo.cn/api/metinfo/download/7.0.0","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/lvyyevd/cms/blob/master/metinfo/metinfo7.0.0.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://u.mituo.cn/api/metinfo/download/7.0.0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-22168","sourceIdentifier":"cve@mitre.org","published":"2021-06-22T15:15:16.107","lastModified":"2026-07-09T00:16:57.720","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \\hms\\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information."},{"lang":"es","value":"PHPGurukul Hospital Management System en PHP versión v4.0, presenta una vulnerabilidad de inyección SQL en el archivo \\hms\\change-emaild.php. Los usuarios no autentificados remoto  pueden explotar la vulnerabilidad para obtener información confidencial de la base de datos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*","matchCriteriaId":"DA36E354-4DBF-4BE4-9BC4-CB00C6771BAF"}]}]}],"references":[{"url":"https://github.com/itodaro/PHPGurukul_Hospital_Management_System4.0_cve","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/itodaro/PHPGurukul_Hospital_Management_System4.0_cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-26801","sourceIdentifier":"cve@mitre.org","published":"2021-06-25T13:15:08.147","lastModified":"2026-07-09T01:16:41.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability was discovered in /Forms/device_vars_1 on TrippLite SU2200RTXL2Ua with firmware version 12.04.0055. This vulnerability allows authenticated attackers to obtain other users' information via a crafted POST request."},{"lang":"es","value":"Se detectó una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en el archivo /Forms/device_vars_1 en TrippLite SU2200RTXL2Ua con versión de firmware 12.04.0055. Esta vulnerabilidad permite a atacantes autenticados obtener información de otros usuarios por medio de una petición POST diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tripplite:su2200rtxl2ua_firmware:12.04.0055:*:*:*:*:*:*:*","matchCriteriaId":"D9F9130D-6A72-4803-9FA6-339AF6FCFBB9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tripplite:su2200rtxl2ua:*:*:*:*:*:*:*:*","matchCriteriaId":"594FC979-A69D-4C1D-9749-B91520525291"}]}]}],"references":[{"url":"https://www.blacklanternsecurity.com/2021-06-21-Tripplite-CVE/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.blacklanternsecurity.com/2021-06-21-Tripplite-CVE/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-31721","sourceIdentifier":"cve@mitre.org","published":"2021-06-30T11:15:08.173","lastModified":"2026-07-09T01:16:53.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Chevereto before 3.17.1 allows Cross Site Scripting (XSS) via an image title at the image upload stage."},{"lang":"es","value":"Chevereto versiones  anteriores a 3.17.1, permite un ataque de tipo Cross Site Scripting (XSS) por medio de un título de imagen en la etapa de carga de imágenes"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chevereto:chevereto:*:*:*:*:*:*:*:*","versionEndExcluding":"3.17.1","matchCriteriaId":"F5EEB3B1-A4E5-4476-8BCB-474A12CD19CD"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/164183/Cloudron-6.2-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49859","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/164183/Cloudron-6.2-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/49859","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-28993","sourceIdentifier":"cve@mitre.org","published":"2021-06-30T13:15:07.750","lastModified":"2026-07-09T01:16:50.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Plixer Scrutinizer 19.0.2 is affected by: SQL Injection. The impact is: obtain sensitive information (remote)."},{"lang":"es","value":"Plixer Scrutinizer versión 19.0.2, está afectado por una Inyección SQL. El impacto es: obtención de información confidencial (remota)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plixer:scrutinizer:19.0.2:*:*:*:*:*:*:*","matchCriteriaId":"9CF07BCD-C44D-4DB5-8B3B-C293F6A29226"}]}]}],"references":[{"url":"https://docs.plixer.com/projects/scrutinizer/en/19.1.0/system/changelog.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.plixer.com/projects/scrutinizer/en/19.1.0/system/changelog.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-35451","sourceIdentifier":"cve@mitre.org","published":"2021-07-07T14:15:12.297","lastModified":"2026-07-09T01:16:56.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenticated user can inject arbitrary text into user browser via the Web application."},{"lang":"es","value":"En Teradici PCoIP Management Console-Enterprise versión 20.07.0, un usuario no autenticado puede inyectar texto arbitrario en el navegador del usuario por medio de la aplicación web"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:teradici:pcoip_management_console:20.07.0:*:*:*:enterprise:*:*:*","matchCriteriaId":"9DDD5C72-7B17-46B9-B11E-F3600D28FCAF"}]}]}],"references":[{"url":"https://gist.github.com/rvismit/578f9f98d79f22d81a5e45dbbc0b4fa4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/rvismit/578f9f98d79f22d81a5e45dbbc0b4fa4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-34110","sourceIdentifier":"cve@mitre.org","published":"2021-07-08T13:15:07.870","lastModified":"2026-07-09T01:16:55.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowing a local unprivileged user to replace the executable with a malicious file that will be executed with \"LocalSystem\" privileges."},{"lang":"es","value":"WinWaste.NET versión 1.0.6183.16475, presenta permisos incorrectos, permitiendo a un usuario local no privilegiado sustituir el ejecutable por un archivo malicioso que será ejecutado con privilegios \"LocalSystem\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nica:winwaste.net:1.0.6183.16475:*:*:*:*:*:*:*","matchCriteriaId":"266B562F-7E38-49C0-BF39-11473FDB77AE"}]}]}],"references":[{"url":"http://nica.it","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/204780","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/163335/WinWaste.NET-1.0.6183.16475-Local-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/50083","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://nica.it","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/204780","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/163335/WinWaste.NET-1.0.6183.16475-Local-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/50083","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-20584","sourceIdentifier":"cve@mitre.org","published":"2021-07-08T16:15:08.240","lastModified":"2026-07-09T00:16:52.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross site scripting vulnerability in baigo CMS v4.0-beta-1 allows attackers to execute arbitrary web scripts or HTML via the form parameter post to /public/console/profile/info-submit/."},{"lang":"es","value":"Una vulnerabilidad de tipo cross site scripting en baigo CMS versión v4.0-beta-1, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio del parámetro de formulario post a /public/console/profile/info-submit/"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:baigo:baigo_cms:4.0:beta1:*:*:*:*:*:*","matchCriteriaId":"30AE984E-AD46-43CA-A86B-9693E7D08301"}]}]}],"references":[{"url":"https://github.com/baigoStudio/baigoSSO","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoSSO/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoSSO/issues/13","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoSSO","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoSSO/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoSSO/issues/13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-20585","sourceIdentifier":"cve@mitre.org","published":"2021-07-08T16:15:08.277","lastModified":"2026-07-09T00:16:53.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information."},{"lang":"es","value":"Una inyección SQL ciega en /admin/?n=logs&amp;c=index&amp;a=dode de Metinfo versión 7.0 beta, permite a atacantes acceder a información confidencial de la base de datos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:*","matchCriteriaId":"952CFCE9-04CC-478B-AE37-9CC18C6AAA02"}]}]}],"references":[{"url":"https://github.com/0xyu/PHP_Learning/issues/3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.metinfo.cn/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/0xyu/PHP_Learning/issues/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.metinfo.cn/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-20586","sourceIdentifier":"cve@mitre.org","published":"2021-07-08T16:15:08.313","lastModified":"2026-07-09T00:16:53.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password."},{"lang":"es","value":"Una vulnerabilidad de tipo cross site request forgery (CSRF) en el URI /xyhai.php?s=/Auth/editUser de XYHCMS versión V3.6, permite a atacantes editar cualquier información del administrador, como el nombre, el correo electrónico y la contraseña"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xyhcms:xyhcms:3.6:*:*:*:*:*:*:*","matchCriteriaId":"56A03ECB-AD3C-4433-91BF-957F37B9ACFE"}]}]}],"references":[{"url":"http://www.xyhcms.com/Show/download/id/2/at/0.html","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/0xyu/PHP_Learning/issues/4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://www.xyhcms.com/Show/download/id/2/at/0.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/0xyu/PHP_Learning/issues/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-20363","sourceIdentifier":"cve@mitre.org","published":"2021-07-08T18:15:17.637","lastModified":"2026-07-09T00:16:52.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Crossi Site Scripting (XSS) vulnerability in PbootCMS 2.0.3 in admin.php."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en PbootCMS versión 2.0.3 en el archivo admin.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pbootcms:pbootcms:2.0.3:*:*:*:*:*:*:*","matchCriteriaId":"91B2CF5D-DF3E-4EAC-9DF3-14A0F4D205E8"}]}]}],"references":[{"url":"https://github.com/hnaoyun/PbootCMS","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/wind226/CVE/issues/1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hnaoyun/PbootCMS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/wind226/CVE/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27332","sourceIdentifier":"cve@mitre.org","published":"2021-07-22T19:15:08.777","lastModified":"2026-07-09T01:16:48.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the class_name parameter to update_class.php."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en SourceCodester CASAP Automated Enrollment System versión v1.0 permite a atacantes remotos inyectar script web o HTML arbitrario por medio del parámetro class_name del archivo update_class.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:casap_automated_enrollment_system_project:casap_automated_enrollment_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"AFA6FCDF-214D-46B9-BDC4-32B296AC4920"}]}]}],"references":[{"url":"https://github.com/BigTiger2020/CASAP-Automated-Enrollment-System/blob/main/CASAP-Automated-Enrollment-System-6.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/BigTiger2020/CASAP-Automated-Enrollment-System/blob/main/CASAP-Automated-Enrollment-System-6.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-31655","sourceIdentifier":"cve@mitre.org","published":"2021-08-10T13:15:06.907","lastModified":"2026-07-09T01:16:53.023","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en TRENDnet TV-IP110WN versiones V1.2.2.64 V1.2.2.65 V1.2.2.68, por medio del parámetro profile. en una petición GET en el archivo view.cgi"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.64:*:*:*:*:*:*:*","matchCriteriaId":"161D56B3-F235-426F-8E4A-3510BA0EED35"},{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.65:*:*:*:*:*:*:*","matchCriteriaId":"E98551F5-7A47-4063-9418-A9170DBA8EA1"},{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tv-ip110wn_firmware:1.2.2.68:*:*:*:*:*:*:*","matchCriteriaId":"D4EEA19C-8709-4C10-B300-B3356A279C16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:trendnet:tv-ip110wn:-:*:*:*:*:*:*:*","matchCriteriaId":"5353AAB6-C1A0-4425-8CEC-C5EB3E79F05B"}]}]}],"references":[{"url":"https://github.com/yinfeidi/Vuls/blob/main/TRENDnet%20TV-IP110WN/CVE-2021-31655.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/yinfeidi/Vuls/blob/main/TRENDnet%20TV-IP110WN/CVE-2021-31655.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37345","sourceIdentifier":"cve@mitre.org","published":"2021-08-13T12:15:07.040","lastModified":"2026-07-09T01:16:59.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios XI before version 5.8.5 is vulnerable to local privilege escalation because xi-sys.cfg is being imported from the var directory for some scripts with elevated permissions."},{"lang":"es","value":"Nagios XI versiones anteriores a 5.8.5, es vulnerable a una escalada de privilegios local porque el archivo xi-sys.cfg está siendo importado desde el directorio var para algunos scripts con permisos elevados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndExcluding":"5.8.5","matchCriteriaId":"16C2735A-6289-4DA5-B50A-E98B837C8B9B"}]}]}],"references":[{"url":"https://www.nagios.com/downloads/nagios-xi/change-log/","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-xi/change-log/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-20345","sourceIdentifier":"cve@mitre.org","published":"2021-09-01T22:15:07.553","lastModified":"2026-07-09T00:16:52.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"WTCMS 1.0 contains a reflective cross-site scripting (XSS) vulnerability in the page management background which allows attackers to obtain cookies via a crafted payload entered into the search box."},{"lang":"es","value":"WTCMS versión 1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflectante en el fondo de administración de páginas que permite a atacantes obtener cookies por medio de una carga útil diseñada introducida en el cuadro de búsqueda"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wtcms_project:wtcms:1.0:*:*:*:*:*:*:*","matchCriteriaId":"88268C15-5ACD-40A6-940B-F5245F136F18"}]}]}],"references":[{"url":"https://github.com/taosir/wtcms","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/taosir/wtcms/issues/10","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/taosir/wtcms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/taosir/wtcms/issues/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-33289","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T14:15:11.617","lastModified":"2026-07-09T01:16:54.930","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."},{"lang":"es","value":"En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra una sección MFT especialmente manipulada en una imagen NTFS, puede producirse un desbordamiento del búfer de la pila y permitir la ejecución de código"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-35268","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T14:15:11.670","lastModified":"2026-07-09T01:16:56.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges."},{"lang":"es","value":"En NTFS-3G versiones anteriores a 2021.8.22, cuando es cargado un inodo NTFS especialmente diseñado en la función ntfs_inode_real_open, puede ocurrir un desbordamiento del búfer de la pila, permitiendo una ejecución de código y una escalada de privilegios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-02T21:30:39.928123Z","id":"CVE-2021-35268","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-35269","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T14:15:11.723","lastModified":"2026-07-09T01:16:56.217","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute from the MFT is setup in the function ntfs_attr_setup_flag, a heap buffer overflow can occur allowing for code execution and escalation of privileges."},{"lang":"es","value":"NTFS-3G versiones anteriores a 2021.8.22, cuando un atributo NTFS especialmente diseñado de la MFT es configurado en la función ntfs_attr_setup_flag, un desbordamiento de búfer de la pila puede ocurrir permitiendo una ejecución de código y una escalada de privilegios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-33286","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T15:15:07.597","lastModified":"2026-07-09T01:16:54.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution."},{"lang":"es","value":"En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra una cadena unicode especialmente diseñada en una imagen NTFS puede ocurrir un desbordamiento del búfer de la pila y permitir la ejecución de código"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-33287","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T15:15:07.647","lastModified":"2026-07-09T01:16:54.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application."},{"lang":"es","value":"En NTFS-3G versiones anteriores a 2021.8.22, cuando se leen atributos NTFS especialmente diseñados en la función ntfs_attr_pread_i, puede ocurrir un desbordamiento del búfer de la pila y permitir la escritura en memoria arbitraria o la denegación de servicio de la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-03T14:49:15.449435Z","id":"CVE-2021-33287","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-35266","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T15:15:07.707","lastModified":"2026-07-09T01:16:55.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution."},{"lang":"es","value":"En NTFS-3G versiones anteriores a 2021.8.22, cuando se suministra un nombre de ruta de inodo NTFS especialmente diseñado en una imagen NTFS, puede ocurrir un desbordamiento del búfer de la pila, resultando en una divulgación de memoria, una denegación de servicio e incluso una ejecución de código"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-35267","sourceIdentifier":"cve@mitre.org","published":"2021-09-07T15:15:07.757","lastModified":"2026-07-09T01:16:55.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NTFS-3G versions < 2021.8.22, a stack buffer overflow can occur when correcting differences in the MFT and MFTMirror allowing for code execution or escalation of privileges when setuid-root."},{"lang":"es","value":"NTFS-3G versiones anteriores a 2021.8.22, puede ocurrir un desbordamiento del búfer de la pila cuando son corregidas las diferencias en el MFT y el MFTMirror, permitiendo una ejecución de código o una escalada de privilegios cuando es setuid-root"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","baseScore":6.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tuxera:ntfs-3g:*:*:*:*:*:*:*:*","versionEndExcluding":"2021.8.22","matchCriteriaId":"CBE087A1-98D1-4F40-9CC9-D90116B23E0C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"DEECE5FC-CACF-4496-A3E7-164736409252"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*","matchCriteriaId":"E460AA51-FCDA-46B9-AE97-E6676AA5E194"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2021/08/30/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2021/11/msg00013.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/766ISTT3KCARKFUIQT7N6WV6T63XOKG3/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HSEKTKHO5HFZHWZNJNBJZA56472KRUZI/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202301-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.debian.org/security/2021/dsa-4971","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36581","sourceIdentifier":"cve@mitre.org","published":"2021-09-14T12:15:09.847","lastModified":"2026-07-09T01:16:57.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Kooboo CMS 2.1.1.0 is vulnerable to Insecure file upload. It is possible to upload any file extension to the server. The server does not verify the extension of the file and the tester was able to upload an aspx to the server."},{"lang":"es","value":"Kooboo CMS versión 2.1.1.0, es vulnerable a una carga No Segura de archivos. Es posible subir cualquier extensión de archivo al servidor. El servidor no verifica la extensión del archivo y el probador fue capaz de subir un aspx al servidor"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kooboo:kooboo_cms:2.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2EBCB715-6C71-40FF-A7B3-798CB188B446"}]}]}],"references":[{"url":"https://github.com/l00neyhacker/CVE-2021-36581/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/l00neyhacker/CVE-2021-36581/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36582","sourceIdentifier":"cve@mitre.org","published":"2021-09-14T12:15:09.953","lastModified":"2026-07-09T01:16:57.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can be simply triggered by browsing that URL."},{"lang":"es","value":"En Kooboo CMS versión 2.1.1.0, es posible subir un shell remoto (por ejemplo, aspx) al servidor y luego llamarlo para recibir un shell inverso del servidor víctima. Los archivos se suben a /Content/Template/root/reverse-shell.aspx y pueden desencadenarse simplemente navegando por esa URL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kooboo:kooboo_cms:2.1.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2EBCB715-6C71-40FF-A7B3-798CB188B446"}]}]}],"references":[{"url":"https://github.com/l00neyhacker/CVE-2021-36582","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/l00neyhacker/CVE-2021-36582","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40639","sourceIdentifier":"cve@mitre.org","published":"2021-09-15T22:15:10.917","lastModified":"2026-07-09T01:17:01.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js."},{"lang":"es","value":"Un control de acceso inapropiado en Jfinal CMS versión 5.1.0, permite a atacantes acceder a información confidencial por medio del archivo /classes/conf/db.properties&amp;config=filemanager.config.js"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jflyfox:jfinal_cms:5.1.0:*:*:*:*:*:*:*","matchCriteriaId":"9B33E946-BD15-449C-B736-013773A64DF6"}]}]}],"references":[{"url":"https://github.com/jflyfox/jfinal_cms","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jflyfox/jfinal_cms/issues/27","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jflyfox/jfinal_cms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jflyfox/jfinal_cms/issues/27","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21468","sourceIdentifier":"cve@mitre.org","published":"2021-09-20T16:15:09.507","lastModified":"2026-07-09T00:16:53.863","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7."},{"lang":"es","value":"** EN DISPUTA ** Un fallo de segmentación en el componente redis-server de Redis 5.0.7 conduce a una denegación de servicio (DOS). NOTA: el proveedor no puede reproducir este problema en una versión liberada, como la 5.0.7"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-11T14:23:43.744637Z","id":"CVE-2020-21468","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redislabs:redis:5.0.7:*:*:*:*:*:*:*","matchCriteriaId":"8FAAED39-16B2-4896-9FC2-509A577EC49F"}]}]}],"references":[{"url":"https://github.com/antirez/redis/issues/6633","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/antirez/redis/issues/6633","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21228","sourceIdentifier":"cve@mitre.org","published":"2021-10-01T21:15:07.890","lastModified":"2026-07-09T00:16:53.733","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JIZHICMS 1.5.1 contains a cross-site scripting (XSS) vulnerability in the component /user/release.html, which allows attackers to arbitrarily add an administrator cookie."},{"lang":"es","value":"JIZHICMS versión 1.5.1, contiene una vulnerabilidad de tipo cross-site scripting (XSS) en el componente /user/release.html, que permite a atacantes añadir arbitrariamente una cookie de administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jizhicms:jizhicms:1.5.1:*:*:*:*:*:*:*","matchCriteriaId":"DECD3616-2085-4ECC-9074-66DBD7029015"}]}]}],"references":[{"url":"https://github.com/Cherry-toto/jizhicms","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Cherry-toto/jizhicms/issues/16","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Cherry-toto/jizhicms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Cherry-toto/jizhicms/issues/16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37223","sourceIdentifier":"cve@mitre.org","published":"2021-10-05T12:15:07.853","lastModified":"2026-07-09T01:16:58.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the NagiosXI application. Due to lack of input sanitisation, the target page can be replaced with an SSRF payload to access internal resources or disclose local system files."},{"lang":"es","value":"Nagios Enterprises NagiosXI versiones anteriores a 5.8.4 incluyéndola, contiene una vulnerabilidad de tipo Server-Side Request Forgery (SSRF) en el archivo schedulereport.php. Cualquier usuario autenticado puede crear informes programados que contengan capturas de pantalla en PDF de cualquier visualización de la aplicación NagiosXI. Debido a una falta de saneo de entrada, la página de destino puede ser reemplazada con un payload de tipo SSRF para acceder a recursos internos o divulgar archivos locales del sistema"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndIncluding":"5.8.4","matchCriteriaId":"A557C416-195B-4B17-B66B-CC7C8C0AF923"}]}]}],"references":[{"url":"https://www.nagios.com/downloads/nagios-xi/change-log/","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-xi/change-log/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29004","sourceIdentifier":"cve@mitre.org","published":"2021-10-11T12:15:07.587","lastModified":"2026-07-09T01:16:50.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely."},{"lang":"es","value":"rConfig versión 3.9.6, está afectado por una inyección SQL. Un usuario debe estar autenticado para explotar la vulnerabilidad. Si --secure-file-priv en el servidor MySQL no está configurado y el servidor Mysql es el mismo que rConfig, un atacante puede cargar con éxito un webshell en el servidor y acceder a él de forma remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rconfig:rconfig:3.9.6:*:*:*:*:*:*:*","matchCriteriaId":"EE354F1A-34B3-459F-8C80-CBC86C9746B7"}]}]}],"references":[{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29004-POC-req.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://rconfig.com","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29004-POC-req.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://rconfig.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-29005","sourceIdentifier":"cve@mitre.org","published":"2021-10-11T13:15:07.323","lastModified":"2026-07-09T01:16:50.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server."},{"lang":"es","value":"Se presenta un permiso no seguro del comando chmod en el servidor rConfig versión 3.9.6. Después de instalar rConfig el usuario de apache puede ejecutar chmod como root sin contraseña, que puede permitir a un atacante con bajo privilegio conseguir acceso de root en el servidor"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rconfig:rconfig:3.9.6:*:*:*:*:*:*:*","matchCriteriaId":"EE354F1A-34B3-459F-8C80-CBC86C9746B7"}]}]}],"references":[{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29005-POC.sh","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29005-POC.sh","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-29006","sourceIdentifier":"cve@mitre.org","published":"2021-10-11T13:15:07.370","lastModified":"2026-07-09T01:16:50.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An authenticated user may successfully download any file on the server."},{"lang":"es","value":"rConfig versión 3.9.6, está afectado por una vulnerabilidad de divulgación de archivos locales. Un usuario autenticado puede descargar con éxito cualquier archivo en el servidor"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rconfig:rconfig:3.9.6:*:*:*:*:*:*:*","matchCriteriaId":"EE354F1A-34B3-459F-8C80-CBC86C9746B7"}]}]}],"references":[{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29006-POC.py","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/mrojz/rconfig-exploit/blob/main/CVE-2021-29006-POC.py","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-19961","sourceIdentifier":"cve@mitre.org","published":"2021-10-14T15:15:08.683","lastModified":"2026-07-09T00:16:51.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the component subzs.php."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de inyección SQL en zz cms versión 2019, que permite a atacantes recuperar datos confidenciales por medio del componente subzs.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zzcms:zzcms:2019:*:*:*:*:*:*:*","matchCriteriaId":"B5CA483C-9AA7-4EF9-B3D1-64AB6EC41BA0"}]}]}],"references":[{"url":"https://github.com/forget-code/zzcms","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/zhuxianjin/vuln_repo/blob/master/zzcms2019%20SQL%20injection%20vulnerability%20in%20subzs.php.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/forget-code/zzcms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/zhuxianjin/vuln_repo/blob/master/zzcms2019%20SQL%20injection%20vulnerability%20in%20subzs.php.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-19964","sourceIdentifier":"cve@mitre.org","published":"2021-10-14T15:15:08.767","lastModified":"2026-07-09T00:16:51.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross Site Request Forgery (CSRF) vulnerability was discovered in PHPMyWind 5.6 which allows attackers to create a new administrator account without authentication."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) en PHPMyWind versión 5.6, que permite a atacantes crear una nueva cuenta de administrador sin autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpmywind:phpmywind:5.6:*:*:*:*:*:*:*","matchCriteriaId":"7B3A030C-77BA-4095-9EFC-7B1109E570CB"}]}]}],"references":[{"url":"https://github.com/gaozhifeng/PHPMyWind","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/gaozhifeng/PHPMyWind/issues/9","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/gaozhifeng/PHPMyWind","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/gaozhifeng/PHPMyWind/issues/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36512","sourceIdentifier":"cve@mitre.org","published":"2021-10-19T12:15:07.583","lastModified":"2026-07-09T01:16:57.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in function scanallsubs in src/sbbs3/scansubs.cpp in Synchronet BBS, which may allow attackers to view sensitive information due to an uninitialized value."},{"lang":"es","value":"Se ha detectado un problema en la función scanallsubs en el archivo src/sbbs3/scansubs.cpp en Synchronet BBS, que puede permitir a atacantes visualizar información confidencial debido a un valor no inicializado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synchro:bulletin_board_system:-:*:*:*:*:*:*:*","matchCriteriaId":"900D7C0C-0842-406B-B047-AA3B3B80DA90"}]}]}],"references":[{"url":"https://gitlab.synchro.net/main/sbbs/-/issues/276","source":"cve@mitre.org","tags":["Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://gitlab.synchro.net/main/sbbs/-/issues/276","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-23546","sourceIdentifier":"cve@mitre.org","published":"2021-10-28T22:15:07.610","lastModified":"2026-07-09T00:16:59.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IrfanView 4.54 allows attackers to cause a denial of service or possibly other unspecified impacts via a crafted XBM file, related to a \"Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at FORMATS!ReadMosaic+0x0000000000000981."},{"lang":"es","value":"IrfanView versión 4.54, permite a atacantes causar una denegación de servicio o posiblemente otros impactos no especificados por medio de un archivo XBM diseñado, relacionado con \"Los Datos de la Dirección de Fallo es usado como uno o más argumentos en una Llamada de Función posterior comenzando en FORMATS!ReadMosaic+0x0000000000000981\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:irfanview:irfanview:4.54:*:*:*:*:*:x86:*","matchCriteriaId":"83D5FCFF-4A03-48F9-9231-FFF0AFA552E3"}]}]}],"references":[{"url":"https://github.com/nhiephon/Research/blob/master/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.irfanview.com/plugins.htm","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/nhiephon/Research/blob/master/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.irfanview.com/plugins.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-31624","sourceIdentifier":"cve@mitre.org","published":"2021-10-29T11:15:08.383","lastModified":"2026-07-09T01:16:52.767","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the urls parameter."},{"lang":"es","value":"Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro urls"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.03.06.42_multi","matchCriteriaId":"BB151239-C968-4822-BC79-E8F44055D3FA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*","matchCriteriaId":"CA49FEFD-41B5-4038-883D-989AB85D6CF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.03.05.19\\(6318\\)","matchCriteriaId":"EB7D423D-053F-47CC-9BD2-676B60BB86DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac9:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B3E3CCB3-34B7-4904-9C38-48CA34E44C84"}]}]}],"references":[{"url":"https://github.com/Lyc-heng/routers/blob/main/routers/stack2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Lyc-heng/routers/blob/main/routers/stack2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-31627","sourceIdentifier":"cve@mitre.org","published":"2021-10-29T11:15:08.433","lastModified":"2026-07-09T01:16:52.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.19(6318), and AC9 V3.0 V15.03.06.42_multi, allows attackers to execute arbitrary code via the index parameter."},{"lang":"es","value":"Una vulnerabilidad de desbordamiento del búfer en Tenda versiones AC9 V1.0 hasta V15.03.05.19(6318), y AC9 V3.0 V15.03.06.42_multi, permite a atacantes ejecutar código arbitrario por medio del parámetro index"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.03.06.42_multi","matchCriteriaId":"BB151239-C968-4822-BC79-E8F44055D3FA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac9:3.0:*:*:*:*:*:*:*","matchCriteriaId":"CA49FEFD-41B5-4038-883D-989AB85D6CF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac9_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"15.03.05.19\\(6318\\)","matchCriteriaId":"EB7D423D-053F-47CC-9BD2-676B60BB86DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac9:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B3E3CCB3-34B7-4904-9C38-48CA34E44C84"}]}]}],"references":[{"url":"https://github.com/Lyc-heng/routers/blob/main/routers/stack3.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Lyc-heng/routers/blob/main/routers/stack3.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25912","sourceIdentifier":"cve@mitre.org","published":"2021-10-31T19:15:09.857","lastModified":"2026-07-09T00:17:02.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A XML External Entity (XXE) vulnerability was discovered in symphony\\lib\\toolkit\\class.xmlelement.php in Symphony 2.7.10 which can lead to an information disclosure or denial of service (DOS)."},{"lang":"es","value":"Se detectó una vulnerabilidad de entidad externa XML (XXE) en el archivo symphony\\lib\\toolkit\\class.xmlelement.php en Symphony versión 2.7.10, que puede conllevar a una divulgación de información o denegación de servicio (DOS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:getsymphony:symphony:2.7.10:*:*:*:*:*:*:*","matchCriteriaId":"19FE5DB3-D579-431F-A470-4B9BDDD7BB21"}]}]}],"references":[{"url":"https://github.com/symphonycms/symphonycms/issues/2924","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/symphonycms/symphonycms/issues/2924","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-33259","sourceIdentifier":"cve@mitre.org","published":"2021-10-31T19:15:09.920","lastModified":"2026-07-09T01:16:54.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users' DNS query history."},{"lang":"es","value":"Varias interfaces web en D-Link DIR-868LW versión 1.12b, no tienen requisitos de autenticación para el acceso, lo que permite a atacantes obtener el historial de consultas de DNS de los usuarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:d-link:dir-868lw_firmware:1.12b:*:*:*:*:*:*:*","matchCriteriaId":"F16FC448-2DEB-4655-9AA9-EFF0591B2353"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-868lw:-:*:*:*:*:*:*:*","matchCriteriaId":"43B5B770-C4F2-4663-814D-C85CDE086192"}]}]}],"references":[{"url":"https://github.com/jayus0821/uai-poc/blob/main/D-Link/DIR-868L/webaccess_UAI.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/jayus0821/uai-poc/blob/main/D-Link/DIR-868L/webaccess_UAI.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2021-25874","sourceIdentifier":"cve@mitre.org","published":"2021-11-01T12:15:07.970","lastModified":"2026-07-09T01:16:47.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior is affected by a SQL Injection SQL injection in the catName parameter which allows a remote unauthenticated attacker to retrieve databases information such as application passwords hashes."},{"lang":"es","value":"AVideo/YouPHPTube versiones 10.0 y anteriores, están afectados por una inyección SQL en el parámetro catName que permite a un atacante remoto no autenticado recuperar información de bases de datos como los hashes de las contraseñas de la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youphptube:youphptube:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0","matchCriteriaId":"ED39052A-E240-4EDB-88FD-B653C8101499"}]}]}],"references":[{"url":"https://synacktiv.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://synacktiv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-25875","sourceIdentifier":"cve@mitre.org","published":"2021-11-01T12:15:08.020","lastModified":"2026-07-09T01:16:47.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo/YouPHPTube AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the searchPhrase parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator."},{"lang":"es","value":"AVideo/YouPHPTube versiones 10.0 y anteriores, presentan múltiples vulnerabilidades de tipo Cross Script Scripting reflejado por medio del parámetro searchPhrase que permite a un atacante remoto robar las cookies de sesión de los administradores o llevar a cabo acciones como administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youphptube:youphptube:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0","matchCriteriaId":"ED39052A-E240-4EDB-88FD-B653C8101499"}]}]}],"references":[{"url":"https://synacktiv.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://synacktiv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-25876","sourceIdentifier":"cve@mitre.org","published":"2021-11-01T12:15:08.060","lastModified":"2026-07-09T01:16:47.797","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo/YouPHPTube 10.0 and prior has multiple reflected Cross Script Scripting vulnerabilities via the u parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator."},{"lang":"es","value":"AVideo/YouPHPTube versiones 10.0 y anteriores, presentan múltiples vulnerabilidades de tipo Cross Script Scripting reflejado por medio del parámetro u que permite a un atacante remoto robar las cookies de sesión de los administradores o llevar a cabo acciones como administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youphptube:youphptube:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0","matchCriteriaId":"ED39052A-E240-4EDB-88FD-B653C8101499"}]}]}],"references":[{"url":"https://synacktiv.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://synacktiv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-25877","sourceIdentifier":"cve@mitre.org","published":"2021-11-01T12:15:08.100","lastModified":"2026-07-09T01:16:47.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged user is able to write files on filesystem using flag and code variables in file save.php."},{"lang":"es","value":"AVideo/YouPHPTube versiones 10.0 y anteriores, están afectados por la escritura no segura de archivos. Un usuario con privilegios de administrador puede escribir archivos en el sistema de archivos usando variables de flag y código en el archivo save.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youphptube:youphptube:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0","matchCriteriaId":"ED39052A-E240-4EDB-88FD-B653C8101499"}]}]}],"references":[{"url":"https://synacktiv.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://synacktiv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-25878","sourceIdentifier":"cve@mitre.org","published":"2021-11-01T12:15:08.143","lastModified":"2026-07-09T01:16:48.023","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo/YouPHPTube 10.0 and prior is affected by multiple reflected Cross Script Scripting vulnerabilities via the videoName parameter which allows a remote attacker to steal administrators' session cookies or perform actions as an administrator."},{"lang":"es","value":"AVideo/YouPHPTube versiones 10.0 y anteriores, están afectados por múltiples vulnerabilidades de tipo Cross Script Scripting reflejado por medio del parámetro videoName que permite a un atacante remoto robar las cookies de sesión de los administradores o llevar a cabo acciones como administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youphptube:youphptube:*:*:*:*:*:*:*:*","versionEndIncluding":"10.0","matchCriteriaId":"ED39052A-E240-4EDB-88FD-B653C8101499"}]}]}],"references":[{"url":"https://synacktiv.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"cve@mitre.org","tags":["Exploit","Vendor Advisory"]},{"url":"https://synacktiv.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.synacktiv.com/sites/default/files/2021-01/YouPHPTube_Multiple_Vulnerabilities.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-27406","sourceIdentifier":"cve@mitre.org","published":"2021-11-02T11:15:07.877","lastModified":"2026-07-09T01:16:41.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in DynPG 4.9.1, allows authenticated attackers to execute arbitrary code via the groupname."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en DynPG versión 4.9.1, permite a atacantes autenticados ejecutar código arbitrario por medio de groupname"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dynpg:dynpg:4.9.1:*:*:*:*:*:*:*","matchCriteriaId":"D5ABABC6-8420-47E8-918C-AEF1112EE64D"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/48865","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/48865","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-36697","sourceIdentifier":"cve@mitre.org","published":"2021-11-03T12:15:07.643","lastModified":"2026-07-09T01:16:58.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"With an admin account, the .htaccess file in Artica Pandora FMS <=755 can be overwritten with the File Manager component. The new .htaccess file contains a Rewrite Rule with a type definition. A normal PHP file can be uploaded with this new \"file type\" and the code can be executed with an HTTP request."},{"lang":"es","value":"Con una cuenta de administrador, el fichero .htaccess en Artica Pandora FMS versiones anteriores a 755 incluyéndola, puede ser sobrescrito con el componente File Manager. El nuevo fichero .htaccess contiene una Regla de Reescritura con una definición de tipo. Un archivo PHP normal puede ser cargado con este nuevo \"file type\" y el código puede ser ejecutado con una petición HTTP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:*","versionEndIncluding":"755","matchCriteriaId":"54FE731D-679E-4264-A9F9-282F104696E0"}]}]}],"references":[{"url":"https://k4m1ll0.com/chained_exploit_htaccess.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://k4m1ll0.com/chained_exploit_htaccess.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36698","sourceIdentifier":"cve@mitre.org","published":"2021-11-03T12:15:07.687","lastModified":"2026-07-09T01:16:58.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Pandora FMS through 755 allows XSS via a new Event Filter with a crafted name."},{"lang":"es","value":"Pandora FMS versiones hasta 755, permite un ataque de tipo XSS por medio de un nuevo Filtro de Eventos con un nombre diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:*","versionEndIncluding":"755","matchCriteriaId":"54FE731D-679E-4264-A9F9-282F104696E0"}]}]}],"references":[{"url":"https://k4m1ll0.com/chained_exploit_htaccess.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://k4m1ll0.com/chained_exploit_htaccess.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-25367","sourceIdentifier":"cve@mitre.org","published":"2021-11-04T10:15:07.673","lastModified":"2026-07-09T00:17:01.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de inyección de comandos en el protocolo HNAP1 de los dispositivos D-Link DIR-823G con firmware V1.0.2B05. Un atacante es capaz de ejecutar scripts web arbitrarios por medio de metacaracteres de shell en el campo Captcha para iniciar sesión"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-823g_firmware:1.0.2b05:*:*:*:*:*:*:*","matchCriteriaId":"14A8546A-7F37-43D2-AD1E-DF65C6734057"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-823g:-:*:*:*:*:*:*:*","matchCriteriaId":"67B980AA-84BE-4D22-B4E7-7B2DBF571B65"}]}]}],"references":[{"url":"https://github.com/sek1th/iot/blob/master/dir823g_3.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Not Applicable","Vendor Advisory"]},{"url":"https://github.com/sek1th/iot/blob/master/dir823g_3.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-25366","sourceIdentifier":"cve@mitre.org","published":"2021-11-04T11:15:07.537","lastModified":"2026-07-09T00:17:01.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors."},{"lang":"es","value":"Un problema en el componente /cgi-bin/upload_firmware.cgi de D-Link DIR-823G REVA1 versión 1.02B05 permite a atacantes causar una denegación de servicio (DoS) por medio de vectores no especificados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":7.8,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*","matchCriteriaId":"359D06ED-7E8E-40E5-84A4-27F1693820E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-823g:a1:*:*:*:*:*:*:*","matchCriteriaId":"EF303ADD-7BAC-4D2A-B644-D03B23F76DDB"}]}]}],"references":[{"url":"https://github.com/sek1th/iot/blob/master/dir823g_upfw_dos.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/sek1th/iot/blob/master/dir823g_upfw_dos.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-25368","sourceIdentifier":"cve@mitre.org","published":"2021-11-04T11:15:07.583","lastModified":"2026-07-09T00:17:01.723","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de inyección de comandos en el protocolo HNAP1 de los dispositivos D-Link DIR-823G con firmware V1.0.2B05. Un atacante puede ejecutar scripts web arbitrarios por medio de metacaracteres de shell en el campo PrivateLogin para iniciar sesión"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-823g_firmware:1.02b05:*:*:*:*:*:*:*","matchCriteriaId":"359D06ED-7E8E-40E5-84A4-27F1693820E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-823g:a1:*:*:*:*:*:*:*","matchCriteriaId":"EF303ADD-7BAC-4D2A-B644-D03B23F76DDB"}]}]}],"references":[{"url":"https://github.com/sek1th/iot/blob/master/dir-823g_2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/sek1th/iot/blob/master/dir-823g_2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-42237","sourceIdentifier":"cve@mitre.org","published":"2021-11-05T10:15:08.240","lastModified":"2026-07-09T13:57:14.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Sitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achieve remote command execution on the machine. No authentication or special configuration is required to exploit this vulnerability."},{"lang":"es","value":"Sitecore XP Versión Inicial 7.5 a Sitecore XP 8.2 Update-7, es vulnerable a un ataque de deserialización no segura donde es posible lograr una ejecución de comandos remotos en la máquina. No es requerida ninguna autenticación ni configuración especial para explotar esta vulnerabilidad"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-03T14:09:16.771279Z","id":"CVE-2021-42237","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2022-03-25","cisaActionDue":"2022-04-15","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"Sitecore XP Remote Command Execution Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:7.5:-:*:*:*:*:*:*","matchCriteriaId":"7DA5CB16-F850-41CC-9629-22A27A7D116B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:7.5:update1:*:*:*:*:*:*","matchCriteriaId":"ADC6C446-A985-465A-9FBE-5FCEE9C6CBD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:7.5:update2:*:*:*:*:*:*","matchCriteriaId":"DB23F608-4B01-4D54-8A1E-E15BEE609FA2"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:-:*:*:*:*:*:*","matchCriteriaId":"BE208FB9-A66E-4073-AD2F-DC56FDBDE127"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:sp1:*:*:*:*:*:*","matchCriteriaId":"F6454C19-10B4-48C3-A263-9334E594164B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update1:*:*:*:*:*:*","matchCriteriaId":"E192728C-7ED3-4A49-953E-E123160965F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update2:*:*:*:*:*:*","matchCriteriaId":"B59B52C9-788F-4F31-9426-001AEFAEB8F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update3:*:*:*:*:*:*","matchCriteriaId":"E4D47317-4E1F-4C2E-BD56-960BFD6947BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update4:*:*:*:*:*:*","matchCriteriaId":"D36C9AB3-B22F-4C47-B92D-03D95E3C8137"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update5:*:*:*:*:*:*","matchCriteriaId":"F2DC3A72-1BAE-44C6-877A-8AC4398425A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update6:*:*:*:*:*:*","matchCriteriaId":"FB53F79E-FA06-423C-B9BC-96AF052726B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.0:update7:*:*:*:*:*:*","matchCriteriaId":"08DD78DD-3686-48C9-A896-CF1CFDD2FCBC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.1:-:*:*:*:*:*:*","matchCriteriaId":"C9362ED8-9012-4771-BED2-501921784E5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.1:update1:*:*:*:*:*:*","matchCriteriaId":"47CB90D7-CC2C-4A5C-99DC-5C52A4A3E188"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.1:update2:*:*:*:*:*:*","matchCriteriaId":"17E8CD1F-2D60-4E4A-BAA4-80165910058B"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.1:update3:*:*:*:*:*:*","matchCriteriaId":"B2B4B37E-265B-40BB-ADD9-856F751322C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:-:*:*:*:*:*:*","matchCriteriaId":"65E69221-68EE-4D8F-829B-12C96C197C0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update1:*:*:*:*:*:*","matchCriteriaId":"218E38E2-FBF3-4E75-8507-5BD425FA4F81"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update2:*:*:*:*:*:*","matchCriteriaId":"6C754113-6D8E-4B0D-872C-266088B27362"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update3:*:*:*:*:*:*","matchCriteriaId":"AA0A84E9-0B8D-4755-AF70-59207CEDCC08"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update4:*:*:*:*:*:*","matchCriteriaId":"2F73BF18-6D89-4663-AA37-56FC976A0EE8"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update5:*:*:*:*:*:*","matchCriteriaId":"D7CDCFB0-9C38-46CA-A2C3-6A18F4B9A224"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update6:*:*:*:*:*:*","matchCriteriaId":"496F293C-F7ED-411A-8498-9B93FDC350C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:sitecore:experience_platform:8.2:update7:*:*:*:*:*:*","matchCriteriaId":"402BC64F-A66E-426B-ACB9-F65AB857006B"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/164988/Sitecore-Experience-Platform-XP-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.assetnote.io/2021/11/02/sitecore-rce/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/164988/Sitecore-Experience-Platform-XP-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blog.assetnote.io/2021/11/02/sitecore-rce/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1000776","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42237","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2021-3380","sourceIdentifier":"cve@mitre.org","published":"2021-11-10T17:15:10.807","lastModified":"2026-07-09T01:17:01.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to disclose sensitive information via the Print Invoice Functionality."},{"lang":"es","value":"Una vulnerabilidad de referencia directa a objetos insegura (IDOR) en ICREM H8 SSRMS permite a atacantes revelar información confidencial por medio de la funcionalidad Print Invoice"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:height8tech:h8_ssrms:-:*:*:*:*:*:*:*","matchCriteriaId":"536A26E5-73E3-4FF7-8779-B483784E36F2"}]}]}],"references":[{"url":"http://www.height8tech.com/carrier-grade-OSS-BSS.php","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/49508","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://www.height8tech.com/carrier-grade-OSS-BSS.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/49508","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-41653","sourceIdentifier":"cve@mitre.org","published":"2021-11-13T15:15:08.110","lastModified":"2026-07-09T01:17:03.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field."},{"lang":"es","value":"La función PING en el router TP-Link TL-WR840N EU versión v5 con firmware hasta TL-WR840N(EU)_V5_171211, es vulnerable a una ejecución de código remota por medio de una carga útil diseñada en un campo de entrada de dirección IP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr840n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"tl-wr840n\\(eu\\)_v5_171211","matchCriteriaId":"9C5797B1-0F68-4A32-8A79-10594D4F00BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr840n:v5:*:*:*:*:*:*:*","matchCriteriaId":"0271F8CB-EBF1-4E64-B51B-349997A8AED2"}]}]}],"references":[{"url":"https://k4m1ll0.com/cve-2021-41653.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tp-link.com/us/press/security-advisory/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://k4m1ll0.com/cve-2021-41653.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tp-link.com/us/press/security-advisory/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-41435","sourceIdentifier":"cve@mitre.org","published":"2021-11-19T12:15:09.330","lastModified":"2026-07-09T01:17:02.653","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A brute-force protection bypass in CAPTCHA protection in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote attacker to attempt any number of login attempts via sending a specific HTTP request."},{"lang":"es","value":"Una omisión de protección por fuerza bruta en la protección CAPTCHA en ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) versiones anteriores a 3.0.4.386. 0.0.4.386.45898, y RT-AX68U versiones anteriores a 3.0.0.4.386.45911, permite a un atacante remoto intentar cualquier número de intentos de inicio de sesión por medio del envío de una petición HTTP específica"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"E5B16842-6E75-42F9-BED2-37966FB900FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*","matchCriteriaId":"CC02F598-C10E-4C77-9BE9-CB3660893C5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"604BBFB4-FF96-46F9-B407-C3D9CBE73BE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*","matchCriteriaId":"1515AF83-732F-489B-A25C-5D67A03A3B25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"E0BBE7AA-081C-48A7-AAC1-481538AEFECA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*","matchCriteriaId":"B8F27D4F-EDC4-4676-8C66-545378850BF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"36430A0B-7A71-4FB2-9159-6EE9C8B7DADE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*","matchCriteriaId":"4D747097-702E-4046-9723-01A586336534"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax56u_v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"B24819D6-17F8-4ABD-8F85-DBB1C559759D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*","matchCriteriaId":"FFFF5EF7-E4EC-4DA0-82B4-9996087B951F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"FD025F49-2590-4E99-9D63-9A5A28BF4B1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*","matchCriteriaId":"855509B2-CE29-4A04-B412-C160139EA392"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"88B9EE48-348F-4358-B89B-35F111466254"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*","matchCriteriaId":"8D118305-CAFD-425F-8352-3B241D2E7702"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"0364A944-662E-4074-AA9A-3ACAB7A79888"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"23A62A40-F182-48D2-B6BA-B39632A5E92A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"0364A944-662E-4074-AA9A-3ACAB7A79888"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"23A62A40-F182-48D2-B6BA-B39632A5E92A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"2D136BA5-1B89-4B27-81E6-A5ED861DF21D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*","matchCriteriaId":"AB28700C-02EB-46D0-9BAD-833CE4790264"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"44ED1540-9D3B-4E1E-867C-B639D7903B02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86s:-:*:*:*:*:*:*:*","matchCriteriaId":"B2FC13C9-ADF3-4ED7-BDE2-FEAEC6248BDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86u_zaku_ii_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"57AB9331-9565-42AC-B5C4-CE8A4849E285"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86u_zaku_ii_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"57414ED4-B1E2-475D-9678-A0675439A80C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"781AB112-C281-4660-B494-36DBB84AF690"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*","matchCriteriaId":"BB91E047-5AE1-4CA0-9E67-84170D79770C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax92u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"6FB2DBB8-8782-418E-8CEB-0041694517F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*","matchCriteriaId":"8EB70155-390A-472E-A0AA-59A18ADD2BF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:tuf_gaming_ax3000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"C5D4B2F3-C4BC-4B68-9D67-261B9EFAA11A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:tuf_gaming_ax3000:-:*:*:*:*:*:*:*","matchCriteriaId":"AF2B2BEB-574D-4D02-B15E-1A6B737B06C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:tuf-ax5400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"A3B3959B-D5FC-4AC1-A8A9-544747178417"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:tuf-ax5400:-:*:*:*:*:*:*:*","matchCriteriaId":"0819A22E-2913-4C13-A67D-6130E10544BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:zenwifi_xd6_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"53F49747-32C4-4B4C-B9C6-90D3948ADABE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:*","matchCriteriaId":"6CEAB3EB-28B7-4FB8-9ECA-3A671B51A776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:zenwifi_ax_\\(xt8\\)_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"24F0C238-58D9-4721-A8B5-CA8C6F8CE445"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:zenwifi_ax_\\(xt8\\):-:*:*:*:*:*:*:*","matchCriteriaId":"6B7599D8-8837-41B3-B25A-002B2E2147DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45911","matchCriteriaId":"5A896450-3FC2-4386-8157-4B1CB2DCA66D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*","matchCriteriaId":"7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC"}]}]}],"references":[{"url":"https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-41436","sourceIdentifier":"cve@mitre.org","published":"2021-11-19T12:15:09.390","lastModified":"2026-07-09T01:17:02.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An HTTP request smuggling in web application in ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) before 3.0.0.4.386.45898, and RT-AX68U before 3.0.0.4.386.45911, allows a remote unauthenticated attacker to DoS via sending a specially crafted HTTP packet."},{"lang":"es","value":"Un contrabando de peticiones HTTP en la aplicación web en ASUS ROG Rapture GT-AX11000, RT-AX3000, RT-AX55, RT-AX56U, RT-AX56U_V2, RT-AX58U, RT-AX82U, RT-AX82U GUNDAM EDITION, RT-AX86 Series(RT-AX86U/RT-AX86S), RT-AX86U ZAKU II EDITION, RT-AX88U, RT-AX92U, TUF Gaming AX3000, TUF Gaming AX5400 (TUF-AX5400), ASUS ZenWiFi XD6, ASUS ZenWiFi AX (XT8) versiones anteriores a 3.0.4.386. 0.0.4.386.45898, y RT-AX68U versiones anteriores a 3.0.0.4.386.45911, permite a un atacante remoto no autenticado hacer DoS por medio del envío de un paquete HTTP especialmente diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"E5B16842-6E75-42F9-BED2-37966FB900FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*","matchCriteriaId":"CC02F598-C10E-4C77-9BE9-CB3660893C5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax3000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"604BBFB4-FF96-46F9-B407-C3D9CBE73BE8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax3000:-:*:*:*:*:*:*:*","matchCriteriaId":"1515AF83-732F-489B-A25C-5D67A03A3B25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"E0BBE7AA-081C-48A7-AAC1-481538AEFECA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*","matchCriteriaId":"B8F27D4F-EDC4-4676-8C66-545378850BF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"36430A0B-7A71-4FB2-9159-6EE9C8B7DADE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*","matchCriteriaId":"4D747097-702E-4046-9723-01A586336534"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax56u_v2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"B24819D6-17F8-4ABD-8F85-DBB1C559759D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax56u_v2:-:*:*:*:*:*:*:*","matchCriteriaId":"FFFF5EF7-E4EC-4DA0-82B4-9996087B951F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"FD025F49-2590-4E99-9D63-9A5A28BF4B1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*","matchCriteriaId":"855509B2-CE29-4A04-B412-C160139EA392"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"88B9EE48-348F-4358-B89B-35F111466254"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*","matchCriteriaId":"8D118305-CAFD-425F-8352-3B241D2E7702"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"0364A944-662E-4074-AA9A-3ACAB7A79888"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"23A62A40-F182-48D2-B6BA-B39632A5E92A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax82u_gundam_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"0364A944-662E-4074-AA9A-3ACAB7A79888"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax82u_gundam_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"23A62A40-F182-48D2-B6BA-B39632A5E92A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"2D136BA5-1B89-4B27-81E6-A5ED861DF21D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*","matchCriteriaId":"AB28700C-02EB-46D0-9BAD-833CE4790264"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86s_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"44ED1540-9D3B-4E1E-867C-B639D7903B02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86s:-:*:*:*:*:*:*:*","matchCriteriaId":"B2FC13C9-ADF3-4ED7-BDE2-FEAEC6248BDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax86u_zaku_ii_edition_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"57AB9331-9565-42AC-B5C4-CE8A4849E285"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax86u_zaku_ii_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"57414ED4-B1E2-475D-9678-A0675439A80C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax88u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"781AB112-C281-4660-B494-36DBB84AF690"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax88u:-:*:*:*:*:*:*:*","matchCriteriaId":"BB91E047-5AE1-4CA0-9E67-84170D79770C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax92u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"6FB2DBB8-8782-418E-8CEB-0041694517F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax92u:-:*:*:*:*:*:*:*","matchCriteriaId":"8EB70155-390A-472E-A0AA-59A18ADD2BF5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:tuf_gaming_ax3000_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"C5D4B2F3-C4BC-4B68-9D67-261B9EFAA11A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:tuf_gaming_ax3000:-:*:*:*:*:*:*:*","matchCriteriaId":"AF2B2BEB-574D-4D02-B15E-1A6B737B06C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:tuf-ax5400_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"A3B3959B-D5FC-4AC1-A8A9-544747178417"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:tuf-ax5400:-:*:*:*:*:*:*:*","matchCriteriaId":"0819A22E-2913-4C13-A67D-6130E10544BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:zenwifi_xd6_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"53F49747-32C4-4B4C-B9C6-90D3948ADABE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:zenwifi_xd6:-:*:*:*:*:*:*:*","matchCriteriaId":"6CEAB3EB-28B7-4FB8-9ECA-3A671B51A776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:zenwifi_ax_\\(xt8\\)_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45898","matchCriteriaId":"24F0C238-58D9-4721-A8B5-CA8C6F8CE445"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:zenwifi_ax_\\(xt8\\):-:*:*:*:*:*:*:*","matchCriteriaId":"6B7599D8-8837-41B3-B25A-002B2E2147DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.386.45911","matchCriteriaId":"5A896450-3FC2-4386-8157-4B1CB2DCA66D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*","matchCriteriaId":"7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC"}]}]}],"references":[{"url":"https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://rog.asus.com/networking/rog-rapture-gt-ax11000-model/helpdesk_bios","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-AX-XT8-/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/Whole-Home-Mesh-WiFi-System/ZenWiFi-WiFi-Systems/ASUS-ZenWiFi-XD6/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX3000/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX56U/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/ASUS-WiFi-Routers/RT-AX68U/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]},{"url":"https://www.asus.com/Networking-IoT-Servers/WiFi-Routers/All-series/RT-AX55/HelpDesk_BIOS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-43687","sourceIdentifier":"cve@mitre.org","published":"2021-12-01T16:15:07.777","lastModified":"2026-07-09T01:17:08.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulnerability in /plugin/jcapture/applet.php if an attacker passes a message hex2bin in the cookie."},{"lang":"es","value":"chamilo-lms versión v1.11.14, está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS) en el archivo /plugin/jcapture/applet.php si un atacante pasa un mensaje hex2bin en la cookie"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo:1.11.14:-:*:*:*:*:*:*","matchCriteriaId":"8A998D3A-C823-4C06-87E1-79A4754233DD"}]}]}],"references":[{"url":"https://github.com/chamilo/chamilo-lms/blob/v1.11.14/plugin/jcapture/applet.php","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/chamilo/chamilo-lms/tree/v1.11.14","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-92-2021-11-12-Low-impact-Low-risk-XSS-Vulnerability-in-jCapture-plugin-CVE-2021-43687","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://github.com/chamilo/chamilo-lms/blob/v1.11.14/plugin/jcapture/applet.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/chamilo/chamilo-lms/tree/v1.11.14","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-92-2021-11-12-Low-impact-Low-risk-XSS-Vulnerability-in-jCapture-plugin-CVE-2021-43687","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-27413","sourceIdentifier":"cve@mitre.org","published":"2021-12-07T14:15:08.833","lastModified":"2026-07-09T01:16:42.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application."},{"lang":"es","value":"Se ha detectado un problema en la aplicación android Mahavitaran versiones 7.50 y anteriores, que permite a atacantes locales leer el nombre de usuario y la contraseña en texto sin cifrar mientras el usuario está conectado a la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.6,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mahadiscom:mahavitaran:*:*:*:*:*:android:*:*","versionEndExcluding":"7.50","matchCriteriaId":"6D45C77B-7713-43A0-A794-35C3F3436E63"}]}]}],"references":[{"url":"https://cvewalkthrough.com/cve-2020-27413-mahavitaran-android-application-clear-text-password-storage/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.msedcl.app&utm_source=APKdownloadMirror.com","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://cvewalkthrough.com/cve-2020-27413-mahavitaran-android-application-clear-text-password-storage/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.msedcl.app&utm_source=APKdownloadMirror.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-19611","sourceIdentifier":"cve@mitre.org","published":"2021-12-07T16:15:07.190","lastModified":"2026-07-09T00:16:51.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) in redirect module of Racktables version 0.21.2, allows an attacker to inject arbitrary web script or HTML via the op parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en el módulo de redirección de Racktables versión 0.21.2, permite a un atacante inyectar script web o HTML arbitrario por medio del parámetro op"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:racktables_project:racktables:0.21.2:*:*:*:*:*:*:*","matchCriteriaId":"91137A88-4A2D-417C-9E8C-337722E21179"}]}]}],"references":[{"url":"https://github.com/RackTables/racktables/commit/2ce35adeaa47f60dc51875b2339725db3b23e827","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/RackTables/racktables/commit/2ce35adeaa47f60dc51875b2339725db3b23e827","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41716","sourceIdentifier":"cve@mitre.org","published":"2021-12-07T19:15:07.590","lastModified":"2026-07-09T01:17:04.277","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maharashtra State Electricity Board Mahavitara Android Application 8.20 and prior is vulnerable to remote account takeover due to OTP fixation vulnerability in password rest function"},{"lang":"es","value":"Maharashtra State Electricity Board Mahavitara Android Application versión 8.20 y anteriores, es vulnerable a una toma de posesión remota de cuentas debido a una vulnerabilidad de fijación de OTP en la función password rest"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mahadiscom:mahavitaran:*:*:*:*:*:android:*:*","versionEndIncluding":"7.50","matchCriteriaId":"256E447C-7587-4C12-989F-41E6A197A4F3"}]}]}],"references":[{"url":"https://cvewalkthrough.com/cve-2021-41716-mahavitaran-android-application-account-take-over-via-otp-fixation/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cvewalkthrough.com/cve-2021-41716-mahavitaran-android-application-account-take-over-via-otp-fixation/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41450","sourceIdentifier":"cve@mitre.org","published":"2021-12-08T16:15:07.097","lastModified":"2026-07-09T01:17:03.530","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An HTTP request smuggling attack in TP-Link AX10v1 before v1_211117 allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet."},{"lang":"es","value":"Un ataque de contrabando de peticiones HTTP en TP-Link AX10v1 versiones anteriores a v1_211117, permite a un atacante remoto no autenticado hacer DoS a la aplicación web por medio del envío de un paquete HTTP específico"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_ax10_v1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"211117","matchCriteriaId":"73206236-2A34-49EF-91FF-57377B425731"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_ax10_v1:-:*:*:*:*:*:*:*","matchCriteriaId":"91E911FD-8026-4EC2-81D4-0C4A5F991B83"}]}]}],"references":[{"url":"https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-41449","sourceIdentifier":"cve@mitre.org","published":"2021-12-09T14:15:12.563","lastModified":"2026-07-09T01:17:03.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal attack in web interfaces of Netgear RAX35, RAX38, and RAX40 routers before v1.0.4.102, allows a remote unauthenticated attacker to gain access to sensitive restricted information, such as forbidden files of the web application, via sending a specially crafted HTTP packet."},{"lang":"es","value":"Un ataque de salto de ruta en las interfaces web de los routers Netgear RAX35, RAX38 y RAX40 versiones anteriores a v1.0.4.102, permite a un atacante remoto no autenticado conseguir acceso a información confidencial restringida, como archivos prohibidos de la aplicación web, por medio del envío de un paquete HTTP especialmente diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:P","baseScore":3.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax35_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.102","matchCriteriaId":"5F2DB747-540A-4C65-9729-0104357CA87A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax35:-:*:*:*:*:*:*:*","matchCriteriaId":"4201E4D6-4DDF-4EF3-902A-960DFFF7C9A4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax38_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.102","matchCriteriaId":"466B8B30-1D65-4A02-956C-D377B554025D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax38:-:*:*:*:*:*:*:*","matchCriteriaId":"BDA02FAE-E0C9-402F-9E7D-69EEDCC80053"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:rax40_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.0.4.102","matchCriteriaId":"99167432-45E7-4E21-9804-3C7FF8AD106A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:rax40:-:*:*:*:*:*:*:*","matchCriteriaId":"13D54346-4B03-4296-B050-04EB8CFCA732"}]}]}],"references":[{"url":"https://kb.netgear.com/000064405/Security-Advisory-for-Path-Traversal-on-Some-Routers-PSV-2021-0268","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://kb.netgear.com/000064405/Security-Advisory-for-Path-Traversal-on-Some-Routers-PSV-2021-0268","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2018-10228","sourceIdentifier":"cve@mitre.org","published":"2021-12-14T19:15:07.433","lastModified":"2026-07-09T00:16:50.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changes_cp parameter to the index.php/admin/themes/sa/templatesavechanges URI."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el archivo /application/controller/admin/theme.php en LimeSurvey versión 3.6.2+180406, permite a atacantes remotos inyectar scripts web o HTML arbitrarios por medio del parámetro changes_cp al URI index.php/admin/themes/sa/templatesavechanges"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:limesurvey:limesurvey:3.6.2:180406:*:*:*:*:*:*","matchCriteriaId":"C9664E70-17A8-4C6A-9F71-48835DBD7140"}]}]}],"references":[{"url":"https://github.com/LimeSurvey/LimeSurvey/blob/d0e0c94042fdb5119c9247dc2d57685334492e71/application/controllers/admin/themes.php#L644-L654","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2021-26787","sourceIdentifier":"cve@mitre.org","published":"2021-12-15T07:15:06.827","lastModified":"2026-07-09T01:16:48.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross site scripting (XSS) en Genesys Workforce Management versión 8.5.214.20, puede producirse (durante la eliminación de registros) por medio del parámetro Time-off"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:genesys:workforce_management:8.5.214.20:*:*:*:*:*:*:*","matchCriteriaId":"C08832E3-063A-4C67-BED7-B9C3F67F0A5F"}]}]}],"references":[{"url":"https://medium.com/@reliable_lait_mouse_975/cross-site-scripting-vulnerability-within-genesys-workforce-management-version-8-5-214-20-a68500cf5e18","source":"cve@mitre.org"},{"url":"https://medium.com/%40reliable_lait_mouse_975/cross-site-scripting-vulnerability-within-genesys-workforce-management-version-8-5-214-20-a68500cf5e18","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-36450","sourceIdentifier":"cve@mitre.org","published":"2021-12-15T07:15:06.970","lastModified":"2026-07-09T01:16:57.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Verint Workforce Optimization (WFO) 15.2.8.10048 allows XSS via the control/my_notifications NEWUINAV parameter."},{"lang":"es","value":"Verint Workforce Optimization (WFO) versión 15.2.8.10048, permite un atque de tipo XSS por medio del parámetro control/my_notifications NEWUINAV"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:verint:workforce_optimization:15.2.8.10048:*:*:*:*:*:*:*","matchCriteriaId":"90AD4290-2FDE-4BCD-A4CE-C95528E329DF"}]}]}],"references":[{"url":"https://medium.com/@1nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740","source":"cve@mitre.org"},{"url":"https://sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/%401nf0sk/cve-2021-36450-cross-site-scripting-xss-6f5d8d7db740","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://sushantvkamble.blogspot.com/2021/11/cross-site-scripting-xss.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42216","sourceIdentifier":"cve@mitre.org","published":"2021-12-15T18:15:07.730","lastModified":"2026-07-09T01:17:04.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php."},{"lang":"es","value":"Se presenta un algoritmo Criptográfico Roto o Arriesgado en AnonAddy versión 0.8.5, por medio del archivo VerificationController.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-326"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:anonaddy:anonaddy:0.8.5:*:*:*:*:*:*:*","matchCriteriaId":"674ABC02-4B08-47F5-8A4D-420ADA6FFD5A"}]}]}],"references":[{"url":"https://github.com/anonaddy/anonaddy/blob/0478d9e8d364787f203113544123048a41f022c0/app/Http/Controllers/Auth/VerificationController.php#L67","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://huntr.dev/bounties/419f4e8a-ee15-4f80-bcbf-5c83513515dd","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/anonaddy/anonaddy/blob/0478d9e8d364787f203113544123048a41f022c0/app/Http/Controllers/Auth/VerificationController.php#L67","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://huntr.dev/bounties/419f4e8a-ee15-4f80-bcbf-5c83513515dd","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42912","sourceIdentifier":"cve@mitre.org","published":"2021-12-16T17:15:07.980","lastModified":"2026-07-09T01:17:07.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This vulnerability allows the attacker, once logged in, to send commands to the operating system as the root user via the ping diagnostic tool, bypassing the IP address field, and concatenating OS commands with a semicolon."},{"lang":"es","value":"FiberHome ONU GPON AN5506-04-F RP2617 está afectado por una vulnerabilidad de inyección de comandos del Sistema Operativo. Esta vulnerabilidad permite al atacante, una vez iniciada la sesión, enviar comandos al sistema operativo como usuario root por medio de la herramienta de diagnóstico ping, omitiendo el campo de la dirección IP y concatenando los comandos del Sistema Operativo con un punto y coma"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-01-a_firmware:rp0509:*:*:*:*:*:*:*","matchCriteriaId":"F406D8F8-C111-47B0-AEFE-7A2A838B1DB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-01-a:-:*:*:*:*:*:*:*","matchCriteriaId":"8853CE67-2DD9-4217-B1ED-9767A3E46DE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-01-b_firmware:rp2610:*:*:*:*:*:*:*","matchCriteriaId":"12463A6B-5D9D-4F0A-99AE-2D92E6A1B675"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-01-b:-:*:*:*:*:*:*:*","matchCriteriaId":"2DFCE0D3-8E8D-423B-B7AE-FEDA0CF52350"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2520:*:*:*:*:*:*:*","matchCriteriaId":"71DE3F3B-4BA1-47C3-AF80-BF80680437C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2521:*:*:*:*:*:*:*","matchCriteriaId":"77423DD8-4172-4F31-BBFB-D07EEA288091"},{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-02-b_firmware:rp2603:*:*:*:*:*:*:*","matchCriteriaId":"0805F7D2-B62F-4781-A7D7-2B31C7C15C3D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-02-b:-:*:*:*:*:*:*:*","matchCriteriaId":"73640C58-EFEE-4DD6-A5A8-6DC4CADE1C5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-04-b_firmware:rp2510:*:*:*:*:*:*:*","matchCriteriaId":"BB248B43-EAFD-4F7B-BDF8-AAA9AAA3F667"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-04-b:-:*:*:*:*:*:*:*","matchCriteriaId":"8173D80C-412D-44A1-8A93-9BFF803BEFA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:an5506-04-f_firmware:rp2617:*:*:*:*:*:*:*","matchCriteriaId":"66A2ED72-3B09-49FC-90C4-3A5363D167C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-04-f:-:*:*:*:*:*:*:*","matchCriteriaId":"19FA255B-431B-4BC4-9B2B-0E4510636351"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fiberhome:aan5506-04-g2g_firmware:rp2560:*:*:*:*:*:*:*","matchCriteriaId":"6B576BC5-F1C6-49F8-9675-91919310AF07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fiberhome:an5506-04-g2g:-:*:*:*:*:*:*:*","matchCriteriaId":"2DA3762F-12D2-4226-9836-4E8BB214266F"}]}]}],"references":[{"url":"https://medium.com/@windsormoreira/fiberhome-an5506-os-command-injection-cve-2021-42912-10b64fd10ce2","source":"cve@mitre.org"},{"url":"https://medium.com/%40windsormoreira/fiberhome-an5506-os-command-injection-cve-2021-42912-10b64fd10ce2","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-41451","sourceIdentifier":"cve@mitre.org","published":"2021-12-17T15:15:07.493","lastModified":"2026-07-09T01:17:03.650","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack."},{"lang":"es","value":"Una configuración errónea en HTTP/1.0 y HTTP/1.1 de la interfaz web en TP-Link AX10v1 antes de V1_211117 permite que un atacante remoto no autenticado envíe una solicitud HTTP especialmente diseñada y reciba una respuesta HTTP/0.9 mal configurada, lo que podría conducir a un ataque de envenenamiento de caché"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_ax10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"v1_211117","matchCriteriaId":"5DAE8CFF-A6B1-4D2A-8689-F6CE79C9150D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_ax10:v1:*:*:*:*:*:*:*","matchCriteriaId":"73C9D3BE-5DF1-4C6E-AE6B-0C93319BB328"}]}]}],"references":[{"url":"https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2021-45418","sourceIdentifier":"cve@mitre.org","published":"2021-12-22T16:15:08.063","lastModified":"2026-07-09T01:17:10.647","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain Starcharge products are vulnerable to Directory Traversal via main.cgi. The affected products include: Nova 360 Cabinet <=1.3.0.0.6 - Fixed: 1.3.0.0.9 and Titan 180 Premium <=1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0."},{"lang":"es","value":"Determinados productos de Starcharge son vulnerables a un salto de directorio por medio del archivo main.cgi. Los productos afectados incluyen: Nova 360 Cabinet versiones anteriores a 1.3.0.0.6 incluyéndola - Corregido: 1.3.0.0.9 y Titan 180 Premium versiones anteriores a1.3.0.0.7b102 incluyéndola - Corregido: Beta1.3.0.1.0"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:starcharge:titan_180_premium_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.0.0.6","matchCriteriaId":"7C99A4C0-B7F7-4AB7-8F19-79CED5B78A6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:starcharge:titan_180_premium:-:*:*:*:*:*:*:*","matchCriteriaId":"43800DCD-FCCE-4030-9CD3-E5117F05F643"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:starcharge:nova_360_cabinet_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.0.0.7b102","matchCriteriaId":"DE64B3A0-C597-42D0-B62E-6C3764152AAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:starcharge:nova_360_cabinet:-:*:*:*:*:*:*:*","matchCriteriaId":"1E00011D-6265-4218-9940-F7BA818BEDEE"}]}]}],"references":[{"url":"https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45418.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://vincss.net","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45418.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vincss.net","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2021-45419","sourceIdentifier":"cve@mitre.org","published":"2021-12-22T17:15:09.353","lastModified":"2026-07-09T01:17:10.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain Starcharge products are affected by Improper Input Validation. The affected products include: Nova 360 Cabinet <= 1.3.0.0.7b102 - Fixed: Beta1.3.0.1.0 and Titan 180 Premium <= 1.3.0.0.6 - Fixed: 1.3.0.0.9."},{"lang":"es","value":"Determinados productos de Starcharge están afectados por una Comprobación de Entrada Inapropiada. Los productos afectados son: Nova 360 Cabinet versiones anteriores a 1.3.0.0.7b102 incluyéndola - Corregido: Beta1.3.0.1.0 y Titan 180 Premium versiones anteriores a 1.3.0.0.6 incluyéndola - Corregido: 1.3.0.0.9"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:starcharge:titan_180_premium_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.0.0.6","matchCriteriaId":"7C99A4C0-B7F7-4AB7-8F19-79CED5B78A6F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:starcharge:titan_180_premium:-:*:*:*:*:*:*:*","matchCriteriaId":"43800DCD-FCCE-4030-9CD3-E5117F05F643"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:starcharge:nova_360_cabinet_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.0.0.7b102","matchCriteriaId":"DE64B3A0-C597-42D0-B62E-6C3764152AAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:starcharge:nova_360_cabinet:-:*:*:*:*:*:*:*","matchCriteriaId":"1E00011D-6265-4218-9940-F7BA818BEDEE"}]}]}],"references":[{"url":"https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45419.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://vincss.net","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/shortmore/trsh/blob/main/starcharge/CVE-2021-45419.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://vincss.net","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2020-20425","sourceIdentifier":"cve@mitre.org","published":"2021-12-22T23:15:07.453","lastModified":"2026-07-09T00:16:52.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in the search function."},{"lang":"es","value":"S-CMS Government Station Building System versión v5.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) en la función search"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:s-cms:s-cms:5.0:*:*:*:*:*:*:*","matchCriteriaId":"3797FECE-5F4C-4A17-B21E-15BE49A20B41"}]}]}],"references":[{"url":"https://github.com/Sea0o/vulnerability/issues/1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.s-cms.cn/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Sea0o/vulnerability/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.s-cms.cn/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2020-20426","sourceIdentifier":"cve@mitre.org","published":"2021-12-22T23:15:07.497","lastModified":"2026-07-09T00:16:52.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"S-CMS Government Station Building System v5.0 contains a cross-site scripting (XSS) vulnerability in /function/booksave.php."},{"lang":"es","value":"S-CMS Government Station Building System versión v5.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo /function/booksave.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:s-cms:s-cms:5.0:*:*:*:*:*:*:*","matchCriteriaId":"3797FECE-5F4C-4A17-B21E-15BE49A20B41"}]}]}],"references":[{"url":"https://github.com/Sea0o/vulnerability/issues/2","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.s-cms.cn/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Sea0o/vulnerability/issues/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.s-cms.cn/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2021-44674","sourceIdentifier":"cve@mitre.org","published":"2022-01-03T13:15:09.997","lastModified":"2026-07-09T01:17:09.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information exposure issue has been discovered in Opmantek Open-AudIT 4.2.0. The vulnerability allows an authenticated attacker to read file outside of the restricted directory."},{"lang":"es","value":"Se ha detectado un problema de exposición de información en Opmantek Open-AudIT versión 4.2.0. La vulnerabilidad permite a un atacante autenticado leer archivos fuera del directorio restringido"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opmantek:open-audit:4.2.0:*:*:*:-:*:*:*","matchCriteriaId":"D09D56F9-AD39-4557-AB0F-149C7A570B1E"}]}]}],"references":[{"url":"https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://github.com/Opmantek/open-audit/commit/d27b649283aa6a01a15e5a3df1520d7aa69a5e18","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://community.opmantek.com/display/OA/Release+Notes+for+Open-AudIT+v4.3.0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]},{"url":"https://github.com/Opmantek/open-audit/commit/d27b649283aa6a01a15e5a3df1520d7aa69a5e18","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43677","sourceIdentifier":"cve@mitre.org","published":"2022-01-04T20:15:07.550","lastModified":"2026-07-09T01:17:08.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability."},{"lang":"es","value":"Fluxbb versión v1.4.12, está afectado por una vulnerabilidad de tipo Cross Site Scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fluxbb:fluxbb:1.4.12:*:*:*:*:*:*:*","matchCriteriaId":"8B200BD3-D4AA-477F-8506-A1C5ABE247EB"}]}]}],"references":[{"url":"https://github.com/fluxbb/fluxbb","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/fluxbb/fluxbb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45806","sourceIdentifier":"cve@mitre.org","published":"2022-01-13T14:15:07.777","lastModified":"2026-07-09T01:17:11.660","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress v4.2.0 admin panel provides a function through which attackers can modify the template and inject some malicious code."},{"lang":"es","value":"El panel de administración de jpress versión v4.2.0, proporciona una función mediante la cual atacantes pueden modificar la plantilla e inyectar algún código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/166","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/166","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45422","sourceIdentifier":"cve@mitre.org","published":"2022-01-13T19:15:08.540","lastModified":"2026-07-09T01:17:11.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activate_process \"count\" parameter via GET. No authentication is required."},{"lang":"es","value":"Reprise License Manager versión 14.2, está afectado por una vulnerabilidad de tipo cross-site scripting reflejado en el parámetro /goform/activate_process \"count\" por medio de GET. No es requerida autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"14.2","versionEndExcluding":"16.0","matchCriteriaId":"7F4038E1-FE06-4C34-A6F5-6F13F1F43924"}]}]}],"references":[{"url":"https://github.com/WlX-33/PoC-for-CVE/blob/main/CVE-2021-45422/RLM%2014.2%20Cross%20Site%20Scripting.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Jan/31","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.getinfosec.news/13202933/reprise-license-manager-142-reflected-cross-site-scripting#/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Jan/31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://www.getinfosec.news/13202933/reprise-license-manager-142-reflected-cross-site-scripting#/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45807","sourceIdentifier":"cve@mitre.org","published":"2022-01-13T19:15:08.590","lastModified":"2026-07-09T01:17:11.787","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall."},{"lang":"es","value":"jpress versión v4.2.0, es vulnerable a una ejecución de comandos por medio de io.jpress.web.admin._AddonController::doUploadAndInstall"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/167","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/167","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45808","sourceIdentifier":"cve@mitre.org","published":"2022-01-19T13:15:07.920","lastModified":"2026-07-09T01:17:11.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress v4.2.0 allows users to register an account by default. With the account, user can upload arbitrary files to the server."},{"lang":"es","value":"jpress versión v4.2.0, permite a usuarios registrar una cuenta por defecto. Con la cuenta, el usuario puede subir archivos arbitrarios al servidor"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/173","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/173","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46117","sourceIdentifier":"cve@mitre.org","published":"2022-01-26T16:15:07.613","lastModified":"2026-07-09T01:17:13.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code."},{"lang":"es","value":"jpress versión 4.2.0 es vulnerable a una ejecución de código remota por medio de io.jpress.module.page.PageNotifyKit#doSendEmail. El panel de administración proporciona una función mediante la cual atacantes pueden editar las plantillas de correo electrónico e inyectar código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/171","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/171","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46115","sourceIdentifier":"cve@mitre.org","published":"2022-01-26T17:15:07.730","lastModified":"2026-07-09T01:17:13.203","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress 4.2.0 is vulnerable to RCE via io.jpress.web.admin._TemplateController#doUploadFile. The admin panel provides a function through which attackers can upload templates and inject some malicious code."},{"lang":"es","value":"jpress versión 4.2.0, es vulnerable a RCE por medio de io.jpress.web.admin._TemplateController#doUploadFile. El panel de administración proporciona una función mediante la cual los atacantes pueden subir plantillas e inyectar algún código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/169","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/169","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46116","sourceIdentifier":"cve@mitre.org","published":"2022-01-26T17:15:07.780","lastModified":"2026-07-09T01:17:13.330","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web.admin._TemplateController#doInstall. The admin panel provides a function through which attackers can install templates and inject some malicious code."},{"lang":"es","value":"jpress versión 4.2.0, es vulnerable a una ejecución de código remota por medio de io.jpress.web.admin._TemplateController#doInstall. El panel de administración proporciona una función mediante la cual los atacantes pueden instalar plantillas e inyectar algún código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/168","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/168","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46118","sourceIdentifier":"cve@mitre.org","published":"2022-01-26T17:15:07.820","lastModified":"2026-07-09T01:17:13.567","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit.ArticleNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code."},{"lang":"es","value":"jpress versión 4.2.0 es vulnerable a una ejecución de código remota por medio de io.jpress.module.article.kit.ArticleNotifyKit#doSendEmail. El panel de administración proporciona una función mediante la cual los atacantes pueden editar las plantillas de correo electrónico e inyectar código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/170","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JPressProjects/jpress/issues/170","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46114","sourceIdentifier":"cve@mitre.org","published":"2022-01-26T19:15:08.290","lastModified":"2026-07-09T01:17:12.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code."},{"lang":"es","value":"jpress versión 4.2.0 es vulnerable a RCE por medio de io.jpress.module.product.ProductNotifyKit#doSendEmail. El panel de administración proporciona una función mediante la cual los atacantes pueden editar las plantillas de correo electrónico e inyectar algún código malicioso"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jpress:jpress:4.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D2D7F379-C6D9-46F8-BD79-2512DE8F4784"}]}]}],"references":[{"url":"https://github.com/JPressProjects/jpress","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/172","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/JPressProjects/jpress/issues/172","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-44971","sourceIdentifier":"cve@mitre.org","published":"2022-01-28T19:15:07.963","lastModified":"2026-07-09T01:17:10.073","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple Tenda devices are affected by authentication bypass, such as AC15V1.0 Firmware V15.03.05.20_multi?AC5V1.0 Firmware V15.03.06.48_multi and so on. an attacker can obtain sensitive information, and even combine it with authenticated command injection to implement RCE."},{"lang":"es","value":"Múltiples dispositivos Tenda están afectados por una omisión de autenticación, como AC15V1.0 Firmware versión V15.03.05.20_multi... AC5V1.0 Firmware versión V15.03.06.48_multi, etc. un atacante puede obtener información confidencial, e incluso combinarla con una inyección de comandos autenticados para implementar RCE"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-697"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac15_firmware:15.03.05.20_multi:*:*:*:*:*:*:*","matchCriteriaId":"BAF4BBA3-7C56-4383-B167-933075D5C39F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac15:1.0:*:*:*:*:*:*:*","matchCriteriaId":"D5059CAD-BD1A-4808-BCED-006444E60701"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac5_firmware:15.03.06.48_multi:*:*:*:*:*:*:*","matchCriteriaId":"E540AF96-2B4E-4223-B15A-8DA89D2D12F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac5:1.0:*:*:*:*:*:*:*","matchCriteriaId":"D141716B-56F0-4061-9D87-943B7858F2F4"}]}]}],"references":[{"url":"https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/21Gun5/my_cve/blob/main/tenda/bypass_auth.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2021-42631","sourceIdentifier":"cve@mitre.org","published":"2022-01-31T18:15:07.817","lastModified":"2026-07-09T01:17:05.080","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, deserializan el atacante controlado, conllevando a una ejecución de código remoto pre-autenticado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:virtual_appliance:*:*:*:*:*:*:*:*","versionEndIncluding":"20.0.1304","matchCriteriaId":"2184E016-5FB1-4CD5-89F0-3FA4346BFD76"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42635","sourceIdentifier":"cve@mitre.org","published":"2022-01-31T18:15:07.870","lastModified":"2026-07-09T01:17:05.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, usan un valor APP_KEY embebido, conllevando a una ejecución de código remoto pre-autenticado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45416","sourceIdentifier":"cve@mitre.org","published":"2022-02-01T13:15:09.833","lastModified":"2026-07-09T01:17:10.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) Reflejado en RosarioSIS versión 8.2.1, permite a atacantes inyectar HTML arbitrario por medio del parámetro search_term en el script modules/Scheduling/Courses.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rosariosis:rosariosis:8.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AC5EDAC4-D430-4FEA-990B-73308EE87CFB"}]}]}],"references":[{"url":"https://github.com/86x/CVE-2021-45416","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/86x/CVE-2021-45416","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42638","sourceIdentifier":"cve@mitre.org","published":"2022-02-01T23:15:07.437","lastModified":"2026-07-09T01:17:05.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, no sanean la entrada del usuario, resultando en una ejecución de código remota previo a la autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Press/Media Coverage","Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Press/Media Coverage","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42633","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.410","lastModified":"2026-07-09T01:17:05.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to SQL Injection, which may allow an attacker to access additional audit records."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, son vulnerables a una inyección SQL, que puede permitir a un atacante acceder a registros de auditoría adicionales"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42637","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.463","lastModified":"2026-07-09T01:17:05.720","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, usan entradas controladas por el usuario para diseñar una URL, resultando en una vulnerabilidad de tipo Server Side Request Forgery (SSRF)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42639","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.507","lastModified":"2026-07-09T01:17:06.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to multiple reflected cross site scripting vulnerabilities. Attacker controlled input is reflected back in the page without sanitization."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, son susceptibles a múltiples vulnerabilidades de tipo cross site scripting reflejadas. La entrada controlada por el atacante es reflejada de nuevo en la página sin sanearla"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42640","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.547","lastModified":"2026-07-09T01:17:06.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to reassign drivers for any printer."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, son susceptibles a una vulnerabilidad de Referencia Directa de Objetos No Segura (IDOR), que permite a un atacante no autenticado reasignar los controladores de cualquier impresora"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42641","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.590","lastModified":"2026-07-09T01:17:06.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the username and email address of all users."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, son susceptibles a una vulnerabilidad de Referencia Directa de Objetos No Segura (IDOR), que permite a un atacante no autenticado revelar el nombre de usuario y la dirección de correo electrónico de todos los usuarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42642","sourceIdentifier":"cve@mitre.org","published":"2022-02-02T18:15:07.637","lastModified":"2026-07-09T01:17:06.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable to an Insecure Direct Object Reference (IDOR) vulnerability that allows an unauthenticated attacker to disclose the plaintext console username and password for a printer."},{"lang":"es","value":"PrinterLogic Web Stack versiones 19.1.1.13 SP9 y anteriores, son susceptibles a una vulnerabilidad de Referencia Directa de Objetos No Segura (IDOR), que permite a un atacante no autenticado revelar el nombre de usuario y la contraseña de la consola en texto plano para una impresora"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.1.13","matchCriteriaId":"D7412210-0463-4336-9FAD-E50061806186"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:-:*:*:*:*:*:*","matchCriteriaId":"A1B7FE83-A6AC-4A16-B0DE-9D1C22AA40FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp2:*:*:*:*:*:*","matchCriteriaId":"99309983-36D6-47CA-9CBC-32A210C7DF7D"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp3-3:*:*:*:*:*:*","matchCriteriaId":"CBD47013-B42E-4CF1-AF63-AD644B77DFBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:printerlogic:web_stack:19.1.1.13:sp9:*:*:*:*:*:*","matchCriteriaId":"60152B10-DC40-4132-AF45-52ECFD6782CA"}]}]}],"references":[{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portswigger.net/daily-swig/printerlogic-vendor-addresses-triple-rce-threat-against-all-connected-endpoints","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://securityaffairs.co/wordpress/127194/security/printerlogic-printer-management-suite-flaws.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://thecyberthrone.in/2022/01/26/printerlogic-%F0%9F%96%A8-fixes-critical-vulnerabilities-in-its-suite/?utm_source=rss&utm_medium=rss&utm_campaign=printerlogic-%25f0%259f%2596%25a8-fixes-critical-vulnerabilities-in-its-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.printerlogic.com/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securityweek.com/printerlogic-patches-code-execution-flaws-printer-management-suite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.yahooinc.com/paranoids/paranoids-vulnerability-research-printerlogic-issues-security-alert/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23320","sourceIdentifier":"cve@mitre.org","published":"2022-02-07T11:15:07.930","lastModified":"2026-07-09T01:17:14.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"XMPie uStore 12.3.7244.0 allows for administrators to generate reports based on raw SQL queries. Since the application ships with default administrative credentials, an attacker may authenticate into the application and exfiltrate sensitive information from the database."},{"lang":"es","value":"XMPie uStore versión 12.3.7244.0 permite a administradores generar informes basados en consultas SQL sin procesar. Dado que la aplicación es enviada con credenciales administrativas por defecto, un atacante podría autenticarse en la aplicación y exfiltrar información confidencial de la base de datos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xerox:xmpie_ustore:12.3.7244.0:*:*:*:*:*:*:*","matchCriteriaId":"8F96804C-0936-4BF6-A196-552B66EE670E"}]}]}],"references":[{"url":"https://www.linkedin.com/feed/update/urn:li:activity:6894666176450887681?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A6894666176450887681%2C6895051709354192896%29","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.triaxiomsecurity.com/xmpie-ustore-vulnerabilities-discovered/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.xmpie.com/ustore-release-notes/","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.linkedin.com/feed/update/urn:li:activity:6894666176450887681?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A6894666176450887681%2C6895051709354192896%29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.triaxiomsecurity.com/xmpie-ustore-vulnerabilities-discovered/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.xmpie.com/ustore-release-notes/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-46354","sourceIdentifier":"cve@mitre.org","published":"2022-02-09T14:15:07.793","lastModified":"2026-07-09T01:17:13.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Thinfinity VirtualUI 2.1.28.0, 2.1.32.1 and 2.5.26.2, fixed in version 3.0 is affected by an information disclosure vulnerability in the parameter \"Addr\" in cmd site. The ability to send requests to other systems can allow the vulnerable server to filtrate the real IP of the web server or increase the attack surface."},{"lang":"es","value":"Thinfinity VirtualUI versiones 2.1.28.0, 2.1.32.1 y 2.5.26.2, corregido en la versión 3.0, está afectado por una vulnerabilidad de divulgación de información en el parámetro \"Addr\" en el sitio cmd. La capacidad de enviar peticiones a otros sistemas puede permitir al servidor vulnerable filtrar la IP real del servidor web o aumentar la superficie de ataque"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cybelesoft:thinfinity_virtualui:2.1.28.0:*:*:*:*:*:*:*","matchCriteriaId":"E24716C8-13B0-4431-8BD4-45B9557333D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybelesoft:thinfinity_virtualui:2.1.32.1:*:*:*:*:*:*:*","matchCriteriaId":"F215BC0D-F188-4ABC-ADE3-8CAD26A6F68A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybelesoft:thinfinity_virtualui:2.5.26.2:*:*:*:*:*:*:*","matchCriteriaId":"11EB010C-71C8-4BAD-B131-BD73983E6734"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/166069/Thinfinity-VirtualUI-2.5.26.2-Information-Disclosure.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/cybelesoft/virtualui/issues/3","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/166069/Thinfinity-VirtualUI-2.5.26.2-Information-Disclosure.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/cybelesoft/virtualui/issues/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41441","sourceIdentifier":"cve@mitre.org","published":"2022-02-09T17:15:08.250","lastModified":"2026-07-09T01:17:03.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A DoS attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to reboot the router via sending a specially crafted URL to an authenticated victim. The authenticated victim need to visit this URL, for the router to reboot."},{"lang":"es","value":"Un ataque de DoS en la aplicación web de D-Link DIR-X1860 versiones anteriores a v1.10WB09_Beta, permite a un atacante remoto no autenticado reiniciar el router por medio del envío de una URL especialmente diseñada a una víctima autenticada. La víctima autenticada debe visitar esta URL para que el router sea reiniciado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:C","baseScore":7.1,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.03","matchCriteriaId":"A5F053AF-66B2-49F3-8AD9-3F7107059ECB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*","matchCriteriaId":"A46288E8-3105-4FAA-80E7-94EECD1764F2"}]}]}],"references":[{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"cve@mitre.org","tags":["Patch","Technical Description","Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Technical Description","Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-41442","sourceIdentifier":"cve@mitre.org","published":"2022-02-09T20:15:12.413","lastModified":"2026-07-09T01:17:03.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An HTTP smuggling attack in the web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to DoS the web application via sending a specific HTTP packet."},{"lang":"es","value":"Un ataque de contrabando HTTP en la aplicación web de D-Link DIR-X1860 versiones anteriores a v1.10WB09_Beta, permite a un atacante remoto no autenticado hacer DoS a la aplicación web por medio del envío de un paquete HTTP específico"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-444"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.03","matchCriteriaId":"A5F053AF-66B2-49F3-8AD9-3F7107059ECB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*","matchCriteriaId":"A46288E8-3105-4FAA-80E7-94EECD1764F2"}]}]}],"references":[{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-41445","sourceIdentifier":"cve@mitre.org","published":"2022-02-10T17:15:09.283","lastModified":"2026-07-09T01:17:03.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected cross-site-scripting attack in web application of D-Link DIR-X1860 before v1.10WWB09_Beta allows a remote unauthenticated attacker to execute code in the device of the victim via sending a specific URL to the unauthenticated victim."},{"lang":"es","value":"Un ataque de tipo cross-site-scripting reflejado en la aplicación web de D-Link DIR-X1860 versiones anteriores a v1.10WB09_Beta, permite a un atacante remoto no autenticado ejecutar código en el dispositivo de la víctima por medio del envío de una URL específica a la víctima no autenticada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-x1860_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.03","matchCriteriaId":"A5F053AF-66B2-49F3-8AD9-3F7107059ECB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-x1860:-:*:*:*:*:*:*:*","matchCriteriaId":"A46288E8-3105-4FAA-80E7-94EECD1764F2"}]}]}],"references":[{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10283","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23321","sourceIdentifier":"cve@mitre.org","published":"2022-02-10T19:15:09.803","lastModified":"2026-07-09T01:17:14.527","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A persistent cross-site scripting (XSS) vulnerability exists on two input fields within the administrative panel when editing users in the XMPie UStore application on version 12.3.7244.0."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) persistente en dos campos input dentro del panel administrativo cuando son editados usuarios en la aplicación XMPie UStore en versión 12.3.7244.0"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xerox:xmpie_ustore:12.3.7244.0:*:*:*:*:*:*:*","matchCriteriaId":"8F96804C-0936-4BF6-A196-552B66EE670E"}]}]}],"references":[{"url":"https://www.triaxiomsecurity.com/xmpie-ustore-vulnerabilities-discovered/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.xmpie.com/ustore-release-notes/","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.triaxiomsecurity.com/xmpie-ustore-vulnerabilities-discovered/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.xmpie.com/ustore-release-notes/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-46355","sourceIdentifier":"cve@mitre.org","published":"2022-02-11T13:15:07.963","lastModified":"2026-07-09T01:17:13.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OCS Inventory 2.9.1 is affected by Cross Site Scripting (XSS). To exploit the vulnerability, the attacker needs to manipulate the name of some device on your computer, such as a printer, replacing the device name with some malicious code that allows the execution of Stored Cross-site Scripting (XSS)."},{"lang":"es","value":"OCS Inventory versión 2.9.1, está afectado por un ataque de tipo Cross Site Scripting (XSS). Para explotar la vulnerabilidad, el atacante necesita manipular el nombre de algún dispositivo de su ordenador, como una impresora, sustituyendo el nombre del dispositivo por algún código malicioso que permita una ejecución de tipo Cross-site Scripting (XSS) Almacenado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:factorfx:ocs_inventory:2.9.1:*:*:*:*:*:*:*","matchCriteriaId":"4BDB6C3E-EE9A-445E-AD15-40A9D7E579A0"}]}]}],"references":[{"url":"https://medium.com/@windsormoreira/ocs-inventory-2-9-1-cross-site-scripting-xss-cve-2021-46355-a88d72606b7e","source":"cve@mitre.org"},{"url":"https://medium.com/%40windsormoreira/ocs-inventory-2-9-1-cross-site-scripting-xss-cve-2021-46355-a88d72606b7e","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-45420","sourceIdentifier":"cve@mitre.org","published":"2022-02-14T14:15:08.083","lastModified":"2026-07-09T01:17:10.880","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without any kind of authentication mechanism, and this can lead to denial of service and potentially remote code execution. Note: the product has not been supported since 2018 and should be removed or replaced."},{"lang":"es","value":"** NO SOPORTADO CUANDO SE ASIGNÓ ** Los productos Emerson Dixell XWEB-500 están afectados por una vulnerabilidad de escritura de archivos arbitrarios en los archivos /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi y /cgi-bin/lo_utils.cgi. Un atacante podrá escribir cualquier archivo en el sistema de destino sin ningún tipo de mecanismo de autenticación, y esto puede conllevar a una denegación de servicio y potencialmente una ejecución de código remota. Nota: el producto no presenta soporte desde 2018 y debe ser eliminado o reemplazado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-668"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:emerson:dixell_xweb-500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"90DFCB3E-8552-438A-8DE8-4DD1814FF596"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:emerson:dixell_xweb-500:-:*:*:*:*:*:*:*","matchCriteriaId":"A5BEB8EF-721F-480B-ACC6-F6CB812DC76C"}]}]}],"references":[{"url":"https://www.swascan.com/emerson","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.swascan.com/emerson","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45421","sourceIdentifier":"cve@mitre.org","published":"2022-02-14T14:15:08.277","lastModified":"2026-07-09T01:17:11.000","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing. A potential attacker can use this misconfiguration to access all the files in the remote directories. Note: the product has not been supported since 2018 and should be removed or replaced."},{"lang":"es","value":"** NO SOPORTADO CUANDO SE ASIGNÓ ** Los productos Emerson Dixell XWEB-500 están afectados por una divulgación de información por medio del listado de directorios. Un atacante potencial puede usar esta configuración errónea para acceder a todos los archivos de los directorios remotos. Nota: el producto no ha sido soportado desde 2018 y debe ser eliminado o reemplazado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:emerson:dixell_xweb-500_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"90DFCB3E-8552-438A-8DE8-4DD1814FF596"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:emerson:dixell_xweb-500:-:*:*:*:*:*:*:*","matchCriteriaId":"A5BEB8EF-721F-480B-ACC6-F6CB812DC76C"}]}]}],"references":[{"url":"https://www.swascan.com/emerson","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.swascan.com/emerson","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-22901","sourceIdentifier":"cve@mitre.org","published":"2022-02-17T03:15:06.847","lastModified":"2026-07-09T01:17:14.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is an Assertion in 'context_p->next_scanner_info_p->type == SCANNER_TYPE_FUNCTION' failed at parser_parse_function_arguments in /js/js-parser.c of JerryScript commit a6ab5e9."},{"lang":"es","value":"Se presenta una Aserción en \"context_p-)next_scanner_info_p-)type == SCANNER_TYPE_FUNCTION\" fallida en el archivo parser_parse_function_arguments en /js/js-parser.c de JerryScript commit a6ab5e9"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jerryscript:jerryscript:-:*:*:*:*:*:*:*","matchCriteriaId":"4EB495C8-348F-4B04-B31F-1F4EE471CC22"}]}]}],"references":[{"url":"https://github.com/jerryscript-project/jerryscript","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jerryscript-project/jerryscript/issues/4916","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]},{"url":"https://github.com/jerryscript-project/jerryscript","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jerryscript-project/jerryscript/issues/4916","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-22899","sourceIdentifier":"cve@mitre.org","published":"2022-02-17T13:15:07.763","lastModified":"2026-07-09T01:17:13.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service."},{"lang":"es","value":"Se ha detectado que Core FTP / SFTP Server versión v2 Build 725, permite a atacantes no autenticados causar una denegación de servicio (DoS) por medio de un paquete diseñado mediante el servicio SSH"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:N/I:N/A:P","baseScore":2.6,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":4.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coreftp:core_ftp:2.0:build_725:*:*:*:*:*:*","matchCriteriaId":"9179FEB3-2371-45A3-B544-3FC29DDB2C65"}]}]}],"references":[{"url":"http://coreftp.com/forums/viewtopic.php?f=15&t=4022509","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://yoursecuritybores.me/coreftp-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://coreftp.com/forums/viewtopic.php?f=15&t=4022509","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://yoursecuritybores.me/coreftp-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-22914","sourceIdentifier":"cve@mitre.org","published":"2022-02-17T21:15:07.837","lastModified":"2026-07-09T01:17:14.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal."},{"lang":"es","value":"Un problema de control de acceso incorrecto en el componente FileManager de Ovidentia CMS versión 6.0, permite a atacantes autenticados visualizar y descargar contenido en el directorio de carga por medio de un salto de ruta"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ovidentia:ovidentia:6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"403A071B-FFC8-45B6-BFB6-9A17A0D7A494"}]}]}],"references":[{"url":"https://gitlab.com/albadotpy/ovidentia-information-disclosure-on-upload-directory-content","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gitlab.com/albadotpy/ovidentia-information-disclosure-on-upload-directory-content","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-22916","sourceIdentifier":"cve@mitre.org","published":"2022-02-17T22:15:07.877","lastModified":"2026-07-09T01:17:14.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke."},{"lang":"es","value":"Se ha detectado que O2OA versión v6.4.7, contiene una vulnerabilidad de ejecución de código remota (RCE) por medio de /x_program_center/jaxrs/invoke"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zoneland:o2oa:6.4.7:*:*:*:*:*:*:*","matchCriteriaId":"694B9F84-BB40-4ADB-AF9D-7AA5171FC4BD"}]}]}],"references":[{"url":"https://github.com/wendell1224/O2OA-POC/blob/main/POC.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/wendell1224/O2OA-POC/blob/main/POC.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37504","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T19:15:12.030","lastModified":"2026-07-09T01:17:00.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en el parámetro fileNameStr de jQuery-Upload-File v4.0.11 permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de un archivo diseñado con una carga útil de Javascript en el nombre del archivo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hayageek:jquery_upload_file:4.0.11:*:*:*:*:*:*:*","matchCriteriaId":"2E34A716-E5D6-43F1-9600-B773C63F3C2C"}]}]}],"references":[{"url":"http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://hayageek.github.io/jQuery-Upload-File/4.0.11/jquery.uploadfile.min.js","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://hayageek.github.io/jQuery-Upload-File/4.0.11/uploadfile.css","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/hayageek/jquery-upload-file/blob/master/js/jquery.uploadfile.js#L469","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://raw.githubusercontent.com/hayageek/jquery-upload-file/master/js/jquery.uploadfile.js","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://hayageek.github.io/jQuery-Upload-File/4.0.11/jquery.uploadfile.min.js","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"http://hayageek.github.io/jQuery-Upload-File/4.0.11/uploadfile.css","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/hayageek/jquery-upload-file/blob/master/js/jquery.uploadfile.js#L469","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://raw.githubusercontent.com/hayageek/jquery-upload-file/master/js/jquery.uploadfile.js","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42952","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T20:15:08.210","lastModified":"2026-07-09T01:17:07.767","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zepl Notebooks before 2021-10-25 are affected by a sandbox escape vulnerability. Upon launching Remote Code Execution from the Notebook, users can then use that to subsequently escape the running context sandbox and proceed to access internal Zepl assets including cloud metadata services."},{"lang":"es","value":"Todas las versiones anteriores al 25 de octubre de 2021 de Zepl Notebooks están afectadas por una vulnerabilidad de escape de sandbox. Al iniciar una ejecución de código remota desde el cuaderno, los usuarios pueden usarlo para escapar posteriormente del sandbox del contexto en ejecución y proceder a acceder a activos internos de Zepl, incluidos servicios de metadatos en la nube.\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zepl:zepl:*:*:*:*:*:*:*:*","versionEndExcluding":"2021-10-25","matchCriteriaId":"A22A92EB-819B-4755-B6EB-7BA139F7FA69"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/Feb/32","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Feb/32","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25060","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T20:15:08.503","lastModified":"2026-07-09T01:17:18.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing."},{"lang":"es","value":"Se ha detectado que el TP-LINK TL-WR840N(ES)_V6.20_180709, contenía una vulnerabilidad de inyección de comandos por medio del componente oal_startPing.\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709:*:*:*:*:*:*:*","matchCriteriaId":"593F08F2-138C-4BAF-BEA8-A6A7704E3A6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*","matchCriteriaId":"AF3078F3-4CD5-4157-9A2D-7E338B6C7058"}]}]}],"references":[{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-Injection-of-commands-through-object-oal_startPing-EN-939c748c5f244504899477114b1ca1cf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-Injection-of-commands-through-object-oal_startPing-EN-939c748c5f244504899477114b1ca1cf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25061","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T20:15:08.550","lastModified":"2026-07-09T01:17:18.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_setIp6DefaultRoute."},{"lang":"es","value":"Se ha detectado que TP-LINK TL-WR840N(ES)_V6.20_180709 contiene una vulnerabilidad de inyección de comandos por medio del componente oal_setIp6DefaultRoute.\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709:*:*:*:*:*:*:*","matchCriteriaId":"593F08F2-138C-4BAF-BEA8-A6A7704E3A6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*","matchCriteriaId":"AF3078F3-4CD5-4157-9A2D-7E338B6C7058"}]}]}],"references":[{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-Injection-of-commands-through-object-oal_setIp6DefaultRoute-EN-ddf9c1db199d49829269147ada6cb312","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-Injection-of-commands-through-object-oal_setIp6DefaultRoute-EN-ddf9c1db199d49829269147ada6cb312","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25062","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T20:15:08.603","lastModified":"2026-07-09T01:17:19.083","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request."},{"lang":"es","value":"Se ha detectado que el TP-LINK TL-WR840N(ES)_V6.20_180709 contiene un desbordamiento de enteros por medio de la función dm_checkString. Esta vulnerabilidad permite a atacantes causar una denegación de servicio (DoS) por medio de una petición HTTP diseñada.\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709:*:*:*:*:*:*:*","matchCriteriaId":"593F08F2-138C-4BAF-BEA8-A6A7704E3A6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*","matchCriteriaId":"AF3078F3-4CD5-4157-9A2D-7E338B6C7058"}]}]}],"references":[{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-RCE-Integer-Overflow-via-crafted-payload-in-an-DNS-input-field-userDomain-EN-2bc0fafd23224a5a8f86f5f0f9377d3d","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-RCE-Integer-Overflow-via-crafted-payload-in-an-DNS-input-field-userDomain-EN-2bc0fafd23224a5a8f86f5f0f9377d3d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25064","sourceIdentifier":"cve@mitre.org","published":"2022-02-25T20:15:08.647","lastModified":"2026-07-09T01:17:19.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the function oal_wan6_setIpAddr."},{"lang":"es","value":"Se ha detectado que TP-LINK TL-WR840N(ES)_V6.20_180709 contiene una vulnerabilidad de ejecución de código remota (RCE) por medio de la función oal_wan6_setIpAddr.\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709:*:*:*:*:*:*:*","matchCriteriaId":"593F08F2-138C-4BAF-BEA8-A6A7704E3A6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*","matchCriteriaId":"AF3078F3-4CD5-4157-9A2D-7E338B6C7058"}]}]}],"references":[{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-rce-via-crafted-payload-in-an-ipv6-address-input-field-hidden-EN-98e24b6f841043fba17ec4627c34f5d1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://east-trowel-102.notion.site/CVE-2021-XXXX-rce-via-crafted-payload-in-an-ipv6-address-input-field-hidden-EN-98e24b6f841043fba17ec4627c34f5d1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42951","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T02:15:07.417","lastModified":"2026-07-09T01:17:07.653","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Algorithmia MSOL all versions before October 10 2021 of SaaS. Users can register for an account and are allocated a set number of credits to try the product. Once users authenticate, they can proceed to create a new, specially crafted Algorithm and subsequently launch remote code execution with their desired result."},{"lang":"es","value":"Se presenta una vulnerabilidad de Ejecución de Código Remota (RCE) en Algorithmia MSOL todas las versiones anteriores al 10 de octubre de 2021 de SaaS. Los usuarios pueden registrarse para obtener una cuenta y le es asignado un número determinado de créditos para probar el producto. Una vez que los usuarios son autenticados, pueden proceder a crear un nuevo Algorithmia especialmente diseñado y posteriormente lanzar una ejecución de código remoto con el resultado deseado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:algorithmia:msol:*:*:*:*:*:*:*:*","versionEndExcluding":"2021-10-10","matchCriteriaId":"C858F981-B372-4DDD-9590-BD5DC0E72994"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/Feb/33","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Feb/33","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-44961","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T02:15:07.460","lastModified":"2026-07-09T01:17:09.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A memory leakage flaw exists in the class PerimeterGenerator of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. Specially crafted stl files can exhaust available memory. An attacker can provide malicious files to trigger this vulnerability."},{"lang":"es","value":"Existe un fallo de fuga de memoria en la clase PerimeterGenerator de Slic3r libslic3r 1.3.0 y Master Commit b1a5500. Los archivos stl especialmente diseñados pueden agotar la memoria disponible. Un atacante puede proporcionar archivos maliciosos para activar esta vulnerabilidad"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:N/A:P","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:slic3r:libslic3r:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"188C5C50-5D37-4F11-A4C1-541552348BF9"}]}]}],"references":[{"url":"https://hackmd.io/nDT_UKLyRQendxDwil9A4w","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/nDT_UKLyRQendxDwil9A4w","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25018","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T02:15:07.770","lastModified":"2026-07-09T01:17:18.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Pluxml v5.8.7 was discovered to allow attackers to execute arbitrary code via crafted PHP code inserted into static pages."},{"lang":"es","value":"Se ha detectado que Pluxml versión v5.8.7, permite a atacantes ejecutar código arbitrario por medio de código PHP diseñado insertado en páginas estáticas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pluxml:pluxml:5.8.7:*:*:*:*:*:*:*","matchCriteriaId":"6903F3B2-97D6-4889-942F-4D5E4317F4B8"}]}]}],"references":[{"url":"https://github.com/MoritzHuppert/CVE-2022-25018/blob/main/CVE-2022-25018.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/pluxml/PluXml","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://youtu.be/Gbe2UNCB0tY","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MoritzHuppert/CVE-2022-25018/blob/main/CVE-2022-25018.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/pluxml/PluXml","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://youtu.be/Gbe2UNCB0tY","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25020","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T02:15:07.813","lastModified":"2026-07-09T01:17:18.623","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in Pluxml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the thumbnail path of a blog post."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en Pluxml versión v5.8.7, permite a atacantes ejecutar scripts web arbitrarios o HTML por medio de una carga útil diseñada en la ruta de la miniatura de una entrada de blog."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pluxml:pluxml:5.8.7:*:*:*:*:*:*:*","matchCriteriaId":"6903F3B2-97D6-4889-942F-4D5E4317F4B8"}]}]}],"references":[{"url":"https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cvedetails.com/cve/CVE-2021-38602/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://youtu.be/TsGp-QB5XWI","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MoritzHuppert/CVE-2022-25020/blob/main/CVE-2022-25020.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cvedetails.com/cve/CVE-2021-38602/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://youtu.be/TsGp-QB5XWI","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25022","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T02:15:07.853","lastModified":"2026-07-09T01:17:18.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in Htmly v2.8.1 allows attackers to excute arbitrary web scripts HTML via a crafted payload in the content field of a blog post."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en Htmly versión v2.8.1, permite a atacantes ejecutar scripts web arbitrarios HTML por medio de una carga útil diseñada en el campo de contenido de una entrada de blog."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:htmly:htmly:2.8.1:*:*:*:*:*:*:*","matchCriteriaId":"3943A5AA-F6A1-40B4-AFD3-7D1189668464"}]}]}],"references":[{"url":"https://github.com/MoritzHuppert/CVE-2022-25022/blob/main/CVE-2022-25022.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cvedetails.com/cve/CVE-2021-36703/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://youtu.be/acookTqf3Nc","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MoritzHuppert/CVE-2022-25022/blob/main/CVE-2022-25022.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cvedetails.com/cve/CVE-2021-36703/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://youtu.be/acookTqf3Nc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24251","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T23:15:08.777","lastModified":"2026-07-09T01:17:16.883","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the Catalog Asset Upload function."},{"lang":"es","value":"Se ha detectado que Extensis Portfolio versión v4.0, contiene una vulnerabilidad de carga de archivos sin restricciones autenticada por medio de la función Catalog Asset Upload"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:extensis:portfolio:4.0:*:*:*:*:*:*:*","matchCriteriaId":"A93AE3AC-386E-4817-A393-38D2431782D0"}]}]}],"references":[{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24252","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T23:15:08.823","lastModified":"2026-07-09T01:17:16.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An unrestricted file upload vulnerability in the FileTransferServlet component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos sin restricciones en el componente FileTransferServlet de Extensis Portfolio versión v4.0, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:extensis:portfolio:4.0:*:*:*:*:*:*:*","matchCriteriaId":"A93AE3AC-386E-4817-A393-38D2431782D0"}]}]}],"references":[{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24253","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T23:15:08.863","lastModified":"2026-07-09T01:17:17.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Extensis Portfolio v4.0 was discovered to contain an authenticated unrestricted file upload vulnerability via the component AdminFileTransferServlet."},{"lang":"es","value":"Se ha detectado que Extensis Portfolio versión v4.0, contiene una vulnerabilidad de carga de archivos sin restricciones autenticada por medio del componente AdminFileTransferServlet"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:extensis:portfolio:4.0:*:*:*:*:*:*:*","matchCriteriaId":"A93AE3AC-386E-4817-A393-38D2431782D0"}]}]}],"references":[{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24254","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T23:15:08.907","lastModified":"2026-07-09T01:17:17.210","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An unrestricted file upload vulnerability in the Backup/Restore Archive component of Extensis Portfolio v4.0 allows remote attackers to execute arbitrary code via a crafted ZIP file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos sin restricciones en el componente Backup/Restore Archive de Extensis Portfolio versión v4.0, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo ZIP diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:extensis:portfolio:4.0:*:*:*:*:*:*:*","matchCriteriaId":"A93AE3AC-386E-4817-A393-38D2431782D0"}]}]}],"references":[{"url":"https://snyk.io/research/zip-slip-vulnerability","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://snyk.io/research/zip-slip-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24255","sourceIdentifier":"cve@mitre.org","published":"2022-03-01T23:15:08.950","lastModified":"2026-07-09T01:17:17.327","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Extensis Portfolio v4.0 was discovered to contain hardcoded credentials which allows attackers to gain administrator privileges."},{"lang":"es","value":"Se ha detectado que Extensis Portfolio versión v4.0, contiene credenciales embebidas que permiten a atacantes alcanzar privilegios de administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:extensis:portfolio:4.0:*:*:*:*:*:*:*","matchCriteriaId":"A93AE3AC-386E-4817-A393-38D2431782D0"}]}]}],"references":[{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.whiteoaksecurity.com/blog/extensis-portfolio-vulnerability-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-38268","sourceIdentifier":"cve@mitre.org","published":"2022-03-02T19:15:07.880","lastModified":"2026-07-09T01:17:00.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.6, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 21, 7.2 before fix pack 10 and 7.3 before fix pack 2 incorrectly sets default permissions for site members, which allows remote authenticated users with the site member role to add and duplicate forms, via the UI or the API."},{"lang":"es","value":"El módulo Dynamic Data Mapping en Liferay Portal 7.0.0 hasta 7.3.6, y Liferay DXP 7.0 antes del fix pack 101, 7.1 antes del fix pack 21, 7.2 antes del fix pack 10 y 7.3 antes del fix pack 2 establece incorrectamente los permisos por defecto para los miembros del sitio, lo que permite a los usuarios remotos autentificados con el rol de miembro del sitio añadir y duplicar formularios, a través de la UI o la API"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2.1","matchCriteriaId":"092D727C-B318-4F8C-8698-7DC78ABE2237"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.3.7","matchCriteriaId":"5F76965E-CCB6-407B-88B7-7C5B70DE8408"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_assetEntryId=120882524&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_redirect=https%3A%2F%2Fportal.liferay.dev%3A443%2Flearn%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetP","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38268-site-member-can-add-new-forms-by-default?_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_assetEntryId=120882524&_com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_HbL5mxmVrnXW_redirect=https%3A%2F%2Fportal.liferay.dev%3A443%2Flearn%2Fsecurity%2Fknown-vulnerabilities%3Fp_p_id%3Dcom_liferay_asset_publisher_web_portlet_AssetP","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38266","sourceIdentifier":"cve@mitre.org","published":"2022-03-02T23:15:08.577","lastModified":"2026-07-09T01:17:00.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Portal Security module in Liferay Portal 7.2.1 and earlier, and Liferay DXP 7.0 before fix pack 90, 7.1 before fix pack 17 and 7.2 before fix pack 5 does not correctly import users from LDAP, which allows remote attackers to prevent a legitimate user from authenticating by attempting to sign in as a user that exist in LDAP."},{"lang":"es","value":"El módulo Portal Security en Liferay Portal 7.2.1 y anteriores, y Liferay DXP 7.0 antes del fix pack 90, 7.1 antes del fix pack 17 y 7.2 antes del fix pack 5 no importa correctamente los usuarios de LDAP, lo que permite a los atacantes remotos impedir que un usuario legítimo se autentique al intentar iniciar sesión como un usuario que existe en LDAP"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:community:*:*:*","versionEndIncluding":"7.2.1","matchCriteriaId":"54016156-94AF-4EE7-9165-D7C4705A2BF2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"6F20D93D-7FB2-4D5F-9249-4DECDE473C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"CF0821E5-B6E5-44E6-9CF7-77EAE982F677"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"1B24B6A1-8439-49D6-8E78-193144F3DCC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"7E82A6CC-891C-4619-84EA-0DA96E4043C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"FE1A8781-6B16-4D37-B556-36B99CBCA9F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"3EE11B43-1629-4A22-BE88-0AFB2DFC528C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"10FC6F33-C031-40A4-AFAF-B5CF30F79E52"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"99B99578-CACE-47D2-9C1E-A7BBD2B6F6EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"950D98A8-88EE-4C99-817B-C418071B2819"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"F86FF50F-B21A-4B6E-88B8-90D0C042E942"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"CE0E1891-6E76-4069-B412-43B5E5379E0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"404F5FFE-2758-452F-9297-40E0533C6FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"3F5B7E72-8D62-464A-AA82-CBE2625C7687"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"4FA67C68-3E8E-4383-967F-A1FA55AE4897"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_29:*:*:*:*:*:*","matchCriteriaId":"88A5CBCE-2BAE-44C7-A7BF-BC30C89839BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_31:*:*:*:*:*:*","matchCriteriaId":"89B4F926-5018-4C50-9569-A92BEA6364A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_32:*:*:*:*:*:*","matchCriteriaId":"863C4DBB-9BA2-4A13-8394-08AC500D552A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_34:*:*:*:*:*:*","matchCriteriaId":"54CA9915-54C2-4E7F-85AF-781CA0A63A9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_37:*:*:*:*:*:*","matchCriteriaId":"C2A29CA0-66CB-4ED9-87B3-57A1C04F59F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_38:*:*:*:*:*:*","matchCriteriaId":"2BFC882E-25C2-46A3-A0DA-A779399A3A30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"D4094372-E950-4DE0-86D2-CE7F214FD3A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"D35916F1-24AA-4BF3-8B1F-2361C5B815D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_55:*:*:*:*:*:*","matchCriteriaId":"B2C29B11-D87B-4D78-9D42-AD528C811080"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"EDEE4B40-889C-472E-AA91-7E1B4314EE64"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_62:*:*:*:*:*:*","matchCriteriaId":"52C5C76D-2572-4ADF-B7E4-7B3444935658"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_63:*:*:*:*:*:*","matchCriteriaId":"9ABFC91A-7A8D-4A08-9464-F534BAA69B4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"3867FDAA-354E-4D2F-A260-27F31CA44C8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_74:*:*:*:*:*:*","matchCriteriaId":"3BA69ED9-28FA-40B5-84F9-0FFE40DFC675"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_77:*:*:*:*:*:*","matchCriteriaId":"CE4885B1-F912-4D06-8179-830FC011F3F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"A89B7EE4-57FD-4B09-841A-ABC9990FF88F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"655A3A6A-A3EB-4864-B64D-2319E5CF7DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17191","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38266","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17191","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38266","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38263","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:07.933","lastModified":"2026-07-09T01:17:00.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Server module's script console in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 101, 7.1 before fix pack 20 and 7.2 before fix pack 10 allows remote attackers to inject arbitrary web script or HTML via the output of a script."},{"lang":"es","value":"La vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la consola de secuencias de comandos del módulo Server en Liferay Portal 7.3.2 y anteriores, y Liferay DXP 7.0 antes del paquete de correcciones 101, 7.1 antes del paquete de correcciones 20 y 7.2 antes del paquete de correcciones 10 permite a los atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de la salida de una secuencia de comandos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionEndIncluding":"7.3.2","matchCriteriaId":"1708EE59-0B7D-409A-A906-26276641AF3A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"6F20D93D-7FB2-4D5F-9249-4DECDE473C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"CF0821E5-B6E5-44E6-9CF7-77EAE982F677"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_100:*:*:*:*:*:*","matchCriteriaId":"8C9B7CF8-5553-47B6-BB57-0429D78AE301"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"1B24B6A1-8439-49D6-8E78-193144F3DCC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"7E82A6CC-891C-4619-84EA-0DA96E4043C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"FE1A8781-6B16-4D37-B556-36B99CBCA9F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"3EE11B43-1629-4A22-BE88-0AFB2DFC528C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"10FC6F33-C031-40A4-AFAF-B5CF30F79E52"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"99B99578-CACE-47D2-9C1E-A7BBD2B6F6EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"950D98A8-88EE-4C99-817B-C418071B2819"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"F86FF50F-B21A-4B6E-88B8-90D0C042E942"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"CE0E1891-6E76-4069-B412-43B5E5379E0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"404F5FFE-2758-452F-9297-40E0533C6FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"3F5B7E72-8D62-464A-AA82-CBE2625C7687"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"4FA67C68-3E8E-4383-967F-A1FA55AE4897"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_29:*:*:*:*:*:*","matchCriteriaId":"88A5CBCE-2BAE-44C7-A7BF-BC30C89839BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_31:*:*:*:*:*:*","matchCriteriaId":"89B4F926-5018-4C50-9569-A92BEA6364A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_32:*:*:*:*:*:*","matchCriteriaId":"863C4DBB-9BA2-4A13-8394-08AC500D552A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_34:*:*:*:*:*:*","matchCriteriaId":"54CA9915-54C2-4E7F-85AF-781CA0A63A9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_37:*:*:*:*:*:*","matchCriteriaId":"C2A29CA0-66CB-4ED9-87B3-57A1C04F59F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_38:*:*:*:*:*:*","matchCriteriaId":"2BFC882E-25C2-46A3-A0DA-A779399A3A30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"D4094372-E950-4DE0-86D2-CE7F214FD3A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"D35916F1-24AA-4BF3-8B1F-2361C5B815D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_55:*:*:*:*:*:*","matchCriteriaId":"B2C29B11-D87B-4D78-9D42-AD528C811080"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"EDEE4B40-889C-472E-AA91-7E1B4314EE64"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_62:*:*:*:*:*:*","matchCriteriaId":"52C5C76D-2572-4ADF-B7E4-7B3444935658"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_63:*:*:*:*:*:*","matchCriteriaId":"9ABFC91A-7A8D-4A08-9464-F534BAA69B4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"3867FDAA-354E-4D2F-A260-27F31CA44C8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_74:*:*:*:*:*:*","matchCriteriaId":"3BA69ED9-28FA-40B5-84F9-0FFE40DFC675"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_77:*:*:*:*:*:*","matchCriteriaId":"CE4885B1-F912-4D06-8179-830FC011F3F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"A89B7EE4-57FD-4B09-841A-ABC9990FF88F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"655A3A6A-A3EB-4864-B64D-2319E5CF7DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_97:*:*:*:*:*:*","matchCriteriaId":"8693CC24-CEF6-4479-A3DA-8FD5C73E9548"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_98:*:*:*:*:*:*","matchCriteriaId":"B1A95A94-83C6-4DCC-8208-B76B53678B25"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_99:*:*:*:*:*:*","matchCriteriaId":"A1831C4F-7887-489E-91C1-3997114917DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17061","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38263-reflected-xss-with-script-page","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17061","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38263-reflected-xss-with-script-page","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38264","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:07.980","lastModified":"2026-07-09T01:17:00.337","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 and 7.4.1 allows remote attackers to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter. This issue is caused by an incomplete fix in CVE-2021-35463."},{"lang":"es","value":"Una vulnerabilidad de scripting cruzado (XSS) en el módulo Frontend Taglib en Liferay Portal 7.4.0 y 7.4.1 permite a los atacantes remotos inyectar script web o HTML arbitrario en la búsqueda de la barra de herramientas de gestión a través del parámetro `keywords`. Este problema está causado por una corrección incompleta en CVE-2021-35463"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D77AE89B-3769-4AEC-AF7B-00AAE3F345F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.1:-:*:*:*:*:*:*","matchCriteriaId":"0EBEF105-7297-44E3-B458-944861A941C2"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38264-reflected-xss-with-keywords-in-search","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38264-reflected-xss-with-keywords-in-search","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38265","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:08.020","lastModified":"2026-07-09T01:17:00.453","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Asset module in Liferay Portal 7.3.4 through 7.3.6 allow remote attackers to inject arbitrary web script or HTML when creating a collection page via the _com_liferay_asset_list_web_portlet_AssetListPortlet_title parameter."},{"lang":"es","value":"Una vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo Asset de Liferay Portal 7.3.4 a 7.3.6 permite a los atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios al crear una página de colección a través del parámetro _com_liferay_asset_list_web_portlet_AssetListPortlet_title"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndIncluding":"7.3","matchCriteriaId":"268D0391-AFD2-4AE1-810E-C28046F9FF65"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.4","versionEndIncluding":"7.3.6","matchCriteriaId":"8F7687E8-644C-432E-8AC2-70C913C077D9"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38265-stored-xss-with-collection-name","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38265-stored-xss-with-collection-name","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38267","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:08.067","lastModified":"2026-07-09T01:17:00.697","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Blogs module's edit blog entry page in Liferay Portal 7.3.2 through 7.3.6, and Liferay DXP 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_blogs_web_portlet_BlogsAdminPortlet_title and _com_liferay_blogs_web_portlet_BlogsAdminPortlet_subtitle parameter."},{"lang":"es","value":"La vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la página de edición de entradas de blog del módulo Blogs en Liferay Portal 7.3.2 a 7.3.6, y Liferay DXP 7.3 antes del paquete de correcciones 2 permite a los atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro _com_liferay_blogs_web_portlet_BlogsAdminPortlet_title y _com_liferay_blogs_web_portlet_BlogsAdminPortlet_subtitle"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"EF5BFC45-3970-43D5-A064-D8785677E26C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndIncluding":"7.3.6","matchCriteriaId":"25C6FBAD-AECD-4DE9-9C2F-6A935540FCA5"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38267-stored-xss-with-title-and-subtitle-of-blog-entry","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38267-stored-xss-with-title-and-subtitle-of-blog-entry","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-38269","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:08.110","lastModified":"2026-07-09T01:17:00.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Gogo Shell module in Liferay Portal 7.1.0 through 7.3.6 and 7.4.0, and Liferay DXP 7.1 before fix pack 23, 7.2 before fix pack 13, and 7.3 before fix pack 2 allows remote attackers to inject arbitrary web script or HTML via the output of a Gogo Shell command."},{"lang":"es","value":"Una vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el módulo Gogo Shell en Liferay Portal 7.1.0 hasta 7.3.6 y 7.4.0, y Liferay DXP 7.1 antes del paquete de correcciones 23, 7.2 antes del paquete de correcciones 13 y 7.3 antes del paquete de correcciones 2 permite a los atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias a través de la salida de un comando Gogo Shell"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndIncluding":"7.3.6","matchCriteriaId":"D3E59C58-7196-4CA6-A0A1-4DFB5E666C67"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D77AE89B-3769-4AEC-AF7B-00AAE3F345F9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38269-stored-xss-with-gogo-shell-output","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2021-38269-stored-xss-with-gogo-shell-output","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25089","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:08.570","lastModified":"2026-07-09T01:17:19.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Printix Secure Cloud Print Management through 1.3.1106.0 incorrectly uses Privileged APIs to modify values in HKEY_LOCAL_MACHINE via UITasks.PersistentRegistryData."},{"lang":"es","value":"Printix Secure Cloud Print Management a través de 1.3.1106.0 utiliza incorrectamente las APIs con privilegios para modificar los valores en HKEY_LOCAL_MACHINE a través de UITasks.PersistentRegistryData."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kofax:printix:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.1106.0","matchCriteriaId":"0FC2CF4F-58C1-4A57-BE07-D8CEA90F53C8"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167013/Printix-1.3.1106.0-Privileged-API-Abuse.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/ComparedArray/printix-CVE-2022-25089","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50798","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/167013/Printix-1.3.1106.0-Privileged-API-Abuse.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/ComparedArray/printix-CVE-2022-25089","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50798","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-25146","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T00:15:08.617","lastModified":"2026-07-09T01:17:19.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Remote App module in Liferay Portal Liferay Portal v7.4.3.4 through v7.4.3.8 and Liferay DXP 7.4 before update 5 does not check if the origin of event messages it receives matches the origin of the Remote App, allowing attackers to exfiltrate the CSRF token via a crafted event message."},{"lang":"es","value":"El módulo Remote App en Liferay Portal Liferay Portal v7.4.3.4 hasta v7.4.3.8 y Liferay DXP 7.4 antes de la actualización 5 no comprueba si el origen de los mensajes de evento que recibe coincide con el origen de la Remote App, permitiendo a los atacantes exfiltrar el token CSRF a través de un mensaje de evento crafteado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-346"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndIncluding":"7.4","matchCriteriaId":"5F7BCC0B-5F36-4E6B-AABE-61B88E9A99D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.4","versionEndExcluding":"7.4.3.9","matchCriteriaId":"2D590E39-35BB-476C-B08E-ABFDF4C201BF"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-25146-csrf-token-exfiltration-via-remote-apps","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.securitum.pl","source":"cve@mitre.org","tags":["Not Applicable","Third Party Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-25146-csrf-token-exfiltration-via-remote-apps","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.securitum.pl","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24573","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T02:15:07.233","lastModified":"2026-07-09T01:17:17.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la interfaz de administración en Element-IT HTTP Commander versión 7.0.0, permite a usuarios no autenticados conseguir acceso de administrador inyectando un script malicioso en el campo User-Agent"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:element-it:http_commander:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.3.6","matchCriteriaId":"ACD68E0E-1B07-4527-94DF-6FD93E6AE36F"},{"vulnerable":true,"criteria":"cpe:2.3:a:element-it:http_commander:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"68C97791-A439-47CC-B1FD-51200DBF32B1"}]}]}],"references":[{"url":"https://www.element-it.com/news.aspx","source":"cve@mitre.org","tags":["Mitigation","Release Notes","Vendor Advisory"]},{"url":"https://www.element-it.com/news.aspx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-42950","sourceIdentifier":"cve@mitre.org","published":"2022-03-03T03:15:07.023","lastModified":"2026-07-09T01:17:07.530","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Remote Code Execution (RCE) vulnerability exists in Zepl Notebooks all previous versions before October 25 2021. Users can register for an account and are allocated a set number of credits to try the product. Once users authenticate, they can proceed to create a new organization by which additional users can be added for various collaboration abilities, which allows malicious user to create new Zepl Notebooks with various languages, contexts, and deployment scenarios. Upon creating a new notebook with specially crafted malicious code, a user can then launch remote code execution."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en Zepl Notebooks todas las versiones anteriores al 25 de octubre de 2021. Los usuarios pueden registrarse para conseguir una cuenta y les es asignado un número determinado de créditos para probar el producto. Una vez que los usuarios son autenticados, pueden proceder a crear una nueva organización mediante la cual pueden añadirse usuarios adicionales para diversas capacidades de colaboración, permitiendo al usuario malicioso crear nuevos cuadernos Zepl con varios idiomas, contextos y escenarios de despliegue. Al crear un nuevo cuaderno con código malicioso especialmente diseñado, el usuario puede iniciar una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zepl:zepl:*:*:*:*:*:*:*:*","versionEndExcluding":"2021-10-25","matchCriteriaId":"A22A92EB-819B-4755-B6EB-7BA139F7FA69"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/Feb/31","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Feb/31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23327","sourceIdentifier":"cve@mitre.org","published":"2022-03-04T12:15:07.880","lastModified":"2026-07-09T01:17:14.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A design flaw in Go-Ethereum 1.10.12 and older versions allows an attacker node to send 5120 future transactions with a high gas price in one message, which can purge all of pending transactions in a victim node's memory pool, causing a denial of service (DoS)."},{"lang":"es","value":"Un fallo de diseño en Go-Ethereum versiones 1.10.12 y versiones anteriores, permite a un nodo atacante enviar 5120 transacciones futuras con un precio de gas elevado en un solo mensaje, lo que puede purgar todas las transacciones pendientes en el pool de memoria de un nodo víctima, causando una denegación de servicio (DoS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ethereum:go_ethereum:*:*:*:*:*:*:*:*","versionEndIncluding":"1.10.12","matchCriteriaId":"1E13B619-FD43-44BF-88ED-AEE770DFFF0B"}]}]}],"references":[{"url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485369","source":"cve@mitre.org","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://tristartom.github.io/docs/ccs21.pdf","source":"cve@mitre.org","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485369","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://tristartom.github.io/docs/ccs21.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23328","sourceIdentifier":"cve@mitre.org","published":"2022-03-04T12:15:07.930","lastModified":"2026-07-09T01:17:14.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A design flaw in all versions of Go-Ethereum allows an attacker node to send 5120 pending transactions of a high gas price from one account that all fully spend the full balance of the account to a victim Geth node, which can purge all of pending transactions in a victim node's memory pool and then occupy the memory pool to prevent new transactions from entering the pool, resulting in a denial of service (DoS)."},{"lang":"es","value":"Un fallo de diseño en todas las versiones de Go-Ethereum permite que un nodo atacante envíe 5120 transacciones pendientes de un precio de gas elevado desde una cuenta que gaste todo el saldo de la cuenta a un nodo Geth víctima, que puede purgar todas las transacciones pendientes en el pool de memoria de un nodo víctima y luego ocupar el pool de memoria para evitar que entren nuevas transacciones en el pool, resultando en una denegación de servicio (DoS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ethereum:go_ethereum:-:*:*:*:*:*:*:*","matchCriteriaId":"4ABAEF23-8A63-4075-B552-9EE146AF06E8"}]}]}],"references":[{"url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485369","source":"cve@mitre.org","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://tristartom.github.io/docs/ccs21.pdf","source":"cve@mitre.org","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://dl.acm.org/doi/pdf/10.1145/3460120.3485369","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://tristartom.github.io/docs/ccs21.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-18324","sourceIdentifier":"cve@mitre.org","published":"2022-03-04T15:15:08.850","lastModified":"2026-07-09T00:16:51.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en Subrion CMS versión 4.2.1, por medio del parámetro q en la plantilla Kickstart"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"1964CC54-4FD5-44DF-A183-0538C48EA988"}]}]}],"references":[{"url":"https://github.com/hamm0nz/CVE-2020-18324","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hamm0nz/CVE-2020-18324","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-18325","sourceIdentifier":"cve@mitre.org","published":"2022-03-04T15:15:08.903","lastModified":"2026-07-09T00:16:51.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) múltiple en Intelliants Subrion CMS versión v4.2.1 en el panel de Configuración"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"1964CC54-4FD5-44DF-A183-0538C48EA988"}]}]}],"references":[{"url":"https://github.com/hamm0nz/CVE-2020-18325","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hamm0nz/CVE-2020-18325","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-18326","sourceIdentifier":"cve@mitre.org","published":"2022-03-04T15:15:08.947","lastModified":"2026-07-09T00:16:51.433","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross Site Request Forgery (CSRF) en Intelliants Subrion CMS versión v4.2.1, por medio de la función Members administrator, que podría permitir a un usuario remoto malicioso no autenticado enviar una petición autorizada a la víctima y crear con éxito un usuario administrador arbitrario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:intelliants:subrion_cms:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"1964CC54-4FD5-44DF-A183-0538C48EA988"}]}]}],"references":[{"url":"https://github.com/hamm0nz/CVE-2020-18326","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/hamm0nz/CVE-2020-18326","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41657","sourceIdentifier":"cve@mitre.org","published":"2022-03-10T17:44:01.527","lastModified":"2026-07-09T01:17:03.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartBear CodeCollaborator v6.1.6102 was discovered to contain a vulnerability in the web UI which would allow an attacker to conduct a clickjacking attack."},{"lang":"es","value":"Se ha detectado que SmartBear CodeCollaborator versión v6.1.6102, contiene una vulnerabilidad en la interfaz web que permitiría a un atacante realizar un ataque de clickjacking"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1021"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:smartbear:collaborator:6.1.6102:*:*:*:*:*:*:*","matchCriteriaId":"C1B4F022-32B4-4DC4-A283-B50260E78C0A"}]}]}],"references":[{"url":"https://gist.github.com/rvismit/2b1a10a48104e01f575cc948da69df19","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/rvismit/2b1a10a48104e01f575cc948da69df19","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23383","sourceIdentifier":"cve@mitre.org","published":"2022-03-10T17:45:51.847","lastModified":"2026-07-09T01:17:15.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user's personal home page can be realized. It is necessary to judge the user's login status before accessing the personal home page, but the vulnerability can access other users' home pages through the non login status because real authentication is not carried out."},{"lang":"es","value":"YzmCMS versión v6.3, está afectado por un control de acceso roto. Sin el acceso, puede realizarse un acceso no autorizado a la página personal del usuario. Es necesario juzgar el estado de inicio de sesión del usuario antes de acceder a la página de inicio personal, pero la vulnerabilidad puede acceder a las páginas de inicio de otros usuarios mediante el estado de no inicio de sesión porque la autenticación real no es llevada a cabo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yzmcms:yzmcms:6.3:*:*:*:*:*:*:*","matchCriteriaId":"33CDD39A-96DC-4CF3-9CFF-694DF09B47BB"}]}]}],"references":[{"url":"https://down.chinaz.com/soft/37810.htm","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://www.cnvd.org.cn/user/myreport/6499961","source":"cve@mitre.org","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://down.chinaz.com/soft/37810.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://www.cnvd.org.cn/user/myreport/6499961","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24618","sourceIdentifier":"cve@mitre.org","published":"2022-03-10T17:46:23.103","lastModified":"2026-07-09T01:17:18.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heimdal.Wizard.exe installer in Heimdal Premium Security 2.5.395 and earlier has insecure permissions, which allows unprivileged local users to elevate privileges to SYSTEM via the \"Browse For Folder\" window accessible by triggering a \"Repair\" on the MSI package located in C:\\Windows\\Installer."},{"lang":"es","value":"El instalador Heimdal.Wizard.exe en Heimdal Premium Security versiones 2.5.395 y anteriores, presenta permisos inseguros, lo que permite a usuarios locales no privilegiados elevar los privilegios a SYSTEM por medio de la ventana \"Browse For Folder\" accesible al desencadenar un \"Repair\" en el paquete MSI ubicado en C:\\Windows\\Installer"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-281"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:heimdalsecurity:heimdal_premium_security:*:*:*:*:*:*:*:*","versionEndExcluding":"2.5.398","matchCriteriaId":"C3BF1508-D11B-4898-A3E2-D243AB521DD7"}]}]}],"references":[{"url":"https://support.heimdalsecurity.com/hc/en-us/articles/4425942979473-2-5-398-PROD-and-2-5-401-RC","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://support.heimdalsecurity.com/hc/en-us/articles/4425942979473-2-5-398-PROD-and-2-5-401-RC","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24644","sourceIdentifier":"cve@mitre.org","published":"2022-03-10T17:46:23.760","lastModified":"2026-07-09T01:17:18.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ZZ Inc. KeyMouse Windows 3.08 and prior is affected by a remote code execution vulnerability during an unauthenticated update. To exploit this vulnerability, a user must trigger an update of an affected installation of KeyMouse."},{"lang":"es","value":"ZZ Inc. KeyMouse Windows versiones 3.08 y anteriores, está afectado por una vulnerabilidad de ejecución de código remota durante una actualización no autenticada. Para explotar esta vulnerabilidad, un usuario debe desencadenar una actualización de una instalación afectada de KeyMouse"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-494"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zzinc:keymouse_firmware:2.02:*:*:*:*:windows:*:*","matchCriteriaId":"6CC02B3A-2D29-44E6-89F7-5F3967F97C3B"},{"vulnerable":true,"criteria":"cpe:2.3:o:zzinc:keymouse_firmware:3.05:*:*:*:*:windows:*:*","matchCriteriaId":"F63ABA6C-4739-4008-A600-ED192ECC9DE2"},{"vulnerable":true,"criteria":"cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*","matchCriteriaId":"83223AC7-22F3-4FCA-B11B-B769086DCF04"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zzinc:keymouse:-:*:*:*:*:*:*:*","matchCriteriaId":"358799FD-822A-4CDB-9AF0-206D174C7FA5"}]}]}],"references":[{"url":"https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/gerr-re/cve-2022-24644/blob/main/cve-2022-24644_public-advisory.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25090","sourceIdentifier":"cve@mitre.org","published":"2022-03-10T17:47:00.077","lastModified":"2026-07-09T01:17:19.433","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Printix Secure Cloud Print Management through 1.3.1106.0 creates a temporary temp.ini file in a directory with insecure permissions, leading to privilege escalation because of a race condition."},{"lang":"es","value":"Printix Secure Cloud Print Management versión 1.3.1035.0, crea un archivo temporal en el directorio con permisos no seguros"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kofax:printix:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.1106.0","matchCriteriaId":"0FC2CF4F-58C1-4A57-BE07-D8CEA90F53C8"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/166242/Printix-Client-1.3.1106.0-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/167012/Printix-1.3.1106.0-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/ComparedArray/printix-CVE-2022-25090","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50812","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/166242/Printix-Client-1.3.1106.0-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/167012/Printix-1.3.1106.0-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/ComparedArray/printix-CVE-2022-25090","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50812","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-44620","sourceIdentifier":"cve@mitre.org","published":"2022-03-11T16:15:07.980","lastModified":"2026-07-09T01:17:09.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters."},{"lang":"es","value":"Se presenta una vulnerabilidad de Inyección de Comandos en TOTOLINK A3100R versiones anteriores a V4.1.2cu.5050_B20200504 incluyéndola, en el archivo adm/ntm.asp por medio de los parámetros hosTime"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"4.1.2cu.5050_b20200504","matchCriteriaId":"4E2A1131-5E8B-43AF-8104-F8EEF7F1F765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1_9ru2GRZ13T1KQKXPq2E14-opgf9ih45/view?usp=sharing","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/170.html","source":"nvd@nist.gov","tags":["Product","Vendor Advisory"]},{"url":"https://drive.google.com/file/d/1_9ru2GRZ13T1KQKXPq2E14-opgf9ih45/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2021-44087","sourceIdentifier":"cve@mitre.org","published":"2022-03-17T22:15:08.810","lastModified":"2026-07-09T01:17:09.067","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload."},{"lang":"es","value":"Se presenta una vulnerabilidad de Ejecución de Código Remota (RCE) en Sourcecodester Attendance and Payroll System versión v1.0, que permite a un atacante remoto no autenticado cargar un PHP maliciosamente diseñado por medio de una carga de fotos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:attendance_and_payroll_system_project:attendance_and_payroll_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B44212E3-759A-436B-A3B6-48469A83C854"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/50801","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50801","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-44088","sourceIdentifier":"cve@mitre.org","published":"2022-03-17T22:15:08.850","lastModified":"2026-07-09T01:17:09.203","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters."},{"lang":"es","value":"Se presenta una vulnerabilidad de inyección SQL en Sourcecodester Attendance and Payroll System versión v1.0, que permite a un atacante remoto omitir la autenticación por medio de parámetros de inicio de sesión no saneados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:attendance_and_payroll_system_project:attendance_and_payroll_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"B44212E3-759A-436B-A3B6-48469A83C854"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/50802","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50802","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45834","sourceIdentifier":"cve@mitre.org","published":"2022-03-18T11:15:07.917","lastModified":"2026-07-09T01:17:12.160","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution."},{"lang":"es","value":"Un atacante puede subir o transferir archivos de tipos peligrosos al portal OpenDocMan versión 1.4.4, por medio del archivo add.php usando MIME-bypass, que puede ser procesado automáticamente dentro del entorno del producto o conllevar a una ejecución de código arbitrario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opendocman:opendocman:1.4.4:-:*:*:*:*:*:*","matchCriteriaId":"E32B307D-542F-48EC-B7AA-8D7F4CA1A7CA"}]}]}],"references":[{"url":"https://github.com/opendocman/opendocman","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/opendocman/opendocman/issues/326","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/opendocman/opendocman/issues/330","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/opendocman/opendocman","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/opendocman/opendocman/issues/326","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/opendocman/opendocman/issues/330","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25578","sourceIdentifier":"cve@mitre.org","published":"2022-03-18T23:15:07.710","lastModified":"2026-07-09T01:17:20.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file."},{"lang":"es","value":"taocms versión v3.0.2 permite a atacantes ejecutar una inyección de código por medio de una edición arbitraria del archivo .htaccess"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:taogogo:taocms:3.0.2:*:*:*:*:*:*:*","matchCriteriaId":"AA84748C-B58B-4A72-A527-7FF567BACCC2"}]}]}],"references":[{"url":"https://github.com/taogogo/taocms/issues/28","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/taogogo/taocms/issues/28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23345","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.657","lastModified":"2026-07-09T01:17:15.030","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, contiene un control de acceso incorrecto"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23345","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23346","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.700","lastModified":"2026-07-09T01:17:15.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, contiene problemas de control de acceso incorrectos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23346","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23347","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.743","lastModified":"2026-07-09T01:17:15.260","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, es vulnerable a ataques de salto de directorio"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23347","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23348","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.787","lastModified":"2026-07-09T01:17:15.373","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, usa hashes de contraseñas débiles"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-916"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23348","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23349","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.830","lastModified":"2026-07-09T01:17:15.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF)."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23349","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23350","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.873","lastModified":"2026-07-09T01:17:15.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability."},{"lang":"es","value":"Se ha detectado que BigAnt Software BigAnt Server versión v5.6.06, contiene una vulnerabilidad de tipo cross-site scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23350","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-23352","sourceIdentifier":"cve@mitre.org","published":"2022-03-21T20:15:13.917","lastModified":"2026-07-09T01:17:15.720","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS)."},{"lang":"es","value":"Un problema en BigAnt Software BigAnt Server versión v5.6.06, puede conllevar a una Denegación de Servicio (DoS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-23352","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-45756","sourceIdentifier":"cve@mitre.org","published":"2022-03-23T11:15:08.087","lastModified":"2026-07-09T01:17:11.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Asus RT-AC68U <3.0.0.4.385.20633 and RT-AC5300 <3.0.0.4.384.82072 are affected by a buffer overflow in blocking_request.cgi."},{"lang":"es","value":"Asus RT-AC68U  versiones anteriores a 3.0.0.4.385.20633 y RT-AC5300 versiones anteriores a 3.0.0.4.384.82072, están afectados por un desbordamiento de búfer en el archivo blocking_request.cgi"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ac68u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.385.20633","matchCriteriaId":"5A90DC7B-5230-419B-AF00-393F29D3F44A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*","matchCriteriaId":"1E23D00B-76E3-438C-8023-3D7CC6AEEE15"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ac5300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.0.0.4.384.82072","matchCriteriaId":"951C922B-DEE7-4906-AE78-B7353BCA6262"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ac5300:-:*:*:*:*:*:*:*","matchCriteriaId":"55EE62D6-1E29-4E84-8944-D3D68E212140"}]}]}],"references":[{"url":"https://github.com/IBUILI/Asus","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/IBUILI/Asus","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45757","sourceIdentifier":"cve@mitre.org","published":"2022-03-23T11:15:08.203","lastModified":"2026-07-09T01:17:11.377","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASUS AC68U <=3.0.0.4.385.20852 is affected by a buffer overflow in blocking.cgi, which may cause a denial of service (DoS)."},{"lang":"es","value":"ASUS AC68U versiones anteriores a 3.0.0.4.385.20852 incluyéndola,  está afectado por un desbordamiento de búfer en el archivo blocking.cgi, que puede causar una denegación de servicio (DoS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ac68u_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.0.0.4.385.20852","matchCriteriaId":"7CEA4071-F88A-4C41-8501-ECAAE5998C89"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*","matchCriteriaId":"1E23D00B-76E3-438C-8023-3D7CC6AEEE15"}]}]}],"references":[{"url":"https://github.com/IBUILI/Asus","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/IBUILI/Asus","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46064","sourceIdentifier":"cve@mitre.org","published":"2022-03-23T18:15:08.967","lastModified":"2026-07-09T01:17:12.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image."},{"lang":"es","value":"IrfanView versión 4.59, es vulnerable a un desbordamiento del búfer por medio de la función en la dirección 0x413c70 (en la versión de 32 bits del binario). La vulnerabilidad es desencadenada cuando el usuario abre una imagen .tiff maliciosa"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:irfanview:irfanview:4.59:*:*:*:*:*:x86:*","matchCriteriaId":"80A0203D-ACFC-42B5-8925-895BDFC5636B"}]}]}],"references":[{"url":"https://www.irfanview.info/main_history.htm","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.irfanview.info/main_history.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25574","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T16:15:09.420","lastModified":"2026-07-09T01:17:20.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en la función de carga del archivo /admin/show.php permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de un archivo de imagen diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:douco:douphp:1.6:20220216:*:*:*:*:*:*","matchCriteriaId":"0E947DC5-2B79-4BBB-AFEF-FE3EA7EC9E38"}]}]}],"references":[{"url":"https://github.com/aqianhei/aqian/issues/1#issue-1142472278","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/aqianhei/aqian/issues/1#issue-1142472278","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26263","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T17:15:08.800","lastModified":"2026-07-09T01:17:21.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp."},{"lang":"es","value":"Se ha detectado que Yonyou u8 versión v13.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) basada en DOM por medio del componente /u8sl/WebHelp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:u8\\+:13.0:*:*:*:*:*:*:*","matchCriteriaId":"6E5B742E-6590-47BF-B016-1F819412BB16"}]}]}],"references":[{"url":"https://github.com/k0xx11/Vulscve/blob/master/yonyouu8-xss.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product","Vendor Advisory"]},{"url":"https://github.com/k0xx11/Vulscve/blob/master/yonyouu8-xss.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25590","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T19:15:10.637","lastModified":"2026-07-09T01:17:20.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing attackers to login to the system and access data using the browser cache when the user exits the application."},{"lang":"es","value":"Se ha detectado que SurveyKing versión v0.2.0, retiene las cookies de sesión de los usuarios después de cerrar la sesión, lo que permite a atacantes entrar en el sistema y acceder a los datos usando la caché del navegador cuando el usuario sale de la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:surveyking:surveyking:0.2.0:*:*:*:*:*:*:*","matchCriteriaId":"C7ECE4D5-2E50-459A-B3E8-F38E7081EA99"}]}]}],"references":[{"url":"https://github.com/javahuang/SurveyKing","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/javahuang/SurveyKing/issues/7","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/javahuang/SurveyKing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/javahuang/SurveyKing/issues/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25523","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T21:15:09.037","lastModified":"2026-07-09T01:17:20.443","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request."},{"lang":"es","value":"Se ha detectado que TypesetterCMS versión v5.1, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) que es explotada por medio de una petición POST diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:typesettercms:typesetter:5.1:*:*:*:*:*:*:*","matchCriteriaId":"8854262C-8117-46B1-89ED-6CCA36C0474A"}]}]}],"references":[{"url":"https://github.com/Typesetter/Typesetter/issues/697","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.typesettercms.com/User","source":"cve@mitre.org","tags":["Permissions Required","Product"]},{"url":"https://github.com/Typesetter/Typesetter/issues/697","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.typesettercms.com/User","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Product"]}]}},{"cve":{"id":"CVE-2022-26197","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T21:15:09.090","lastModified":"2026-07-09T01:17:21.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Joget DX 7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Datalist table."},{"lang":"es","value":"Se ha detectado que Joget DX 7 contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio de la tabla Datalist"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joget:joget_dx:7.0:*:*:*:*:*:*:*","matchCriteriaId":"2E29D372-6DA0-4F30-B335-1FFF30EF0E36"}]}]}],"references":[{"url":"https://gist.github.com/CrimsonHamster/1aeec6db0d740de6ed4690f6a975f377","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/CrimsonHamster/1aeec6db0d740de6ed4690f6a975f377","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40904","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T23:15:08.187","lastModified":"2026-07-09T01:17:02.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfiguration of the web-app Dokuwiki (installed by default), which allows embedded php code. As a result, remote code execution is achieved. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session by a user with the role of administrator."},{"lang":"es","value":"La consola de administración web de CheckMK Raw Edition (versiones 1.5.0 a 1.6.0) permite una configuración errónea de la web-app Dokuwiki (instalada por defecto), que permite una inserción de código php. Como resultado, es conseguida una ejecución de código remota. Una explotación con éxito requiere el acceso a la interfaz de administración web, ya sea con credenciales válidas o con una sesión secuestrada por un usuario con el rol de administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.6.0","matchCriteriaId":"52593590-1B3F-497C-B1CA-B2395CC7F5FD"}]}]}],"references":[{"url":"https://github.com/Edgarloyola/CVE-2021-40904","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/Edgarloyola/CVE-2021-40904","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40905","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T23:15:08.237","lastModified":"2026-07-09T01:17:02.310","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"The web management console of CheckMK Enterprise Edition (versions 1.5.0 to 2.0.0p9) does not properly sanitise the uploading of \".mkp\" files, which are Extension Packages, making remote code execution possible. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session of a user with administrator role. NOTE: the vendor states that this is the intended behavior: admins are supposed to be able to execute code in this manner."},{"lang":"es","value":"** EN DISTPUTA ** La consola de administración web de CheckMK Enterprise Edition (versiones 1.5.0 a 2.0.0p9) no sanea correctamente la carga de archivos \".mkp\", que son Paquetes de Extensión, haciendo posible una ejecución de código remota. Una explotación con éxito requiere el acceso a la interfaz de administración web, ya sea con credenciales válidas o con una sesión secuestrada de un usuario con rol de administrador. NOTA: el proveedor afirma que este es el comportamiento previsto: se supone que los administradores pueden ejecutar código de esta manera"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tribe29","product":"checkmk","defaultStatus":"unknown","cpes":["cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.0","lessThan":"2.0.0p9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-18T14:50:40.204134Z","id":"CVE-2021-40905","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:-:*:*:*:*:*:*","matchCriteriaId":"F8EDFDCA-0778-4540-B1D5-D3A986258028"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b1:*:*:*:*:*:*","matchCriteriaId":"54031390-D7E7-4A14-AA2F-923768B3685F"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b2:*:*:*:*:*:*","matchCriteriaId":"F1B7E35F-5A07-424E-AA09-AC54104D612B"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b3:*:*:*:*:*:*","matchCriteriaId":"8D4AC302-C8F5-4A2B-A73A-982D0AA2495A"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b4:*:*:*:*:*:*","matchCriteriaId":"7A058C71-C39E-4109-B570-4A061013D033"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b5:*:*:*:*:*:*","matchCriteriaId":"22BCFA79-B3D6-4FFF-A3D3-8C4C97AF17C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b6:*:*:*:*:*:*","matchCriteriaId":"2A1703D9-8EEB-432D-90E2-F847CDC4C204"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b7:*:*:*:*:*:*","matchCriteriaId":"1A4C72BA-6D78-4911-83E4-4DABB2CAC47F"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:b8:*:*:*:*:*:*","matchCriteriaId":"081FD127-1066-4019-B521-9FADB85DBD4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:i1:*:*:*:*:*:*","matchCriteriaId":"C1A4F005-4823-4B2B-B4EF-4EFDB04CFB9B"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p1:*:*:*:*:*:*","matchCriteriaId":"357240B1-F0DA-4FA8-B782-D998951F4B54"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p10:*:*:*:*:*:*","matchCriteriaId":"2F828F54-04E2-4B98-91A7-B09ED833E88B"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p11:*:*:*:*:*:*","matchCriteriaId":"A4B8B300-8264-40AB-A839-7EACB988163B"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p12:*:*:*:*:*:*","matchCriteriaId":"EB76A8DF-C870-482F-A488-DB2917ABD971"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p13:*:*:*:*:*:*","matchCriteriaId":"04947B1B-CF67-4C11-8FE3-6C17FD35E2EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p14:*:*:*:*:*:*","matchCriteriaId":"591AEC3C-2F48-4E91-9881-42EEDD039C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p15:*:*:*:*:*:*","matchCriteriaId":"C5CA04C8-2C80-4C7E-B329-3FFCBEDEE663"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p16:*:*:*:*:*:*","matchCriteriaId":"47A1C5AC-C8B7-495A-A5F4-CD4790358A2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p17:*:*:*:*:*:*","matchCriteriaId":"B87D8B46-5B04-460D-BBA1-BB19234DA19D"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p2:*:*:*:*:*:*","matchCriteriaId":"F1E5549E-3272-478D-85D0-6F53EE731183"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p3:*:*:*:*:*:*","matchCriteriaId":"D884D3AF-7D57-4DF6-82E8-556C35319ED2"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p4:*:*:*:*:*:*","matchCriteriaId":"528BAFA3-ED39-45B5-8C81-A6FD76DDB49B"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p5:*:*:*:*:*:*","matchCriteriaId":"02DA7C50-7360-4679-93A5-92C8DC5E8E46"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p6:*:*:*:*:*:*","matchCriteriaId":"71B49D90-9522-46C6-8948-B9C21CEA473C"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p7:*:*:*:*:*:*","matchCriteriaId":"98C29296-D1F3-45A2-BF0A-22333150F416"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p8:*:*:*:*:*:*","matchCriteriaId":"339226E6-532F-4FE2-A543-6B166A9BA7F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:2.0.0:p9:*:*:*:*:*:*","matchCriteriaId":"986FDFA6-BE12-4268-9B90-F7D469BBE517"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"2.0.0","matchCriteriaId":"564469A7-7D79-40BF-9177-2D95D502AD2F"}]}]}],"references":[{"url":"https://docs.checkmk.com/latest/en/mkps.html","source":"cve@mitre.org"},{"url":"https://github.com/Edgarloyola/CVE-2021-40905","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Edgarloyola/CVE-2021-40905","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40906","sourceIdentifier":"cve@mitre.org","published":"2022-03-25T23:15:08.287","lastModified":"2026-07-09T01:17:02.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. This Reflected XSS allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts) or to steal the session cookies of a user who has previously authenticated via a man in the middle. Successful exploitation requires access to the web service resource without authentication."},{"lang":"es","value":"El software CheckMK Raw Edition (versiones 1.5.0 a 1.6.0) no sanea la entrada de un parámetro de servicio web que está en una zona no autenticada. Este ataque de tipo XSS reflejado permite a un atacante abrir una puerta trasera en el dispositivo con contenido HTML e interpretado por el navegador (como JavaScript u otros scripts del lado del cliente) o robar las cookies de sesión de un usuario que se haya autenticado previamente por medio de un ataque de tipo man in the middle. Una explotación con éxito requiere el acceso al recurso del servicio web sin autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.6.0","matchCriteriaId":"52593590-1B3F-497C-B1CA-B2395CC7F5FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:-:*:*:*:*:*:*","matchCriteriaId":"5D63367A-3B90-462E-B6AD-1CB5721FD45E"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b1:*:*:*:*:*:*","matchCriteriaId":"E5E2E954-B3C3-4CC0-B2C8-0E2BEEC93016"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b10:*:*:*:*:*:*","matchCriteriaId":"1638594A-84F1-44F6-BB30-D4CC73ECDA38"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b12:*:*:*:*:*:*","matchCriteriaId":"7B2757BF-E3B7-487A-8929-0208D3B0D3CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b3:*:*:*:*:*:*","matchCriteriaId":"F01E79D2-EFA4-4A7E-A286-3E86F52B429D"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b4:*:*:*:*:*:*","matchCriteriaId":"D12A6070-0542-4293-AE13-85D4E81E1672"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b5:*:*:*:*:*:*","matchCriteriaId":"6AF633FE-DE7C-4548-9ED2-880E915FC33C"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:b9:*:*:*:*:*:*","matchCriteriaId":"F15190EF-E3F5-4AD1-B748-C0E63C8CB741"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p1:*:*:*:*:*:*","matchCriteriaId":"30F84B89-7EC6-44E6-A164-4C170379D55C"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p10:*:*:*:*:*:*","matchCriteriaId":"DDA94D2F-F27C-4DF6-84AE-8ED1BBC7F61E"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p11:*:*:*:*:*:*","matchCriteriaId":"71CF8EFD-17F6-4D9A-961A-4B949A6C8B61"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p12:*:*:*:*:*:*","matchCriteriaId":"B04DC2A8-CF05-4FB2-AE2F-AE07943B998D"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p13:*:*:*:*:*:*","matchCriteriaId":"1F3BECA6-983C-436E-A635-4E1FB9080E56"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p14:*:*:*:*:*:*","matchCriteriaId":"51A9A2B4-3693-490A-94E2-64E1DB795646"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p15:*:*:*:*:*:*","matchCriteriaId":"C14AB385-8A9F-46FA-A1C5-4A4A45C1B7F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p16:*:*:*:*:*:*","matchCriteriaId":"EC41CC5F-F088-4E65-B076-35665F0F6C7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p19:*:*:*:*:*:*","matchCriteriaId":"EC636B76-B050-4B73-A524-21862B020797"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p2:*:*:*:*:*:*","matchCriteriaId":"D49B1D63-8FDD-45FD-99F0-AA9E4FBCCB00"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p20:*:*:*:*:*:*","matchCriteriaId":"8AFA4AF4-8395-4BBB-BA78-7116AC1DCDE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p21:*:*:*:*:*:*","matchCriteriaId":"5565C1C5-5C23-4449-AB87-49A304382387"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p22:*:*:*:*:*:*","matchCriteriaId":"78320525-F346-4419-81E3-4A47BD17C808"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p23:*:*:*:*:*:*","matchCriteriaId":"EA91018D-DA38-4026-9F47-383F16C85031"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p24:*:*:*:*:*:*","matchCriteriaId":"E8DBEF67-A9AE-46D5-89D0-076CDB1AA06A"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p25:*:*:*:*:*:*","matchCriteriaId":"63E87316-1CB2-4CF4-B379-4284C8C39053"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p3:*:*:*:*:*:*","matchCriteriaId":"9CCE5845-1B77-4E97-B508-41400F4E1F31"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p4:*:*:*:*:*:*","matchCriteriaId":"3FCED94F-7683-40FE-B511-F1F49CDD1F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p5:*:*:*:*:*:*","matchCriteriaId":"0C4E70EC-3D46-40CE-AD59-597EFD721014"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p6:*:*:*:*:*:*","matchCriteriaId":"12E695A8-9A1E-4D7A-AB3B-AAC2CF777773"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p7:*:*:*:*:*:*","matchCriteriaId":"653632A8-E700-404A-ADB2-B3A50253ECB0"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p8:*:*:*:*:*:*","matchCriteriaId":"60733789-DDA3-4819-A9F1-70B76AC715CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:checkmk:checkmk:1.6.0:p9:*:*:*:*:*:*","matchCriteriaId":"D90DBA66-EF97-4CE9-AD4C-3A82F70D2250"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:1.6.0b10:*:*:*:*:*:*:*","matchCriteriaId":"3EE29788-9815-47C5-88CC-039E82348482"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:1.6.0b11:*:*:*:*:*:*:*","matchCriteriaId":"AF943CDA-131A-4951-9281-C0F7711C511B"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:1.6.0p10:*:*:*:*:*:*:*","matchCriteriaId":"2FA770FD-D758-4590-9A6E-5A87E137C53E"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:1.6.0p17:*:*:*:*:*:*:*","matchCriteriaId":"6786541D-CB3B-432D-8D0F-05178237FE4C"},{"vulnerable":true,"criteria":"cpe:2.3:a:tribe29:checkmk:1.6.0p18:*:*:*:*:*:*:*","matchCriteriaId":"E668FDEE-6503-4FF5-BA24-DD84180CB38A"}]}]}],"references":[{"url":"https://github.com/Edgarloyola/CVE-2021-40906","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Edgarloyola/CVE-2021-40906","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26258","sourceIdentifier":"cve@mitre.org","published":"2022-03-28T00:15:07.813","lastModified":"2026-07-09T13:57:20.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-820L 1.05B03 was discovered to contain remote command execution (RCE) vulnerability via HTTP POST to get set ccp."},{"lang":"es","value":"Se ha detectado que D-Link DIR-820L versión 1.05B03, contiene una vulnerabilidad de ejecución de comandos remota (RCE) por medio del parámetro Device Name en el archivo /lan.asp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T16:35:38.949282Z","id":"CVE-2022-26258","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2022-09-08","cisaActionDue":"2022-09-29","cisaRequiredAction":"The impacted product is end-of-life and should be disconnected if still in use.","cisaVulnerabilityName":"D-Link DIR-820L Remote Code Execution Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-820l_firmware:1.05b03:*:*:*:*:*:*:*","matchCriteriaId":"5195E86A-22A4-412B-B22C-614A68942FB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-820l:-:*:*:*:*:*:*:*","matchCriteriaId":"88CE60CD-DCDA-43E0-80A9-257557EDBC29"}]}]}],"references":[{"url":"https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0","source":"cve@mitre.org","tags":["Broken Link","Exploit","Third Party Advisory"]},{"url":"https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Not Applicable","Vendor Advisory"]},{"url":"https://github.com/skyedai910/Vuln/tree/master/DIR-820L/command_execution_0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit","Third Party Advisory"]},{"url":"https://github.com/zhizhuoshuma/cve_info_data/blob/ccaed4b94ba762eb8a8e003bfa762a7754b8182e/Vuln/Vuln/DIR-820L/command_execution_0/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26258","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2022-25521","sourceIdentifier":"cve@mitre.org","published":"2022-03-29T01:15:07.257","lastModified":"2026-07-09T01:17:20.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NUUO v03.11.00 was discovered to contain access control issue."},{"lang":"es","value":"Se ha detectado que NUUO v03.11.00 contiene un problema de control de acceso."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nuuo:network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0","matchCriteriaId":"F989565D-ACC2-4B12-AB27-C8FFB382FB0C"}]}]}],"references":[{"url":"https://medium.com/@dnyaneshgawande111/use-of-default-credentials-to-unauthorised-remote-access-of-internal-panel-of-network-video-5490d107fa0","source":"cve@mitre.org"},{"url":"https://medium.com/%40dnyaneshgawande111/use-of-default-credentials-to-unauthorised-remote-access-of-internal-panel-of-network-video-5490d107fa0","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-26244","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T00:15:09.100","lastModified":"2026-07-09T01:17:21.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in Hospital Patient Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the \"special\" field."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en Hospital Patient Record Management System versión v1.0, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el campo \"special\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hospital\\'s_patient_records_management_system_project:hospital\\'s_patient_records_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3011401D-C3D0-4138-BF2C-5361743ECEB7"}]}]}],"references":[{"url":"https://github.com/kishan0725/Hospital-Management-System/issues/23","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/kishan0725/Hospital-Management-System/issues/23","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46006","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:07.780","lastModified":"2026-07-09T01:17:12.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Totolink A3100R V5.9c.4577, \"test.asp\" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication."},{"lang":"es","value":"En Totolink A3100R versión V5.9c.4577, \"test.asp\" contiene una función tipo API, que no está autenticada. Usando esta función, un atacante puede configurar múltiples ajustes sin autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:5.9c.4577:*:*:*:*:*:*:*","matchCriteriaId":"393F2623-291A-4E8B-80D6-D40193EE045A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://hackmd.io/vS-OfUEzSqqKh8e1PKce5A","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/vS-OfUEzSqqKh8e1PKce5A","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46007","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:07.823","lastModified":"2026-07-09T01:17:12.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the \"ping\" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks."},{"lang":"es","value":"totolink a3100r versión V5.9c.4577, es vulnerable a una inyección de comandos del sistema operativo. El backend de una página está ejecutando el comando \"ping\", y el campo de entrada no filtra apropiadamente los símbolos especiales. Esto puede conllevar a ataques de inyección de comandos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:ar3100r_firmware:5.9c.4577:*:*:*:*:*:*:*","matchCriteriaId":"8DA62B2B-F7FA-47DC-BC42-8F373DE2B06F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:ar3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"E7F2B0A7-D451-4B77-972F-1438A616E4C1"}]}]}],"references":[{"url":"https://hackmd.io/t_nRWxS2Q2O7GV2E5BhQMg","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/t_nRWxS2Q2O7GV2E5BhQMg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46008","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:07.863","lastModified":"2026-07-09T01:17:12.527","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on."},{"lang":"es","value":"En totolink a3100r versión V5.9c.4577, la contraseña de telnet embebida puede ser detectada desde el firmware oficial liberado. Un atacante, que ha sido conectado a Wi-Fi, puede fácilmente telnet en el objetivo con la shell root si el telnet es la función habilitada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:M/Au:N/C:C/I:C/A:C","baseScore":7.9,"accessVector":"ADJACENT_NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":5.5,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:5.9c.4577:*:*:*:*:*:*:*","matchCriteriaId":"393F2623-291A-4E8B-80D6-D40193EE045A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://hackmd.io/ZkeEB-VvRiWBS53rFKG8DQ","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/ZkeEB-VvRiWBS53rFKG8DQ","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46009","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:07.907","lastModified":"2026-07-09T01:17:12.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies."},{"lang":"es","value":"En Totolink A3100R Versión 5.9c.4577, varias páginas pueden ser leídas por curl o Burp Suite sin autenticación. Además, pueden establecerse configuraciones de administración sin cookies"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:5.9c.4577:*:*:*:*:*:*:*","matchCriteriaId":"393F2623-291A-4E8B-80D6-D40193EE045A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://hackmd.io/-riYp6Q-ReCx-dKKWFBTLg","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/-riYp6Q-ReCx-dKKWFBTLg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-46010","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:07.947","lastModified":"2026-07-09T01:17:12.757","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations."},{"lang":"es","value":"Totolink A3100R versión V5.9c.4577, sufre de Uso de Valores Insuficientemente Aleatorios por medio de la configuración web. El SESSION_ID es predecible. Un atacante puede secuestrar una sesión válida y realizar más operaciones maliciosas"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-330"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:5.9c.4577:*:*:*:*:*:*:*","matchCriteriaId":"393F2623-291A-4E8B-80D6-D40193EE045A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://hackmd.io/Ynwm8NnQSiK0xm7QKuNteg","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hackmd.io/Ynwm8NnQSiK0xm7QKuNteg","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26644","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:08.133","lastModified":"2026-07-09T01:17:22.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Banking System Protect v1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via parameters on user profile, system_info and accounts management."},{"lang":"es","value":"Se ha detectado que Online Banking System Protect versión v1.0, contiene múltiples vulnerabilidades de tipo cross-site scripting (XSS) por medio de parámetros en el perfil de usuario, system_info y administración de cuentas"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:banking_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"CFDE794F-D1DC-430A-9036-E485B528C68A"}]}]}],"references":[{"url":"https://github.com/erik-451/CVE/tree/main/CVE-2022-26644","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/erik-451/CVE/tree/main/CVE-2022-26644","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26645","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:08.173","lastModified":"2026-07-09T01:17:22.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote code execution (RCE) vulnerability in Online Banking System Protect v1.0 allows attackers to execute arbitrary code via a crafted PHP file uploaded through the Upload Image function."},{"lang":"es","value":"Una vulnerabilidad de ejecución de código remota (RCE) en Online Banking System Protect versión v1.0, permite a atacantes ejecutar código arbitrario por medio de un archivo PHP diseñado cargado a mediante la función Upload Image"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:banking_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"CFDE794F-D1DC-430A-9036-E485B528C68A"}]}]}],"references":[{"url":"https://github.com/erik-451/CVE/tree/main/CVE-2022-26645","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/erik-451/CVE/tree/main/CVE-2022-26645","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26646","sourceIdentifier":"cve@mitre.org","published":"2022-03-30T23:15:08.213","lastModified":"2026-07-09T01:17:23.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter."},{"lang":"es","value":"Se ha detectado que Online Banking System Protect versión v1.0, contiene una vulnerabilidad de inclusión de archivos locales (LFI) por medio del parámetro pages"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:banking_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"CFDE794F-D1DC-430A-9036-E485B528C68A"}]}]}],"references":[{"url":"https://github.com/erik-451/CVE/blob/main/CVE-2022-26646/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/erik-451/CVE/blob/main/CVE-2022-26646/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42868","sourceIdentifier":"cve@mitre.org","published":"2022-03-31T18:15:08.723","lastModified":"2026-07-09T01:17:06.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. ."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en Chikista Patient Management Software versión 2.0.2, en el parámetro first_name en las páginas (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, y (5) bill_detail_report"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chikitsa:patient_management_software:2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"716568CC-78CB-4C11-9294-3FF5B56101BF"}]}]}],"references":[{"url":"http://rlsec.xyz/vulns/CVE_2021_42868.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://rlsec.xyz/vulns/CVE_2021_42868.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26281","sourceIdentifier":"cve@mitre.org","published":"2022-04-05T02:15:07.433","lastModified":"2026-07-09T01:17:21.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BigAnt Server v5.6.06 was discovered to contain an incorrect access control issue."},{"lang":"es","value":"Se ha detectado que BigAnt Server versión v5.6.06, contiene un problema de control de acceso incorrecto"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"},{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:*","matchCriteriaId":"2BDCB0A6-2F15-491E-BAA9-07C8B8E2D05E"}]}]}],"references":[{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/bzyo/cve-pocs/tree/master/CVE-2022-26281","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bigantsoft.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-26250","sourceIdentifier":"cve@mitre.org","published":"2022-04-06T01:15:07.020","lastModified":"2026-07-09T01:17:21.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges."},{"lang":"es","value":"Se ha detectado que Synaman versiones v5.1 y anteriores, contiene permisos de archivo débiles que permiten a atacantes autenticados escalar privilegios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synametrics:synaman:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1","matchCriteriaId":"E8769D9F-7AB8-4F70-B6EF-0836735A5A7E"}]}]}],"references":[{"url":"https://www.bencteux.fr/posts/synaman/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bencteux.fr/posts/synaman/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26251","sourceIdentifier":"cve@mitre.org","published":"2022-04-06T01:15:07.063","lastModified":"2026-07-09T01:17:21.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The HTTP interface of Synaman v5.1 and below was discovered to allow authenticated attackers to execute arbitrary code and escalate privileges."},{"lang":"es","value":"Se ha detectado que la interfaz HTTP de Synaman versiones v5.1 y anteriores permite a atacantes autenticados ejecutar código arbitrario y escalar privilegios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:synametrics:synaman:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1","matchCriteriaId":"E8769D9F-7AB8-4F70-B6EF-0836735A5A7E"}]}]}],"references":[{"url":"https://www.bencteux.fr/posts/synaman/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bencteux.fr/posts/synaman/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26607","sourceIdentifier":"cve@mitre.org","published":"2022-04-06T21:15:07.880","lastModified":"2026-07-09T01:17:22.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote code execution (RCE) vulnerability in baigo CMS v3.0-alpha-2 was discovered to allow attackers to execute arbitrary code via uploading a crafted PHP file."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de ejecución de código remota (RCE) en baigo CMS versión v3.0-alpha-2, que permite a atacantes ejecutar código arbitrario por medio de la carga de un archivo PHP diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:baigo:baigo_cms:3.0:alpha2:*:*:*:*:*:*","matchCriteriaId":"F1C71397-B54E-495B-A20B-018C4FB668FB"}]}]}],"references":[{"url":"https://github.com/baigoStudio/baigoCMS/","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoCMS/issues/9","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoCMS/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/baigoStudio/baigoCMS/issues/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27373","sourceIdentifier":"cve@mitre.org","published":"2022-04-07T02:15:06.993","lastModified":"2026-07-09T01:16:41.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE."},{"lang":"es","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 versión 1.2.1, es vulnerable a una transmisión de comandos de texto plano a través de BLE"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:C/I:C/A:C","baseScore":8.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.5,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:drtrustusa:icheck_connect_bp_monitor_bp_testing_118_firmware:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"EA80DA4C-D5C1-4056-86F7-2115CACD51D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:drtrustusa:icheck_connect_bp_monitor_bp_testing_118:-:*:*:*:*:*:*:*","matchCriteriaId":"64542755-F20D-4875-AB9D-E1CE235D1A4A"}]}]}],"references":[{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"cve@mitre.org","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27374","sourceIdentifier":"cve@mitre.org","published":"2022-04-07T02:15:07.050","lastModified":"2026-07-09T01:16:41.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring."},{"lang":"es","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing versión 118 versión 1.2.1, es vulnerable a un ataque de repetición a la monitorización de la PA"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:M/Au:N/C:C/I:C/A:C","baseScore":7.9,"accessVector":"ADJACENT_NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":5.5,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-294"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:drtrustusa:icheck_connect_bp_monitor_bp_testing_118_firmware:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"EA80DA4C-D5C1-4056-86F7-2115CACD51D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:drtrustusa:icheck_connect_bp_monitor_bp_testing_118:-:*:*:*:*:*:*:*","matchCriteriaId":"64542755-F20D-4875-AB9D-E1CE235D1A4A"}]}]}],"references":[{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"cve@mitre.org","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27375","sourceIdentifier":"cve@mitre.org","published":"2022-04-07T02:15:07.093","lastModified":"2026-07-09T01:16:41.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars."},{"lang":"es","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 versión 1.2.1, es vulnerable a la transmisión de peticiones de escritura y caracteres"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:N/I:P/A:N","baseScore":3.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.5,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:drtrustusa:icheck_connect_bp_monitor_bp_testing_118_firmware:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"EA80DA4C-D5C1-4056-86F7-2115CACD51D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:drtrustusa:icheck_connect_bp_monitor_bp_testing_118:-:*:*:*:*:*:*:*","matchCriteriaId":"64542755-F20D-4875-AB9D-E1CE235D1A4A"}]}]}],"references":[{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"cve@mitre.org","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27376","sourceIdentifier":"cve@mitre.org","published":"2022-04-07T02:15:07.137","lastModified":"2026-07-09T01:16:41.660","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication."},{"lang":"es","value":"Dr Trust USA iCheck Connect BP Monitor BP Testing 118 versión 1.2.1, es vulnerable a una falta de autenticación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:C/I:C/A:C","baseScore":8.3,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.5,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:drtrustusa:icheck_connect_bp_monitor_bp_testing_118_firmware:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"EA80DA4C-D5C1-4056-86F7-2115CACD51D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:drtrustusa:icheck_connect_bp_monitor_bp_testing_118:-:*:*:*:*:*:*:*","matchCriteriaId":"64542755-F20D-4875-AB9D-E1CE235D1A4A"}]}]}],"references":[{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"cve@mitre.org","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drtrust.in/collections/dr-trust-blood-pressure-testing/products/dr-trust-usa-icheck-connect-bp-monitor","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://nvermaa.medium.com/cve-on-radio-technology-d-4b65efa1ba5c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43432","sourceIdentifier":"cve@mitre.org","published":"2022-04-07T19:15:07.917","lastModified":"2026-07-09T01:17:08.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross Site Scripting (XSS) vulnerability exists in Exrick XMall Admin Panel as of 11/7/2021 via the GET parameter in product-add.jsp."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo Cross Site Scripting (XSS) en el panel de administración de Exrick XMall a partir de 11/7/2021, por medio del parámetro GET en el archivo product-add.jsp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:exrick:xmall:*:*:*:*:*:*:*:*","versionEndIncluding":"2021-11-07","matchCriteriaId":"3B416793-C944-4141-8B2D-889A9FEA3323"}]}]}],"references":[{"url":"https://github.com/Exrick/xmall","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L38","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L4","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Exrick/xmall","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L38","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/Exrick/xmall/blob/b146cceb21ca42d4237f31dbd7af5ced49048a56/xmall-manager-web/src/main/webapp/WEB-INF/jsp/product-add.jsp#L4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40219","sourceIdentifier":"cve@mitre.org","published":"2022-04-11T17:15:08.027","lastModified":"2026-07-09T01:17:01.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bolt CMS <= 4.2 is vulnerable to Remote Code Execution. Unsafe theme rendering allows an authenticated attacker to edit theme to inject server-side template injection that leads to remote code execution."},{"lang":"es","value":"Bolt CMS versiones anteriores a 4.2 incluyéndola, es vulnerable a una ejecución de código remota. El renderizado no seguro del tema permite a un atacante autenticado editar el tema para inyectar la plantilla del lado del servidor que conlleva a una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bolt:bolt_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"4.2.0","matchCriteriaId":"998626F9-F8CB-4213-9684-CC852F3C37FA"}]}]}],"references":[{"url":"https://github.com/bolt/core","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/bolt/core/blob/3b21a73ebf519b76756d3ad2841312d10ef11461/src/Controller/Frontend/TemplateController.php","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/iiSiLvEr/CVEs/tree/main/CVE-2021-40219","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/bolt/core","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/bolt/core/blob/3b21a73ebf519b76756d3ad2841312d10ef11461/src/Controller/Frontend/TemplateController.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/iiSiLvEr/CVEs/tree/main/CVE-2021-40219","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27260","sourceIdentifier":"cve@mitre.org","published":"2022-04-12T17:15:09.930","lastModified":"2026-07-09T01:17:23.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the file upload component of ButterCMS v1.2.8 allows attackers to execute arbitrary code via a crafted SVG file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitraria en el componente de carga de archivos de ButterCMS versión v1.2.8 permite a atacantes ejecutar código arbitrario por medio de un archivo SVG diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:buttercms:buttercms:1.2.8:*:*:*:*:node.js:*:*","matchCriteriaId":"62442801-B6C4-40FF-AE5D-B7FCECF24C8E"}]}]}],"references":[{"url":"https://github.com/ButterCMS/buttercms-js","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://share.getcloudapp.com/nOuR70WB","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=Tw8OhtVd-mE","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ButterCMS/buttercms-js","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://share.getcloudapp.com/nOuR70WB","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=Tw8OhtVd-mE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27262","sourceIdentifier":"cve@mitre.org","published":"2022-04-12T17:15:10.017","lastModified":"2026-07-09T01:17:23.537","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the file upload module of Skipper v0.9.1 allows attackers to execute arbitrary code via a crafted file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitraria en el módulo de carga de archivos de Skipper versión v0.9.1, permite a atacantes ejecutar código arbitrario por medio de un archivo diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sailsjs:skipper:0.9.1:*:*:*:*:node.js:*:*","matchCriteriaId":"D00424B7-FF75-46D0-A3F7-90D6B7BFAF25"}]}]}],"references":[{"url":"https://www.youtube.com/watch?v=cA7G2kidTF4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=cA7G2kidTF4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28397","sourceIdentifier":"cve@mitre.org","published":"2022-04-12T17:15:10.730","lastModified":"2026-07-09T01:17:25.580","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this is intentional."},{"lang":"es","value":"** EN DISPUTA ** Una vulnerabilidad de carga de archivos arbitraria en el módulo de carga de archivos de Ghost CMS versión v4.42.0, permite a atacantes ejecutar código arbitrario por medio de un archivo diseñado. NOTA: Según la documentación de seguridad de Ghost, los archivos sólo pueden ser cargados y publicados por usuarios de confianza, esto es intencional"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ghost:ghost:4.42.0:*:*:*:*:node.js:*:*","matchCriteriaId":"0C5928ED-7E55-4771-A0A5-6ED78480552D"}]}]}],"references":[{"url":"https://ghost.org/customers/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://ghost.org/docs/security/#privilege-escalation-attacks","source":"cve@mitre.org"},{"url":"https://github.com/TryGhost/Ghost","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://trends.builtwith.com/cms/Ghost","source":"cve@mitre.org","tags":["Product"]},{"url":"https://youtu.be/PncfBetPk2g","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://ghost.org/customers/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://ghost.org/docs/security/#privilege-escalation-attacks","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/TryGhost/Ghost","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://trends.builtwith.com/cms/Ghost","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://youtu.be/PncfBetPk2g","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26643","sourceIdentifier":"cve@mitre.org","published":"2022-04-13T14:15:09.373","lastModified":"2026-07-09T01:17:22.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application."},{"lang":"es","value":"Un problema en EasyIO CPT Graphics versión v0.8, permite a atacantes detectar usuarios válidos en la aplicación"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:johnsoncontrols:easyio_cpt_graphics:0.8:*:*:*:*:*:*:*","matchCriteriaId":"5C472777-1DE0-4529-91E5-5486F43CE58E"}]}]}],"references":[{"url":"https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/rvismit/3fd33b47a753e1b7065421f42b2dd496","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26594","sourceIdentifier":"cve@mitre.org","published":"2022-04-15T16:15:07.820","lastModified":"2026-07-09T01:17:22.227","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.5 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allow remote attackers to inject arbitrary web script or HTML via a form field's help text to (1) Forms module's form builder, or (2) App Builder module's object form view's form builder."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en Liferay Portal versiones 7.3.5 hasta 7.4.0 y Liferay DXP versiones 7.3 anteriores a service pack 3, permiten a atacantes remotos inyectar script web o HTML arbitrario por medio del texto de ayuda de un campo de formulario en (1) el constructor de formularios del módulo Forms, o (2) el constructor de formularios de la vista de formularios de objetos del módulo App Builder"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.5","versionEndExcluding":"7.3.7","matchCriteriaId":"AB6925E4-FA62-46FB-ABAA-EAA5B7A4D409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D77AE89B-3769-4AEC-AF7B-00AAE3F345F9"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26594-xss-vulnerability-with-form-field-help-text","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26594-xss-vulnerability-with-form-field-help-text","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-26593","sourceIdentifier":"cve@mitre.org","published":"2022-04-19T13:15:08.393","lastModified":"2026-07-09T01:17:22.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el selector de categorías de activos del módulo Asset en Liferay Portal versiones 7.3.3 hasta 7.4.0, y Liferay DXP versiones 7.3 anteriores al Service Pack 3 permite a atacantes remotos inyectar scripts web arbitrarios o HTML arbitrarios por medio del nombre de una categoría de activos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"EF5BFC45-3970-43D5-A064-D8785677E26C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"324BB977-5AAC-4367-98FC-605FF4997B3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.3","versionEndExcluding":"7.3.7","matchCriteriaId":"B1374F32-A990-4892-BF5F-E80D2B54E760"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D77AE89B-3769-4AEC-AF7B-00AAE3F345F9"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26593-stored-xss-with-category-name-in-asset-categories-selector","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26593-stored-xss-with-category-name-in-asset-categories-selector","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-26595","sourceIdentifier":"cve@mitre.org","published":"2022-04-19T13:15:08.443","lastModified":"2026-07-09T01:17:22.353","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI."},{"lang":"es","value":"Liferay Portal versiones 7.3.7, 7.4.0, y 7.4.1, y Liferay DXP versiones 7.2 fix pack 13, y 7.3 fix pack 2 no comprueban apropiadamente los permisos de usuarios cuando acceden a una lista de sitios/grupos, lo que permite a usuarios remotos autenticados visualizar sitios/grupos por medio de la UI de asignación de miembros del sitio del usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"324BB977-5AAC-4367-98FC-605FF4997B3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.7:*:*:*:*:*:*:*","matchCriteriaId":"174B6D58-FBEA-4D06-8FBA-DE08B0DC6111"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D77AE89B-3769-4AEC-AF7B-00AAE3F345F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.4.1:*:*:*:*:*:*:*","matchCriteriaId":"2A59A2D6-8E6C-4436-B1CC-D99C6A539E69"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26595-unauthorized-access-to-site-group-list","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-26595-unauthorized-access-to-site-group-list","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-27405","sourceIdentifier":"cve@mitre.org","published":"2022-04-22T14:15:09.483","lastModified":"2026-07-09T01:17:23.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request."},{"lang":"es","value":"Se ha detectado que el commit 53dfdcd8198d2b3201a23c4bad9190519ba918db de FreeType contenía una violación de segmentación por medio de la función FNT_Size_Request"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*","versionEndExcluding":"2.12.0","matchCriteriaId":"AE181DF7-C86E-495B-8CBC-DEA63DD8F647"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","matchCriteriaId":"A930E247-0B43-43CB-98FF-6CE7B8189835"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202402-06","source":"cve@mitre.org"},{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202402-06","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-27406","sourceIdentifier":"cve@mitre.org","published":"2022-04-22T14:15:09.537","lastModified":"2026-07-09T01:17:23.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size."},{"lang":"es","value":"Se ha detectado que el commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 de FreeType contenía una violación de segmentación por medio de la función FT_Request_Size"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freetype:freetype:*:*:*:*:*:*:*:*","versionEndExcluding":"2.12.0","matchCriteriaId":"AE181DF7-C86E-495B-8CBC-DEA63DD8F647"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*","matchCriteriaId":"A930E247-0B43-43CB-98FF-6CE7B8189835"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","matchCriteriaId":"80E516C0-98A4-4ADE-B69F-66A772E2BAAA"},{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*","matchCriteriaId":"5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/","source":"cve@mitre.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/","source":"cve@mitre.org"},{"url":"https://security.gentoo.org/glsa/202402-06","source":"cve@mitre.org"},{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EFPNRKDLCXHZVYYQLQMP44UHLU32GA6Z/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FDU2FOEMCEF6WVR6ZBIH5MT5O7FAK6UP/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IWQ7IB2A75MEHM63WEUXBYEC7OR5SGDY/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYVC2NPKKXKP3TWJWG4ONYWNO6ZPHLA5/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TCEMWCM46PKM4U5ENRASPKQD6JDOLKRU/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/202402-06","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-36460","sourceIdentifier":"cve@mitre.org","published":"2022-04-25T13:15:49.330","lastModified":"2026-07-09T01:16:57.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"VeryFitPro (com.veryfit2hr.second) 3.2.8 hashes the account's password locally on the device and uses the hash to authenticate in all communication with the backend API, including login, registration and changing of passwords. This allows an attacker in possession of a hash to takeover a user's account, rendering the benefits of storing hashed passwords in the database useless."},{"lang":"es","value":"VeryFitPro (com.veryfit2hr.second) versión 3.2.8, cifra la contraseña de la cuenta localmente en el dispositivo y usa el hash para autenticar en toda la comunicación con la API del backend, incluyendo el inicio de sesión, el registro y el cambio de contraseñas. Esto permite a un atacante en posesión del hash tomar el control de la cuenta de un usuario, haciendo inútiles las ventajas de almacenar las contraseñas con hash en la base de datos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:veryfitpro_project:veryfitpro:*:*:*:*:*:android:*:*","versionEndIncluding":"3.3.7","matchCriteriaId":"C0FAAA0B-DCD4-44BA-8159-0FF7BFC5A670"},{"vulnerable":true,"criteria":"cpe:2.3:a:veryfitpro_project:veryfitpro:*:*:*:*:*:iphone_os:*:*","versionEndIncluding":"3.3.7","matchCriteriaId":"7CB1B977-9AD4-40EC-8B44-91D4CDF59436"}]}]}],"references":[{"url":"http://www.i-doo.cn","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/martinfrancois/CVE-2021-36460","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"http://www.i-doo.cn","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/martinfrancois/CVE-2021-36460","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28093","sourceIdentifier":"cve@mitre.org","published":"2022-04-25T15:15:49.783","lastModified":"2026-07-09T01:17:25.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file."},{"lang":"es","value":"Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de inclusión de archivos locales que permite a atacantes ejecutar código arbitrario por medio de un archivo PHP diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:online_sports_complex_booking_system_project:online_sports_complex_booking_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"00415476-84C5-4550-8F60-97134E10B1E5"}]}]}],"references":[{"url":"https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20File%20Inclusion.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20File%20Inclusion.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28094","sourceIdentifier":"cve@mitre.org","published":"2022-04-25T15:15:49.837","lastModified":"2026-07-09T01:17:25.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the fid parameter at booking.php."},{"lang":"es","value":"Se ha detectado que SCBS Online Sports Venue Reservation System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro fid en el archivo booking.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:online_sports_complex_booking_system_project:online_sports_complex_booking_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"00415476-84C5-4550-8F60-97134E10B1E5"}]}]}],"references":[{"url":"https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20Self-XSS.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/wkeyi0x1/vul-report/blob/main/SCBS%20online%20sports%20venue%20reservation%20system/SCBS%20online%20sports%20venue%20reservation%20system%20v1.0%20-%20Self-XSS.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15236/online-sports-complex-booking-system-phpmysql-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26596","sourceIdentifier":"cve@mitre.org","published":"2022-04-25T16:16:09.067","lastModified":"2026-07-09T01:17:22.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Journal module's web content display configuration page in Liferay Portal 7.1.0 through 7.3.3, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 8, allows remote attackers to inject arbitrary web script or HTML via web content template names."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la página de configuración de visualización de contenido web del módulo Journal en Liferay Portal versiones 7.1.0 hasta 7.3.3, y Liferay DXP versiones 7.0 anteriores al paquete de correcciones 94, versiones 7.1 anteriores al paquete de correcciones 19, y versiones 7.2 anteriores al paquete de correcciones 8, permite a atacantes remotos inyectar scripts web o HTML arbitrarios por medio de los nombres de las plantillas de contenido web"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"6F20D93D-7FB2-4D5F-9249-4DECDE473C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"CF0821E5-B6E5-44E6-9CF7-77EAE982F677"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"1B24B6A1-8439-49D6-8E78-193144F3DCC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"7E82A6CC-891C-4619-84EA-0DA96E4043C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"FE1A8781-6B16-4D37-B556-36B99CBCA9F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"3EE11B43-1629-4A22-BE88-0AFB2DFC528C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"10FC6F33-C031-40A4-AFAF-B5CF30F79E52"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"99B99578-CACE-47D2-9C1E-A7BBD2B6F6EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"950D98A8-88EE-4C99-817B-C418071B2819"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"F86FF50F-B21A-4B6E-88B8-90D0C042E942"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"CE0E1891-6E76-4069-B412-43B5E5379E0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"404F5FFE-2758-452F-9297-40E0533C6FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"3F5B7E72-8D62-464A-AA82-CBE2625C7687"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"4FA67C68-3E8E-4383-967F-A1FA55AE4897"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_29:*:*:*:*:*:*","matchCriteriaId":"88A5CBCE-2BAE-44C7-A7BF-BC30C89839BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_31:*:*:*:*:*:*","matchCriteriaId":"89B4F926-5018-4C50-9569-A92BEA6364A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_32:*:*:*:*:*:*","matchCriteriaId":"863C4DBB-9BA2-4A13-8394-08AC500D552A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_34:*:*:*:*:*:*","matchCriteriaId":"54CA9915-54C2-4E7F-85AF-781CA0A63A9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_37:*:*:*:*:*:*","matchCriteriaId":"C2A29CA0-66CB-4ED9-87B3-57A1C04F59F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_38:*:*:*:*:*:*","matchCriteriaId":"2BFC882E-25C2-46A3-A0DA-A779399A3A30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"D4094372-E950-4DE0-86D2-CE7F214FD3A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"D35916F1-24AA-4BF3-8B1F-2361C5B815D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_55:*:*:*:*:*:*","matchCriteriaId":"B2C29B11-D87B-4D78-9D42-AD528C811080"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"EDEE4B40-889C-472E-AA91-7E1B4314EE64"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_62:*:*:*:*:*:*","matchCriteriaId":"52C5C76D-2572-4ADF-B7E4-7B3444935658"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_63:*:*:*:*:*:*","matchCriteriaId":"9ABFC91A-7A8D-4A08-9464-F534BAA69B4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"3867FDAA-354E-4D2F-A260-27F31CA44C8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_74:*:*:*:*:*:*","matchCriteriaId":"3BA69ED9-28FA-40B5-84F9-0FFE40DFC675"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_77:*:*:*:*:*:*","matchCriteriaId":"CE4885B1-F912-4D06-8179-830FC011F3F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"A89B7EE4-57FD-4B09-841A-ABC9990FF88F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"655A3A6A-A3EB-4864-B64D-2319E5CF7DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndIncluding":"7.3.3","matchCriteriaId":"C6772278-8079-406E-8731-EAAA6183E41C"}]}]}],"references":[{"url":"https://liferay.dev/w/cve-2022-26596-stored-xss-with-template-name","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2022-26597","sourceIdentifier":"cve@mitre.org","published":"2022-04-25T16:16:09.113","lastModified":"2026-07-09T00:17:03.543","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Layout module's Open Graph integration in Liferay Portal 7.3.0 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the site name."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en la integración de Open Graph del módulo Layout en Liferay Portal 7.3.0 hasta 7.4.0, y Liferay DXP 7.3 antes del service pack 3 permite a atacantes remotos inyectar script web o HTML arbitrario por medio del nombre del sitio"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"EF5BFC45-3970-43D5-A064-D8785677E26C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"324BB977-5AAC-4367-98FC-605FF4997B3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndIncluding":"7.4.0","matchCriteriaId":"52877E3A-4E07-4B14-BABC-B70266FEFEDE"}]}]}],"references":[{"url":"https://liferay.dev/w/cve-2022-26597-stored-xss-with-site-name-in-open-graph-integration","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2022-27984","sourceIdentifier":"cve@mitre.org","published":"2022-04-26T14:15:41.557","lastModified":"2026-07-09T01:17:24.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php."},{"lang":"es","value":"Se ha detectado que CuppaCMS versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro menu_filter en el archivo /administrator/templates/default/html/windows/right.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:*","matchCriteriaId":"983E1279-93C7-47D9-9AC8-EFB6D57B92E7"}]}]}],"references":[{"url":"https://github.com/CuppaCMS/CuppaCMS/issues/30","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cuppacms.com/","source":"nvd@nist.gov","tags":["Product"]},{"url":"https://github.com/CuppaCMS/CuppaCMS/issues/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27985","sourceIdentifier":"cve@mitre.org","published":"2022-04-26T14:15:41.763","lastModified":"2026-07-09T01:17:24.763","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php."},{"lang":"es","value":"Se ha detectado que CuppaCMS versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del archivo /administrator/alerts/alertLightbox.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:*","matchCriteriaId":"983E1279-93C7-47D9-9AC8-EFB6D57B92E7"}]}]}],"references":[{"url":"https://github.com/CuppaCMS/CuppaCMS/issues/31","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://www.cuppacms.com/","source":"nvd@nist.gov","tags":["Product"]},{"url":"https://github.com/CuppaCMS/CuppaCMS/issues/31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41945","sourceIdentifier":"cve@mitre.org","published":"2022-04-28T14:15:07.617","lastModified":"2026-07-09T01:17:04.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Encode OSS httpx < 0.23.0 is affected by improper input validation in `httpx.URL`, `httpx.Client` and some functions using `httpx.URL.copy_with`."},{"lang":"es","value":"Encode OSS httpx anterior a la versión 0.23.0 se ve afectado por una validación de entrada inadecuada en `httpx.URL`, `httpx.Client` y algunas funciones que utilizan `httpx.URL.copy_with`."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:encode:httpx:*:*:*:*:*:python:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"984D81ED-5C7E-493D-9CDD-8F4B0A85BFD1"}]}]}],"references":[{"url":"https://gist.github.com/lebr0nli/4edb76bbd3b5ff993cf44f2fbce5e571","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/encode/httpx","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/discussions/1831","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/issues/2184","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/releases/tag/0.23.0","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://gist.github.com/lebr0nli/4edb76bbd3b5ff993cf44f2fbce5e571","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/encode/httpx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/discussions/1831","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/issues/2184","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/encode/httpx/releases/tag/0.23.0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28102","sourceIdentifier":"cve@mitre.org","published":"2022-04-28T14:15:07.763","lastModified":"2026-07-09T01:17:25.337","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en PHP MySQL Admin Panel Generator versión v1, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el archivo /edit-db.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:php_mysql_admin_panel_generator_project:php_mysql_admin_panel_generator:-:*:*:*:*:*:*:*","matchCriteriaId":"A4B95705-4B91-4EE5-A33D-4F625C369E4C"}]}]}],"references":[{"url":"https://github.com/housamz/php-mysql-admin-panel-generator/issues/19","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/housamz/php-mysql-admin-panel-generator/issues/19","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-44595","sourceIdentifier":"cve@mitre.org","published":"2022-04-29T12:15:07.777","lastModified":"2026-07-09T01:17:09.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A normal user can send manually crafted packets to the ElevationService.exe and execute arbitrary code without any validation with SYSTEM privileges."},{"lang":"es","value":"Wondershare Dr. Fone última versión a partir del 06-12-2021, es vulnerable a un Control de Acceso Incorrecto. Un usuario normal puede enviar paquetes diseñados manualmente al archivo ElevationService.exe y ejecutar código arbitrario sin ninguna comprobación con privilegios SYSTEM"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondershare:dr.fone:2021-12-06:*:*:*:*:*:*:*","matchCriteriaId":"5F53952D-1D64-429A-9457-71FC8544DB49"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167036/Wondershare-Dr.Fone-12.0.7-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/@tomerp_77017/wondershell-a82372914f26","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/167036/Wondershare-Dr.Fone-12.0.7-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/%40tomerp_77017/wondershell-a82372914f26","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-44596","sourceIdentifier":"cve@mitre.org","published":"2022-04-29T12:15:07.823","lastModified":"2026-07-09T01:17:09.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the \"InstallAssistService.exe\" service(the service is running under SYSTEM privileges) and manipulate it to execute malicious executable without any validation from a remote location and gain SYSTEM privileges"},{"lang":"es","value":"Wondershare LTD Dr. Fone a partir de la versión 06-12-2021, está afectado por ejecución de código remota. Debido a los defectos de diseño del software, un usuario no autenticado puede comunicarse a través de UDP con el servicio \"InstallAssistService.exe\" (el servicio es ejecutado bajo privilegios SYSTEM) y manipularlo para ejecutar un ejecutable malicioso sin ninguna comprobación desde una ubicación remota y alcanzar privilegios SYSTEM"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondershare:dr.fone:2021-12-06:*:*:*:*:*:*:*","matchCriteriaId":"5F53952D-1D64-429A-9457-71FC8544DB49"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167035/Wondershare-Dr.Fone-12.0.7-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/@tomerp_77017/wondershell-a82372914f26","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/167035/Wondershare-Dr.Fone-12.0.7-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/%40tomerp_77017/wondershell-a82372914f26","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-31673","sourceIdentifier":"cve@mitre.org","published":"2022-05-02T00:15:07.983","lastModified":"2026-07-09T01:16:53.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Dom-based Cross-site scripting (XSS) vulnerability at registration account in Cyclos 4 PRO.14.7 and before allows remote attackers to inject arbitrary web script or HTML via the groupId parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) basada en Dom en la cuenta de registro en Cyclos 4 PRO versiones 14.7 y anteriores, permite a atacantes remotos inyectar script web arbitrario o HTML por medio del parámetro groupId"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyclos:cyclos:*:*:*:*:pro:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.14.7","matchCriteriaId":"F65622F1-2BB3-47A6-A76A-4C2CDF1A2860"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167040/Cyclos-4.14.7-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://tf1t.gitbook.io/mycve/cylos/cyclos-4.14.7-dom-based-cross-site-scripting-cve-2021-31673","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/167040/Cyclos-4.14.7-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://tf1t.gitbook.io/mycve/cylos/cyclos-4.14.7-dom-based-cross-site-scripting-cve-2021-31673","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-31674","sourceIdentifier":"cve@mitre.org","published":"2022-05-02T00:15:08.043","lastModified":"2026-07-09T01:16:53.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cyclos 4 PRO 4.14.7 and before does not validate user input at error inform, which allows remote unauthenticated attacker to execute javascript code via undefine enum constant."},{"lang":"es","value":"Cyclos 4 PRO versiones 4.14.7 y anteriores, no comprueban la entrada del usuario en la información de error, lo que permite a un atacante remoto no autenticado ejecutar código javascript por medio de una constante enum no definida"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyclos:cyclos:*:*:*:*:pro:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.14.7","matchCriteriaId":"F65622F1-2BB3-47A6-A76A-4C2CDF1A2860"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167040/Cyclos-4.14.7-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"https://tf1t.gitbook.io/mycve/cylos/cyclos-4.14.7-dom-based-cross-site-scripting-in-undefined-enum-cve-2021-31674","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50908","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/cylos/cyclos-4.14.7-dom-based-cross-site-scripting-in-undefined-enum-cve-2021-31674","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50908","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28118","sourceIdentifier":"cve@mitre.org","published":"2022-05-03T01:15:06.757","lastModified":"2026-07-09T01:17:25.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SiteServer CMS v7.x allows attackers to execute arbitrary code via a crafted plug-in."},{"lang":"es","value":"SiteServer CMS versión v7.x, permite a atacantes ejecutar código arbitrario por medio de un plug-in diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sscms:siteserver_cms:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.1.2","matchCriteriaId":"58B1D5C1-E5ED-4E60-8BF7-0AE5871716E6"}]}]}],"references":[{"url":"https://github.com/Richard-Tang/SSCMS-PluginShell/blob/main/Detail.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/siteserver/cms","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/siteserver/cms/issues/3386","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/Richard-Tang/SSCMS-PluginShell/blob/main/Detail.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/siteserver/cms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/siteserver/cms/issues/3386","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43159","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:48.297","lastModified":"2026-07-09T01:17:07.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the setSessionTime function in /cgi-bin/luci/api/common.."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función setSessionTime en /cgi-bin/luci/api/common"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43160","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:48.770","lastModified":"2026-07-09T01:17:08.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the switchFastDhcp function in /cgi-bin/luci/api/diagnose."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función switchFastDhcp en /cgi-bin/luci/api/diagnose"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43161","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:48.843","lastModified":"2026-07-09T01:17:08.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the doSwitchApi function in /cgi-bin/luci/api/switch."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función doSwitchApi en /cgi-bin/luci/api/switch"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43162","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:48.913","lastModified":"2026-07-09T01:17:08.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the runPackDiagnose function in /cgi-bin/luci/api/diagnose."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función runPackDiagnose en /cgi-bin/luci/api/diagnose"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43163","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:48.980","lastModified":"2026-07-09T01:17:08.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the checkNet function in /cgi-bin/luci/api/auth."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función checkNet en /cgi-bin/luci/api/auth"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43164","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T01:15:49.050","lastModified":"2026-07-09T01:17:08.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the updateVersion function in /cgi-bin/luci/api/wireless."},{"lang":"es","value":"Se presenta una vulnerabilidad de ejecución de código remota (RCE) en los routers de la serie RG-EW de Ruijie Networks hasta ReyeeOS versiones 1.55.1915 / EW_3.0(1)B11P55, por medio de la función updateVersion en /cgi-bin/luci/api/wireless"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruijienetworks:reyeeos:*:*:*:*:*:*:*:*","versionEndIncluding":"1.55.1915_ew_3.0\\(1\\)b11p55","matchCriteriaId":"A0FA9672-0179-4E71-8B8A-57C74B016B17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200:-:*:*:*:*:*:*:*","matchCriteriaId":"693E2E30-5F81-49DD-8FA9-B88EB089B378"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1200g_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"727F7545-61FB-43F4-9A52-A613CE26B0ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew1800gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"325AEC70-B53C-425B-8B2A-520B8AC790EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew300_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"96D43F03-6ED9-4FB1-9AEE-770A5B63CFAE"},{"vulnerable":false,"criteria":"cpe:2.3:h:ruijienetworks:rg-ew3200gx_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"740F0BB8-76B4-4A91-B67B-CE9314BE48E6"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167099/Ruijie-Reyee-Mesh-Router-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/167099/Ruijie-Reyee-Mesh-Router-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://seclists.org/fulldisclosure/2022/May/0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27461","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T15:15:12.780","lastModified":"2026-07-09T01:17:24.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In nopCommerce 4.50.1, an open redirect vulnerability can be triggered by luring a user to authenticate to a nopCommerce page by clicking on a crafted link."},{"lang":"es","value":"En nopCommerce versión 4.50.1, una vulnerabilidad de redireccionamiento abierto puede ser desencadenada al atraer a un usuario para que sea autenticado en una página de nopCommerce haciendo clic en un enlace diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nopcommerce:nopcommerce:*:*:*:*:*:*:*:*","versionEndIncluding":"4.50.1","matchCriteriaId":"C218C892-AB26-46ED-B729-D10AF9D704F7"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/nopcommerce/open-redirect-on-nopcommerce-4.50.1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/nopcommerce/open-redirect-on-nopcommerce-4.50.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28568","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T15:15:13.040","lastModified":"2026-07-09T01:17:25.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcecodester Doctor's Appointment System 1.0 is vulnerable to File Upload to RCE via Image upload from the administrator panel. An attacker can obtain remote command execution just by knowing the path where the images are stored."},{"lang":"es","value":"Sourcecodester Doctor's Appointment System versión 1.0, es vulnerable a una carga de archivos a RCE por medio de una carga de imágenes desde el panel del administrador. Un atacante puede obtener una ejecución de comandos remota con sólo conocer la ruta donde son almacenadas las imágenes"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_doctor\\'s_appointment_system_project:simple_doctor\\'s_appointment_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"F65D2B9D-EADD-4795-99EA-B9E5D76A3A9F"}]}]}],"references":[{"url":"https://github.com/b3nj1-1/CVE/tree/main/CVE-2022-28568","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/b3nj1-1/CVE/tree/main/CVE-2022-28568","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29347","sourceIdentifier":"cve@mitre.org","published":"2022-05-04T15:15:13.133","lastModified":"2026-07-09T01:17:28.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Web@rchiv 1.0 allows attackers to execute arbitrary commands via a crafted PHP file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitrarios en Web@archiv versión 1.0, permite a atacantes ejecutar comandos arbitrarios por medio de un archivo PHP diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:web\\@rchiv_project:web\\@rchiv:1.0:*:*:*:*:*:*:*","matchCriteriaId":"72D9CD5B-43E4-4065-AE90-FAC312C3E53B"}]}]}],"references":[{"url":"https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2022-29347","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/evildrummer/MyOwnCVEs/tree/main/CVE-2022-29347","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45783","sourceIdentifier":"cve@mitre.org","published":"2022-05-05T11:15:07.987","lastModified":"2026-07-09T01:17:11.503","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bookeen Notea Firmware BK_R_1.0.5_20210608 is affected by a directory traversal vulnerability that allows an attacker to obtain sensitive information."},{"lang":"es","value":"El firmware de Bookeen Notea versión BK_R_1.0.5_20210608, está afectado por una vulnerabilidad de salto de directorio que permite a un atacante obtener información confidencial"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:bookeen:notea_firmware:bk_r_1.0.5_20210608:*:*:*:*:*:*:*","matchCriteriaId":"F6A652D8-29DD-4A08-B07F-86FCE85B434B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:bookeen:notea:-:*:*:*:*:*:*:*","matchCriteriaId":"ED4F9E62-5EBA-4163-8224-02F62B0DB7C6"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167016/Bookeen-Notea-BK_R_1.0.5_20210608-Directory-Traversal.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/cmaillioux/SecurityResearch/blob/main/CVE-2021-45783","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/167016/Bookeen-Notea-BK_R_1.0.5_20210608-Directory-Traversal.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/cmaillioux/SecurityResearch/blob/main/CVE-2021-45783","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-43712","sourceIdentifier":"cve@mitre.org","published":"2022-05-09T21:15:07.930","lastModified":"2026-07-09T01:17:08.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stored XSS in Add New Employee Form in Sourcecodester Employee Daily Task Management System 1.0 Allows Remote Attacker to Inject/Store Arbitrary Code via the Name Field."},{"lang":"es","value":"Una vulnerabilidad de tipo XSS almacenado en el Formulario de Adición de Nuevos Empleados en Sourcecodester Employee Daily Task Management System versión 1.0, permite a un atacante remoto inyectar/almacenar código arbitrario por medio del campo del nombre"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:employee_daily_task_management_system_project:employee_daily_task_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"7CC7FAFB-7110-41AD-990B-774C2830A756"}]}]}],"references":[{"url":"https://patelvarshil.medium.com/cve-2021-43712-stored-xss-how-i-got-my-first-cve-5381370482d4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://patelvarshil.medium.com/cve-2021-43712-stored-xss-how-i-got-my-first-cve-5381370482d4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26987","sourceIdentifier":"cve@mitre.org","published":"2022-05-10T15:15:07.537","lastModified":"2026-07-09T01:17:23.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution."},{"lang":"es","value":"Los routers TP-Link TL-WDR7660 versión 2.0.30, Mercury D196G versión 20200109_2.0.4 y Fast FAC1900R versión 20190827_2.0.2, presentan un problema de desbordamiento de pila en la función \"MmtAtePrase\". Los usuarios locales podrían conseguir una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*","matchCriteriaId":"EDCCEB50-2061-4752-882A-A0DB7FF3C8C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*","matchCriteriaId":"45C162F6-EBA0-4DCC-8D8B-7FF1B670C79B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ABCA2DF1-19DD-4605-B042-EDDCA46593C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*","matchCriteriaId":"2BB5D58A-0308-4B98-824A-907A4DA11C0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41C7E6A3-C275-4C43-BBA0-96528A1B0A8E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*","matchCriteriaId":"BADCD81E-4002-4724-8756-39B1E680F13D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E72883A7-FC0B-4CEF-849E-03F7C5060AB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*","matchCriteriaId":"D4E01B22-04C5-4DCB-837E-920E9CC9CE67"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*","matchCriteriaId":"6BEA33AB-EDC9-4A86-9D2D-0FBD751A8696"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2C80E4-7108-487F-8E3A-955F1873F0E6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"0CE72672-D329-405D-AF38-567C03994453"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*","matchCriteriaId":"F3291772-BE0E-4E41-BC88-CA15C92DE2DD"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1SnNoqRlJiBD673UROLwdgg_roMOneVR9/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/GANGE666","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1SnNoqRlJiBD673UROLwdgg_roMOneVR9/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/GANGE666","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-26988","sourceIdentifier":"cve@mitre.org","published":"2022-05-10T15:15:07.587","lastModified":"2026-07-09T01:17:23.273","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution."},{"lang":"es","value":"Los routers TP-Link TL-WDR7660 versión 2.0.30, Mercury D196G versión 20200109_2.0.4 y Fast FAC1900R versión 20190827_2.0.2 tienen un problema de desbordamiento de pila en la función \"MntAte\". Los usuarios locales podrían conseguir una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*","matchCriteriaId":"EDCCEB50-2061-4752-882A-A0DB7FF3C8C3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*","matchCriteriaId":"45C162F6-EBA0-4DCC-8D8B-7FF1B670C79B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ABCA2DF1-19DD-4605-B042-EDDCA46593C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*","matchCriteriaId":"2BB5D58A-0308-4B98-824A-907A4DA11C0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"41C7E6A3-C275-4C43-BBA0-96528A1B0A8E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*","matchCriteriaId":"BADCD81E-4002-4724-8756-39B1E680F13D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E72883A7-FC0B-4CEF-849E-03F7C5060AB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*","matchCriteriaId":"D4E01B22-04C5-4DCB-837E-920E9CC9CE67"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*","matchCriteriaId":"6BEA33AB-EDC9-4A86-9D2D-0FBD751A8696"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*","matchCriteriaId":"3A2C80E4-7108-487F-8E3A-955F1873F0E6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*","matchCriteriaId":"0CE72672-D329-405D-AF38-567C03994453"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*","matchCriteriaId":"F3291772-BE0E-4E41-BC88-CA15C92DE2DD"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/GANGE666","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/GANGE666","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28986","sourceIdentifier":"cve@mitre.org","published":"2022-05-10T19:15:09.273","lastModified":"2026-07-09T01:17:27.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Affected: 2021072900 has an Insecure direct object references (IDOR) vulnerability, which allows remote attackers to update sensitive records such as email, password and phone number of other user accounts."},{"lang":"es","value":"LMS Doctor Simple 2 Factor Authentication Plugin For Moodle Afectado: versión 2021072900, presenta una vulnerabilidad de Referencias directas a objetos inseguros (IDOR), que permite a atacantes remotos actualizar registros confidenciales como el correo electrónico, la contraseña y el número de teléfono de otras cuentas de usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lmsdoctor:2_factor_authentication:2021072900:*:*:*:*:moodle:*:*","matchCriteriaId":"285F570C-53CD-4DF8-AF5F-38A6BB12A8DD"}]}]}],"references":[{"url":"https://github.com/FlaviuPopescu/CVE-2022-28986","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/FlaviuPopescu/CVE-2022-28986","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-19228","sourceIdentifier":"cve@mitre.org","published":"2022-05-11T12:15:07.863","lastModified":"2026-07-09T00:16:51.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was found in bludit v3.13.0, unsafe implementation of the backup plugin allows attackers to upload arbitrary files."},{"lang":"es","value":"Se ha encontrado un problema en bludit versión v3.13.0, una implementación no segura del plugin de copia de seguridad permite a atacantes cargar archivos arbitrarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bludit:bludit:3.13.0:*:*:*:*:*:*:*","matchCriteriaId":"2E7F9779-D5BF-41A2-82AC-6430E91D2B7B"}]}]}],"references":[{"url":"https://github.com/bludit/bludit/issues/1242","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/bludit/bludit/issues/1242","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28077","sourceIdentifier":"cve@mitre.org","published":"2022-05-11T14:15:07.860","lastModified":"2026-07-09T01:17:24.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter."},{"lang":"es","value":"Se ha detectado que Home Owners Collection Management versión v1, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado en el panel de administración por medio del parámetro $_GET[\"s\"]"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:home_owners_collection_management_system_project:home_owners_collection_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"FDB75A84-7EE7-4D4A-9B5F-77365D793307"}]}]}],"references":[{"url":"https://github.com/bigzooooz/CVE-2022-28077","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/bigzooooz/CVE-2022-28077","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28078","sourceIdentifier":"cve@mitre.org","published":"2022-05-11T14:15:07.903","lastModified":"2026-07-09T01:17:24.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter."},{"lang":"es","value":"Se ha detectado que Home Owners Collection Management versión v1, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado en el panel de administración por medio del parámetro $_GET[\"page']"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:home_owners_collection_management_system_project:home_owners_collection_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"FDB75A84-7EE7-4D4A-9B5F-77365D793307"}]}]}],"references":[{"url":"https://github.com/bigzooooz/CVE-2022-28078","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/bigzooooz/CVE-2022-28078","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-22984","sourceIdentifier":"cve@mitre.org","published":"2022-05-12T20:15:12.987","lastModified":"2026-07-09T00:16:58.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en MicroStrategy Web SDK versiones 10.11 y anteriores, permite a atacantes remotos no autenticados ejecutar código arbitrario por medio del parámetro key de la tarea getGoogleExtraConfig"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy_web_sdk:*:*:*:*:*:*:*:*","versionEndIncluding":"10.11","matchCriteriaId":"2C849FD8-D2B1-42DE-9966-4B3F270201F9"}]}]}],"references":[{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"cve@mitre.org"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://medium.com/%40win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-22985","sourceIdentifier":"cve@mitre.org","published":"2022-05-12T20:15:13.043","lastModified":"2026-07-09T00:16:58.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en MicroStrategy Web SDK versiones 10.11 y anteriores, permite a atacantes remotos no autentificados ejecutar código arbitrario por medio del parámetro key de la tarea getESRIExtraConfig"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy_web_sdk:*:*:*:*:*:*:*:*","versionEndIncluding":"10.11","matchCriteriaId":"2C849FD8-D2B1-42DE-9966-4B3F270201F9"}]}]}],"references":[{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"cve@mitre.org"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://medium.com/%40win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-22986","sourceIdentifier":"cve@mitre.org","published":"2022-05-12T20:15:13.093","lastModified":"2026-07-09T00:16:58.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en MicroStrategy Web SDK versiones 10.11 y anteriores, permite a atacantes remotos no autentificados ejecutar código arbitrario por medio del parámetro searchString de la tarea wikiScrapper"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy_web_sdk:*:*:*:*:*:*:*:*","versionEndIncluding":"10.11","matchCriteriaId":"2C849FD8-D2B1-42DE-9966-4B3F270201F9"}]}]}],"references":[{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"cve@mitre.org"},{"url":"https://tinyurl.com/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://medium.com/%40win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://tinyurl.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-22987","sourceIdentifier":"cve@mitre.org","published":"2022-05-12T20:15:13.140","lastModified":"2026-07-09T00:16:58.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-Site Scripting (XSS) en MicroStrategy Web SDK versiones 10.11 y anteriores, permite a atacantes remotos no autenticados ejecutar código arbitrario por medio del parámetro fileToUpload de la tarea uploadFile"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy_web_sdk:*:*:*:*:*:*:*:*","versionEndIncluding":"10.11","matchCriteriaId":"2C849FD8-D2B1-42DE-9966-4B3F270201F9"}]}]}],"references":[{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://medium.com/@win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"cve@mitre.org"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://medium.com/%40win3zz/simple-story-of-some-complicated-xss-on-facebook-8a9c0d80969d","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-22983","sourceIdentifier":"cve@mitre.org","published":"2022-05-13T13:15:07.593","lastModified":"2026-07-09T00:16:58.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task."},{"lang":"es","value":"Se presenta una vulnerabilidad de Server-Side Request Forgery (SSRF) en MicroStrategy Web SDK versiones 11.1 y anteriores, que permite a atacantes remotos no autenticados realizar un ataque de tipo Server-Side Request Forgery (SSRF) por medio del parámetro srcURL a la tarea shortURL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:N","baseScore":5.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:*","versionEndIncluding":"11.1","matchCriteriaId":"465EB33F-D4D8-412C-B729-E51A654AE7CC"}]}]}],"references":[{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://medium.com/@win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204","source":"cve@mitre.org"},{"url":"https://tinyurl.com/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.yourcompany.com:8080/MicroStrategy/servlet/taskProc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://medium.com/%40win3zz/how-i-made-31500-by-submitting-a-bug-to-facebook-d31bb046e204","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://tinyurl.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.microstrategy.com/us/report-a-security-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-29351","sourceIdentifier":"cve@mitre.org","published":"2022-05-16T14:15:07.900","lastModified":"2026-07-09T01:17:28.237","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file. Note: The vendor argues that this is not a legitimate issue and there is no vulnerability here."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitraria en el módulo de carga de archivos de Tiddlywiki5 versión v5.2.2, permite a atacantes ejecutar código arbitrario por medio de un archivo SVG diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-20T15:24:13.774867Z","id":"CVE-2022-29351","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tiddlywiki:tiddlywiki5:5.2.2:*:*:*:*:*:*:*","matchCriteriaId":"A2799D5B-FD3C-461C-9F0B-250240C0357D"}]}]}],"references":[{"url":"https://github.com/Jermolene/TiddlyWiki5","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/jimcola99/corruptsvgfile","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=F_DBx4psWns","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Jermolene/TiddlyWiki5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/jimcola99/corruptsvgfile","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=F_DBx4psWns","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24611","sourceIdentifier":"cve@mitre.org","published":"2022-05-17T18:15:08.593","lastModified":"2026-07-09T01:17:17.863","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs."},{"lang":"es","value":"Una denegación de servicio (DoS) en la especificación del protocolo Z-Wave S0 NonceGet en la serie Z-Wave 500 de Silicon Labs permite a atacantes locales bloquear la red Z-Wave protegida S0/S2 por medio de paquetes Z-Wave S0 NonceGet diseñados, usando NodeIDs incluidos pero ausentes"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:N/I:N/A:C","baseScore":6.1,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:silabs:zm5202_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"551D3D5F-8629-4F47-9737-DAC331066309"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:silabs:zm5202:-:*:*:*:*:*:*:*","matchCriteriaId":"64DAB9DC-A25C-4C7B-8A98-D6AAD3DF46CC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:silabs:zm5101_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1CA75EAC-7352-45CD-A0C1-7C5878B6201D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:silabs:zm5101:-:*:*:*:*:*:*:*","matchCriteriaId":"36D7DA65-1F1E-4C1C-A9EB-16F615E5C34A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:silabs:sd3503_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6C0EF6D3-3F5A-4E13-A9D1-E8FE6E3391B8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:silabs:sd3503:-:*:*:*:*:*:*:*","matchCriteriaId":"B1EE87FC-C268-46DB-9593-3D4318388B45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:silabs:sd3502_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"61861383-BF69-4717-97FF-4709BAFB33C0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:silabs:sd3502:-:*:*:*:*:*:*:*","matchCriteriaId":"9F00D3E7-9A6C-4880-BD98-D70BCC525ECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:silabs:zm5304_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0EC5A1A8-443B-48F1-B86F-E45D3A63FB41"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:silabs:zm5304:-:*:*:*:*:*:*:*","matchCriteriaId":"0BB79B02-5542-41CE-AEEF-D64606C50B30"}]}]}],"references":[{"url":"https://github.com/ITSecLab-HSEL/CVE-2022-24611","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/ITSecLab-HSEL/CVE-2022-24611","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29641","sourceIdentifier":"cve@mitre.org","published":"2022-05-18T12:15:08.347","lastModified":"2026-07-09T01:17:28.357","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request."},{"lang":"es","value":"Se descubrió que TOTOLINK A3100R V4.1.2cu.5050_B20200504 y V4.1.2cu.5247_B20211129 contienen un desbordamiento de pila a través de los parámetros startTime y endTime en la función setParentalRules. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de una solicitud POST manipulada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504:*:*:*:*:*:*:*","matchCriteriaId":"0BD0B6FC-5C4F-4547-883D-7B9C03B45523"},{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5247_b20211129:*:*:*:*:*:*:*","matchCriteriaId":"9098D12E-0A3B-4CBF-AC5E-43C5394C7719"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:*","matchCriteriaId":"40729E79-9D89-440F-B38D-E62D310E27F9"}]}]}],"references":[{"url":"https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/4.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/shijin0925/IOT/blob/master/TOTOLINK%20A3100R/4.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28932","sourceIdentifier":"cve@mitre.org","published":"2022-05-23T16:16:07.650","lastModified":"2026-07-09T01:17:25.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DSL-G2452DG HW:T1\\\\tFW:ME_2.00 was discovered to contain insecure permissions."},{"lang":"es","value":"Se ha detectado que D-Link DSL-G2452DG versión HW:T1\\tFW:ME_2.00, contiene permisos no seguros"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dsl-g2452dg_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CE6877A6-2A12-473B-9D3C-B049AC7793A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dsl-g2452dg:-:*:*:*:*:*:*:*","matchCriteriaId":"01781BD4-43C3-4DBB-9D97-10B3E89C486B"}]}]}],"references":[{"url":"https://github.com/1759134370/iot/blob/main/dsl","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/1759134370/iot/blob/main/dsl","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-29004","sourceIdentifier":"cve@mitre.org","published":"2022-05-23T16:16:07.693","lastModified":"2026-07-09T01:17:27.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php."},{"lang":"es","value":"Se ha detectado que Diary Management System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro Name en el archivo search-result.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:e-diary_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"F19D617A-8930-45B8-AC0B-9449AFBB7AFD"}]}]}],"references":[{"url":"https://github.com/sudoninja-noob/CVE-2022-29004/blob/main/CVE-2022-29004.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://phpgurukul.com/e-diary-management-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/sudoninja-noob/CVE-2022-29004/blob/main/CVE-2022-29004.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://phpgurukul.com/e-diary-management-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29005","sourceIdentifier":"cve@mitre.org","published":"2022-05-23T16:16:07.737","lastModified":"2026-07-09T01:17:27.733","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en el componente /obcs/user/profile.php de Online Birth Certificate System versión v1.2, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en los parámetros fname o lname"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_birth_certificate_system:1.2:*:*:*:*:*:*:*","matchCriteriaId":"55001D10-170E-4CBE-B727-8F1788211BA8"}]}]}],"references":[{"url":"https://github.com/sudoninja-noob/CVE-2022-29005/blob/main/CVE-2022-29005.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/sudoninja-noob/CVE-2022-29005/blob/main/CVE-2022-29005.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://phpgurukul.com/online-birth-certificate-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-30014","sourceIdentifier":"cve@mitre.org","published":"2022-05-23T16:16:07.837","lastModified":"2026-07-09T01:17:28.827","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Lumidek Associates Simple Food Website 1.0 is vulnerable to Cross Site Request Forgery (CSRF) which allows anyone to takeover admin/moderater account."},{"lang":"es","value":"Lumidek Associates Simple Food Website versión 1.0, es vulnerable a un ataque de tipo Cross Site Request Forgery (CSRF) que permite a cualquiera una toma de control de la cuenta de administrador/moderador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_food_website_project:simple_food_website:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3B52B326-6E03-4E04-8C87-A8D0661C4EF4"}]}]}],"references":[{"url":"https://github.com/offsecin/bugsdisclose/blob/main/csrf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/offsecin/bugsdisclose/blob/main/csrf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28944","sourceIdentifier":"cve@mitre.org","published":"2022-05-23T18:16:11.997","lastModified":"2026-07-09T01:17:26.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain EMCO Software products are affected by: CWE-494: Download of Code Without Integrity Check. This affects MSI Package Builder for Windows 9.1.4 and Remote Installer for Windows 6.0.13 and Ping Monitor for Windows 8.0.18 and Remote Shutdown for Windows 7.2.2 and WakeOnLan 2.0.8 and Network Inventory for Windows 5.8.22 and Network Software Scanner for Windows 2.0.8 and UnLock IT for Windows 6.1.1. The impact is: execute arbitrary code (remote). The component is: Updater. The attack vector is: To exploit this vulnerability, a user must trigger an update of an affected installation of EMCO Software. ¶¶ Multiple products from EMCO Software are affected by a remote code execution vulnerability during the update process."},{"lang":"es","value":"Algunos productos de software de EMCO están afectados por: CWE-494: Descarga de Código sin Comprobación de Integridad. Esto afecta a MSI Package Builder para Windows versión 9.1.4 y Remote Installer para Windows versión 6.0.13 y Ping Monitor para Windows versión 8.0.18 y Remote Shutdown para Windows versión 7.2.2 y WakeOnLan versión 2.0.8 y Network Inventory para Windows versión 5.8.22 y Network Software Scanner para Windows versión 2.0.8 y UnLock IT para Windows versión 6.1.1. El impacto es: ejecutar código arbitrario (remoto). El componente es: Updater. El vector de ataque es: Para explotar esta vulnerabilidad, un usuario debe desencadenar una actualización de una instalación afectada de EMCO Software. ¶¶ Múltiples productos de EMCO Software están afectados por una vulnerabilidad de ejecución de código remota durante el proceso de actualización"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-494"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:msi_package_builder:9.1.4:*:*:*:*:*:*:*","matchCriteriaId":"D69E8299-29C0-4621-8CFE-34EF07346185"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:network_inventory:5.8.22:*:*:*:*:*:*:*","matchCriteriaId":"984407E1-B474-43BE-878D-1375D2A6F967"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:network_software_scanner:2.0.8:*:*:*:*:*:*:*","matchCriteriaId":"823B76EF-D4D0-406E-9926-69786833C6A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:ping_monitor:8.0.18:*:*:*:*:*:*:*","matchCriteriaId":"50549A02-466E-4B49-BB24-0C20874C612A"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:remote_installer:6.0.13:*:*:*:*:*:*:*","matchCriteriaId":"B189D2DE-16E8-4C32-BE9E-C45CB085B3B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:remote_shutdown:7.2.2:*:*:*:*:*:*:*","matchCriteriaId":"7AC0444D-B02A-4A32-836D-C1169FAB244E"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:unlock_it:6.1.1:*:*:*:*:*:*:*","matchCriteriaId":"4D435F75-2887-4E47-9390-BAD507949DDC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:free:*:*:*","matchCriteriaId":"EE9D5E0A-D00F-4BEA-8D1B-54A252EF0BF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:emcosoftware:wakeonlan:2.0.8:*:*:*:professional:*:*:*","matchCriteriaId":"AE4BD0F1-EB96-4129-9159-12DDDC5F7441"}]}]}],"references":[{"url":"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/gerr-re/cve-2022-28944/blob/main/cve-2022-28944_public-advisory.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29333","sourceIdentifier":"cve@mitre.org","published":"2022-05-24T21:15:20.687","lastModified":"2026-07-09T01:17:28.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in CyberLink Power Director v14 allows attackers to escalate privileges via a crafted .exe file."},{"lang":"es","value":"Una vulnerabilidad en CyberLink Power Director versión v14, permite a atacantes escalar privilegios por medio de un archivo .exe diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyberlink:powerdirector:14.0:*:*:*:*:*:*:*","matchCriteriaId":"AA2F0F60-EF4D-4446-AEA8-03BC145EF3A6"}]}]}],"references":[{"url":"https://www.youtube.com/watch?v=r75k-ae3_ng","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/B46wtd-ZNog","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=r75k-ae3_ng","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://youtu.be/B46wtd-ZNog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27305","sourceIdentifier":"cve@mitre.org","published":"2022-05-25T16:15:08.253","lastModified":"2026-07-09T01:17:23.647","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation."},{"lang":"es","value":"Gibbon versión v23, no genera una nueva cookie de identificación de sesión después de que un usuario es autenticado, haciendo que la aplicación sea vulnerable a una fijación de sesión"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gibbonedu:gibbon:*:*:*:*:*:*:*:*","versionEndExcluding":"23.0.02","matchCriteriaId":"07ED204B-0570-4858-AB76-7A1EE6C23E33"}]}]}],"references":[{"url":"https://github.com/GibbonEdu/core/security/advisories/GHSA-4mq5-8jvh-qq3p","source":"cve@mitre.org","tags":["Mitigation","Patch","Third Party Advisory"]},{"url":"https://github.com/GibbonEdu/core/security/advisories/GHSA-4mq5-8jvh-qq3p","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42872","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:30.877","lastModified":"2026-07-09T01:17:06.863","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code."},{"lang":"es","value":"TOTOLINK EX1200T versión V4.1.2cu.5215, está afectado por una vulnerabilidad de inyección de comandos que puede ejecutar remotamente código arbitrario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215:*:*:*:*:*:*:*","matchCriteriaId":"692DD9EF-B502-4EC1-932C-A540333A990B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:ex1200t:-:*:*:*:*:*:*:*","matchCriteriaId":"F262644E-2558-423E-A19E-7C86A1756FBF"}]}]}],"references":[{"url":"http://totolink.net/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_NoticeUrl_rce4.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://totolink.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_NoticeUrl_rce4.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24238","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:36.530","lastModified":"2026-07-09T01:17:16.413","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ACEweb Online Portal 3.5.065 was discovered to contain a cross-site scripting (XSS) vulnerability via the txtNmName1 parameter in person.awp."},{"lang":"es","value":"Se ha detectado que ACEweb Online Portal versión 3.5.065, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del parámetro txtNmName1 en el archivo person.awp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aceware:aceweb_online_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.068","matchCriteriaId":"9FDD589F-E18B-4F2B-9A4A-ACFE897BD8D5"}]}]}],"references":[{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24239","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:36.733","lastModified":"2026-07-09T01:17:16.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ACEweb Online Portal 3.5.065 was discovered to contain an unrestricted file upload vulnerability via attachments.awp."},{"lang":"es","value":"Se ha detectado que ACEweb Online Portal versión 3.5.065, contiene una vulnerabilidad de carga de archivos sin restricciones por medio del archivo attachments.awp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aceware:aceweb_online_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.068","matchCriteriaId":"9FDD589F-E18B-4F2B-9A4A-ACFE897BD8D5"}]}]}],"references":[{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24240","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:36.830","lastModified":"2026-07-09T01:17:16.637","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ACEweb Online Portal 3.5.065 was discovered to contain a SQL injection vulnerability via the criteria parameter in showschedule.awp."},{"lang":"es","value":"Se ha detectado que ACEweb Online Portal versión 3.5.065, contenía una vulnerabilidad de inyección SQL por medio del parámetro criteria en el archivo showschedule.awp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aceware:aceweb_online_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.068","matchCriteriaId":"9FDD589F-E18B-4F2B-9A4A-ACFE897BD8D5"}]}]}],"references":[{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24241","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:36.953","lastModified":"2026-07-09T01:17:16.767","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ACEweb Online Portal 3.5.065 was discovered to contain an External Controlled File Path and Name vulnerability via the txtFilePath parameter in attachments.awp."},{"lang":"es","value":"Se ha detectado que ACEweb Online Portal versión 3.5.065, contiene una vulnerabilidad de ruta y nombre de archivo externo controlado por medio del parámetro txtFilePath en el archivo attachments.awp"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-610"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aceware:aceweb_online_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.068","matchCriteriaId":"9FDD589F-E18B-4F2B-9A4A-ACFE897BD8D5"}]}]}],"references":[{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24581","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:37.103","lastModified":"2026-07-09T01:17:17.743","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ACEweb Online Portal 3.5.065 allows unauthenticated SMB hash capture via UNC. By specifying the UNC file path of an external SMB share when uploading a file, an attacker can induce the victim server to disclose the username and password hash of the user executing the ACEweb Online software."},{"lang":"es","value":"ACEweb Online Portal versión 3.5.065, permite una captura de hash SMB no autenticada por medio de UNC. Al especificar la ruta de archivo UNC de un recurso compartido SMB externo cuando es cargado un archivo, un atacante puede inducir al servidor víctima a revelar el hash del nombre de usuario y la contraseña del usuario que ejecuta el software ACEweb Online"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aceware:aceweb_online_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.065","matchCriteriaId":"45D75D1C-46F2-47B8-BD66-F2188A007733"}]}]}],"references":[{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://www.aceware.com/forum/viewtopic.php?f=7&t=481","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-28945","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:46.253","lastModified":"2026-07-09T01:17:26.173","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file."},{"lang":"es","value":"Un problema en Webbank WeCube versión v3.2.2, permite a atacantes ejecutar un salto de directorio por medio de un archivo ZIP diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webbank:webcube:3.2.2:*:*:*:*:*:*:*","matchCriteriaId":"539B7742-B453-4E4B-84E7-ED8F495C0DF5"}]}]}],"references":[{"url":"https://github.com/WeBankPartners/wecube-platform/issues/2324","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/WeBankPartners/wecube-platform/releases/tag/v3.2.2","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/WeBankPartners/wecube-platform/issues/2324","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/WeBankPartners/wecube-platform/releases/tag/v3.2.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30034","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:51.427","lastModified":"2026-07-09T01:17:29.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke arbitrary Celery RPC calls or deny service by shutting down Celery task nodes."},{"lang":"es","value":"Flower, una interfaz de usuario web para el marco de trabajo Celery Python RPC, todas las versiones a partir del 05-02-2022 son vulnerables a una omisión de autenticación OAuth. Un atacante podría entonces acceder a la API de Flower para descubrir e invocar llamadas RPC arbitrarias de Celery o denegar el servicio al cerrar los nodos de tareas de Celery"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flower_project:flower:*:*:*:*:*:*:*:*","versionEndExcluding":"1.2.0","matchCriteriaId":"2E8502CB-14B1-4A9E-8B2B-4F6EA67C32A8"}]}]}],"references":[{"url":"https://github.com/mher/flower/issues/1217","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://tprynn.github.io/2022/05/26/flower-vulns.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/mher/flower/issues/1217","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]},{"url":"https://tprynn.github.io/2022/05/26/flower-vulns.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30490","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T14:15:53.257","lastModified":"2026-07-09T01:17:29.893","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php."},{"lang":"es","value":"Badminton Center Management System versión V1.0, es vulnerable a una Inyección SQL por medio del parámetro \"id\" en el archivo/bcms/admin/court_rentals/update_status.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:badminton_center_management_system_project:badminton_center_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"7B77F41C-FE25-46B8-A763-1585FD3DF046"}]}]}],"references":[{"url":"https://github.com/yasinyildiz26/Badminton-Center-Management-System","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/yasinyildiz26/Badminton-Center-Management-System","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29704","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T18:15:09.680","lastModified":"2026-07-09T01:17:28.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability."},{"lang":"es","value":"Se ha detectado que BrowsBox CMS versión v4.0, contiene una vulnerabilidad de inyección SQL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:browsbox:brows_box:4.0:*:*:*:*:*:*:*","matchCriteriaId":"46B68ADD-C1F9-4EE7-BE55-0CEA770FAE7A"}]}]}],"references":[{"url":"https://www.youtube.com/watch?v=ECTu2QVAl1c","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.youtube.com/watch?v=ECTu2QVAl1c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42875","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T19:15:08.987","lastModified":"2026-07-09T01:17:06.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin."},{"lang":"es","value":"TOTOLINK EX1200T versión V4.1.2cu.5215, contiene una vulnerabilidad de inyección de comandos remota en la función setDiagnosisCfg del archivo lib/cste_modules/system.so para controlar el ipDoamin"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215:*:*:*:*:*:*:*","matchCriteriaId":"692DD9EF-B502-4EC1-932C-A540333A990B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:ex1200t:-:*:*:*:*:*:*:*","matchCriteriaId":"F262644E-2558-423E-A19E-7C86A1756FBF"}]}]}],"references":[{"url":"http://totolink.net","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_ipdoamin_rce.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://totolink.net","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_ipdoamin_rce.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42877","sourceIdentifier":"cve@mitre.org","published":"2022-06-02T20:15:08.333","lastModified":"2026-07-09T01:17:07.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK EX1200T V4.1.2cu.5215 contains a denial of service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system."},{"lang":"es","value":"TOTOLINK EX1200T versión V4.1.2cu.5215, contiene una vulnerabilidad de denegación de servicio en la función RebootSystem del archivo lib/cste_modules/system que puede reiniciar el sistema"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:C","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215:*:*:*:*:*:*:*","matchCriteriaId":"692DD9EF-B502-4EC1-932C-A540333A990B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:ex1200t:-:*:*:*:*:*:*:*","matchCriteriaId":"F262644E-2558-423E-A19E-7C86A1756FBF"}]}]}],"references":[{"url":"http://totolink.net/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_reboot.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://totolink.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_reboot.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27438","sourceIdentifier":"cve@mitre.org","published":"2022-06-06T23:15:07.920","lastModified":"2026-07-09T01:17:24.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check."},{"lang":"es","value":"Caphyon Ltd Advanced Installer 19.3 y anteriores y muchos productos que utilizan el actualizador de Advanced Installer (Advanced Updater) están afectados por una vulnerabilidad de ejecución remota de código a través del parámetro CustomDetection en la función de comprobación de actualizaciones. Para explotar esta vulnerabilidad, un usuario debe iniciar una instalación afectada para activar la comprobación de la actualización"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:H/Au:N/C:P/I:P/A:P","baseScore":5.1,"accessVector":"NETWORK","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":4.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-494"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:caphyon:advanced_installer:*:*:*:*:*:*:*:*","versionEndExcluding":"19.4","matchCriteriaId":"5CD95070-6141-49F0-9DF3-B2BA038D4D2E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:3cx:call_flow_designer:18.2.13:*:*:*:*:*:*:*","matchCriteriaId":"7654BEC0-A193-4496-B845-CA0B2DAC3B12"},{"vulnerable":true,"criteria":"cpe:2.3:a:3cx:crm_template_generator:2.1.23:*:*:*:*:*:*:*","matchCriteriaId":"8A873E57-23AB-466A-8168-BD9BD4D7EA19"},{"vulnerable":true,"criteria":"cpe:2.3:a:boom:boomtv_streamer_portal:2.2.1:*:*:*:*:*:*:*","matchCriteriaId":"11887C03-5D42-4203-96D5-35F18231ED81"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesector:direct_folders:4.0:*:*:*:*:*:*:*","matchCriteriaId":"87AF4CE6-47AC-4446-8853-F9A9DBD58865"},{"vulnerable":true,"criteria":"cpe:2.3:a:codesector:teracopy:3.8.5:*:*:*:*:*:*:*","matchCriteriaId":"481C2BFB-3424-4C74-84DE-37E325EAD736"},{"vulnerable":true,"criteria":"cpe:2.3:a:emeditor:emeditor:21.3.0:*:*:*:*:*:*:*","matchCriteriaId":"54B63192-D3E0-43C6-BA15-DBC1792A45D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:flamory:flamory:4.2.19.0:*:*:*:*:*:*:*","matchCriteriaId":"3146285D-4191-4D8F-8E1D-76450D1B238F"},{"vulnerable":true,"criteria":"cpe:2.3:a:freesnippingtool:free_snipping_tool:5.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"10A15BE3-5FE4-4864-A7D9-7D53CA090C51"},{"vulnerable":true,"criteria":"cpe:2.3:a:fxsound:fxsound:1.1.12.0:*:*:*:*:*:*:*","matchCriteriaId":"EB3A801B-3149-48B4-A366-3D7CD750FBF0"},{"vulnerable":true,"criteria":"cpe:2.3:a:gainedge:better_explorer:2020.3.15.1304:*:*:*:*:*:*:*","matchCriteriaId":"0531E74E-84BB-43E9-BDF9-16CEB36982A1"},{"vulnerable":true,"criteria":"cpe:2.3:a:gamecaster:gamecaster:4.0.2109.2802:*:*:*:*:*:*:*","matchCriteriaId":"B06B30FD-F588-479D-B3AD-80485171A654"},{"vulnerable":true,"criteria":"cpe:2.3:a:getmailbird:mailbird:2.9.50.0:*:*:*:*:*:*:*","matchCriteriaId":"F5F766EF-9716-4728-9066-081BA64FA477"},{"vulnerable":true,"criteria":"cpe:2.3:a:guzogo:guzogo:1.0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"C095A60A-5348-4EFF-8F2D-132A6C20C70B"},{"vulnerable":true,"criteria":"cpe:2.3:a:honeygain:honeygain:0.10.7.0:*:*:*:*:windows:*:*","matchCriteriaId":"9269C619-0F6F-4553-924D-657A773B4167"},{"vulnerable":true,"criteria":"cpe:2.3:a:jki:vi_package_manager:21.1.2754:*:*:*:*:*:*:*","matchCriteriaId":"5A22A8AC-A3CE-49AD-8013-80A9146E3C58"},{"vulnerable":true,"criteria":"cpe:2.3:a:jpsoft:take_command:28.2.18:*:*:*:*:*:*:*","matchCriteriaId":"2F6C42BA-0285-48CA-BFDE-7E74986B0475"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:archive_password_recovery:3.70.69:*:*:*:*:*:*:*","matchCriteriaId":"AE00A0F0-D51A-4315-8DE5-D93704460040"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:asterisks_password_decryptor:3.31.107:*:*:*:*:*:*:*","matchCriteriaId":"2989B6AE-400B-494C-B139-834FD8740E3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:burning_suite:1.20.05:*:*:*:*:*:*:*","matchCriteriaId":"D34031D0-8C17-4ACF-83BE-CE3CB57B1AC7"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:rar_password_recovery:3.70.69:*:*:*:*:*:*:*","matchCriteriaId":"D561711E-F1AB-442C-A845-6DA783B33730"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:volume_serial_number_editor:2.02.34:*:*:*:*:*:*:*","matchCriteriaId":"E2A2C186-E1EB-4370-9F4A-1CBAB5AD541A"},{"vulnerable":true,"criteria":"cpe:2.3:a:krylack:zip_password_recovery:3.70.69:*:*:*:*:*:*:*","matchCriteriaId":"16B4DAE9-D008-4E98-8AE2-6A5B5B71AAC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:moonsoftware:password_agent:20.10.1:*:*:*:*:*:*:*","matchCriteriaId":"555BE493-5C7D-4AFB-BE0D-CDA400160B71"},{"vulnerable":true,"criteria":"cpe:2.3:a:nefarius:scptoolkit:1.6.238.16010:*:*:*:*:*:*:*","matchCriteriaId":"050AA00C-8EE9-4862-AF76-9F25ADA565FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:plagiarismcheckerx:plagiarism_checker_x:8.0.6:*:*:*:*:*:*:*","matchCriteriaId":"98E15E9E-A340-43D8-830E-8F5538B55D70"},{"vulnerable":true,"criteria":"cpe:2.3:a:prusa3d:prusaslicer:2.4.2:*:*:*:*:*:*:*","matchCriteriaId":"2AF2822E-6C55-4E28-BDCB-B0915C1663BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:realdefense:mycleanid:4.1.4:*:*:*:*:*:*:*","matchCriteriaId":"A602BAC5-DCD5-4732-9645-72AC8571D39E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realdefense:mycleanpc:4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"EE5E254C-AF36-4489-9FD9-BE73DA7B812F"},{"vulnerable":true,"criteria":"cpe:2.3:a:realdefense:mypasslock:1.9.6:*:*:*:*:*:*:*","matchCriteriaId":"1D3D4E66-25C4-4269-980B-EB60D4BD34CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:rovio:angry_birds_space:1.4.1:*:*:*:*:*:*:*","matchCriteriaId":"A8ADCDAA-BE19-4637-8D6A-1F61605A78C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:rovio:bad_piggies:1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"5729781C-5957-4F08-A8D5-FD0999AB56A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:synaptics:displaylink_usb_graphics:*:*:*:*:*:windows:*:*","versionEndExcluding":"10.3.6400.0","matchCriteriaId":"53E39B75-F9DD-4609-BD37-0B542A131EFE"},{"vulnerable":true,"criteria":"cpe:2.3:a:urban-vpn:urban_vpn:2.2.5:*:*:*:*:*:*:*","matchCriteriaId":"679DCBAE-46C5-473D-A904-2D5ADFB8758F"},{"vulnerable":true,"criteria":"cpe:2.3:a:vigem:vigembus_driver:1.16.116:*:*:*:*:*:*:*","matchCriteriaId":"751DA7D2-48CF-495E-A4C2-257D6EE55A7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:vpnhood:vpnhood:2.4.299:*:*:*:*:windows:*:*","matchCriteriaId":"CD05193F-055E-4873-8E8C-7F06ABB1866B"},{"vulnerable":true,"criteria":"cpe:2.3:a:vrdesktop:virtual_desktop_streamer:1.20.16:*:*:*:*:*:*:*","matchCriteriaId":"135F7469-5512-4AA8-88DC-29F2B9EC83B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:xsplit:xsplit_express_video_editor:3.0.2001.801:*:*:*:*:*:*:*","matchCriteriaId":"E4AA9E71-CCD5-4704-A48B-52A831C190D3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:vw0420_firmware:1.33.0:*:*:*:*:*:*:*","matchCriteriaId":"41F2B7CD-4BB2-4E26-97FE-0BFCBD0BA8CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:vw0420:-:*:*:*:*:*:*:*","matchCriteriaId":"6F34AF28-A3F5-4AEA-A272-9561FA3AC1CF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rstinstruments:inclinalysis_digital_inclinometer:2.48.9:*:*:*:*:*:*:*","matchCriteriaId":"A9E3980D-BD39-4AA9-9104-EE09613603D0"},{"vulnerable":true,"criteria":"cpe:2.3:a:rstinstruments:ipi_utility:1.05.0:*:*:*:*:*:*:*","matchCriteriaId":"D5A1FD21-BDDB-4124-AF89-9856119BCFA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:rstar_rtu_host:1.33.0:*:*:*:*:*:*:*","matchCriteriaId":"7B42174F-BAB9-4B6E-B9DC-79E1E5B5D959"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2011_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"52EEA6AD-CABE-4CEE-8DB8-853C3EB7448A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2011:-:*:*:*:*:*:*:*","matchCriteriaId":"E1EAE7AC-F74E-4902-9F61-71CAB183F95E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2011b_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"4C0EE19C-A372-4C78-9E72-5F2DDDA99174"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2011b:-:*:*:*:*:*:*:*","matchCriteriaId":"3339FD4E-A230-41A4-BD22-796B9DAB2441"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2040_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"EA87C91C-ECC2-4A43-9E31-FD0B2AF7E8B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2040:-:*:*:*:*:*:*:*","matchCriteriaId":"3667DAF9-78AE-4A3E-909D-BBA87746C064"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2050_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"2AEFAD24-80F7-4B97-A923-D0D3FB805802"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2050:-:*:*:*:*:*:*:*","matchCriteriaId":"06B01F16-A33E-4288-9132-8AB91D107E0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2050b_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"8F96B57E-090C-434E-83A4-71E127D563F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2050b:-:*:*:*:*:*:*:*","matchCriteriaId":"DC92D0A1-93B3-4D06-9773-60CB9692A11E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2055b_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9F6E888A-2B15-46B6-A0F4-7B2BB9C02490"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2055b:-:*:*:*:*:*:*:*","matchCriteriaId":"66512112-CA68-4914-A6AD-28C7C3D5E5E7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2306_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"887B5A1C-AE21-47C2-ACB5-D0D7DE1BF209"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2306:-:*:*:*:*:*:*:*","matchCriteriaId":"39AC0E88-CEB8-4D09-8681-B635414BD13D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2350_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"25F88445-B2FE-45F4-9BC0-43BB5EED30FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2350:-:*:*:*:*:*:*:*","matchCriteriaId":"E385F6D9-498E-450A-98AB-12D213EBC741"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt2485_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"7CE4AA8A-D27F-439B-B13E-85BC966DCB6E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt2485:-:*:*:*:*:*:*:*","matchCriteriaId":"6E3F51E6-06FF-471A-9FD6-F13F263B9343"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dt4205_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E202C2ED-B24B-4D65-B68D-1AB4E7D70B32"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dt4205:-:*:*:*:*:*:*:*","matchCriteriaId":"D2A9155E-EDD5-42B3-ADA8-C6566D18DD7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dtsaa_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"50E3B8EC-2ED2-4BC4-9E17-BB98DD2CEF5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dtsaa:-:*:*:*:*:*:*:*","matchCriteriaId":"C451A545-530A-4812-9981-34CEF6110608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:ic6560_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"FFBB43A3-E06E-4FED-83A8-CF02D9A97131"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:ic6560:-:*:*:*:*:*:*:*","matchCriteriaId":"DE451B36-C867-43F8-AF37-DBD2D5916DA7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:ic6660_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"748B8996-F43B-4A75-A361-2038B15A26AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:ic6660:-:*:*:*:*:*:*:*","matchCriteriaId":"6D58B98B-2929-4979-9BCE-503E908CEFA9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:dtl201b\\/2b_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9001EC91-14AA-41D1-820A-CA49CF247303"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:dtl201b\\/2b:-:*:*:*:*:*:*:*","matchCriteriaId":"C674D6C7-5DDF-40E8-BBC8-DDF872FE853B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:mtcm_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"3AAA78A2-00CE-42E0-BBD4-BB3C174325F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:mtcm:-:*:*:*:*:*:*:*","matchCriteriaId":"E78D1CFA-DB46-444B-9193-839CD62EE796"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:gaa2820_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"E4C54859-67B3-482C-9C11-92C4334C0696"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:gaa2820:-:*:*:*:*:*:*:*","matchCriteriaId":"3E123B97-89D6-4C51-B76F-55B3AA0D19E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:rtu_firmware:1.19.4.0:*:*:*:*:*:*:*","matchCriteriaId":"D9850BE4-1243-453B-943A-161F290AC28B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:rtu:-:*:*:*:*:*:*:*","matchCriteriaId":"C0BBB33B-1133-4CAF-83DB-81E23620F613"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:mems_tilt_meter_firmware:1.20.1:*:*:*:*:*:*:*","matchCriteriaId":"1468DB04-9851-4D48-B642-F06ADC4CEF0B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:mems_tilt_meter:-:*:*:*:*:*:*:*","matchCriteriaId":"28167223-C3FE-4506-A820-511DC8772823"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:portable_tilt_meter_firmware:1.20.1:*:*:*:*:*:*:*","matchCriteriaId":"2D9697D8-AD61-426F-940A-0AC554607ED1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:portable_tilt_meter:-:*:*:*:*:*:*:*","matchCriteriaId":"DEB4AB63-9B50-4D05-B999-95298EDC3799"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:vw2106_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E141994E-06E4-4F61-889E-7132EC70CF91"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:vw2106:-:*:*:*:*:*:*:*","matchCriteriaId":"0DC3F050-4086-4049-B042-40714AE4B6F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:th2016_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"8AFA437F-830C-43CF-8713-71CD021DB308"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:th2016:-:*:*:*:*:*:*:*","matchCriteriaId":"90A688FA-82A7-4427-9DAC-53DD754F93CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:th2016b_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"DA2AC142-76B2-4D79-9D74-0E2157D215E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:th2016b:-:*:*:*:*:*:*:*","matchCriteriaId":"686DC243-CEE0-4A05-BD08-2026DE0F7A03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:ma7_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"37E7345B-9442-46A8-9B9C-22BE88975C17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:ma7:-:*:*:*:*:*:*:*","matchCriteriaId":"9856063D-92A6-4500-8580-1C06C51DB47F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:qb120_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"5E3F7A0C-5120-41C0-8FD3-6BD701054919"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:qb120:-:*:*:*:*:*:*:*","matchCriteriaId":"400DBC5A-79FA-4BB2-98D8-D86B0624A05E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:sg350_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"C7BB3B34-C49F-47C3-AFB6-FC0B3DC03566"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:sg350:-:*:*:*:*:*:*:*","matchCriteriaId":"B2A10D4B-759D-4930-8C09-0E002210265E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:ir420_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6E118A74-6319-419A-970C-B2B16AB80312"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:ir420:-:*:*:*:*:*:*:*","matchCriteriaId":"225A4FE3-1FCB-44F0-9DD3-0A8D3869A8D0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:lp100_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"66F0AADF-053C-4E4F-98C0-D1512276D6ED"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:lp100:-:*:*:*:*:*:*:*","matchCriteriaId":"76513FD5-8131-4CEE-B266-243CF39A3E87"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:rstinstruments:c109_firmware:1.4.0.2:*:*:*:*:*:*:*","matchCriteriaId":"372BFCE3-D88E-4606-B8D9-A2A052CC4B04"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:rstinstruments:c109:-:*:*:*:*:*:*:*","matchCriteriaId":"D6C44A88-9785-49C0-85A3-EC8BCCB5DAA3"}]}]}],"references":[{"url":"https://gerr.re/posts/cve-2022-27438/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.advancedinstaller.com/security-updates-auto-updater.html","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://gerr.re/posts/cve-2022-27438/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.advancedinstaller.com/security-updates-auto-updater.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-30075","sourceIdentifier":"cve@mitre.org","published":"2022-06-09T04:15:11.180","lastModified":"2026-07-09T01:17:29.307","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In TP-Link Router AX50 firmware 210730 and older, import of a malicious backup file via web interface can lead to remote code execution due to improper validation."},{"lang":"es","value":"En el firmware 210730 del router AX50 de TP-Link y anteriores, la importación de un archivo de copia de seguridad malicioso por medio de la interfaz web puede conllevar a una ejecución de código remota debido a una comprobación inapropiada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_ax50_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"210730","matchCriteriaId":"538151A7-527D-470C-8119-F14A1E02A0BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_ax50:-:*:*:*:*:*:*:*","matchCriteriaId":"68C39CEB-FAC7-4EF7-A7DF-59EFB27F0B40"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/aaronsvk","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/aaronsvk/CVE-2022-30075","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50962","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://packetstormsecurity.com/files/167522/TP-Link-AX50-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/aaronsvk","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/aaronsvk/CVE-2022-30075","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.exploit-db.com/exploits/50962","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-41663","sourceIdentifier":"cve@mitre.org","published":"2022-06-13T18:15:09.827","lastModified":"2026-07-09T01:17:04.027","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page."},{"lang":"es","value":"Se presenta una vulnerabilidad de tipo cross-site scripting (XSS) en Mini CMS Versión 1.11. La vulnerabilidad se presenta en la página de carga de artículos: post-edit.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:1234n:minicms:1.11:*:*:*:*:*:*:*","matchCriteriaId":"EFF126BA-FB8A-4D2A-8B51-D19BF0F8C301"}]}]}],"references":[{"url":"https://github.com/bg5sbk/MiniCMS","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/bg5sbk/MiniCMS/issues/41","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/bg5sbk/MiniCMS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/bg5sbk/MiniCMS/issues/41","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40649","sourceIdentifier":"cve@mitre.org","published":"2022-06-14T10:15:17.977","lastModified":"2026-07-09T01:17:01.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set."},{"lang":"es","value":"En Connx Versión 6.2.0.1269 (20210623), una cookie puede ser emitida por la aplicación y no tener el flag HttpOnly establecido"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:N","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softwareag:connx:6.2.0.1269:*:*:*:*:*:*:*","matchCriteriaId":"000FF904-3B87-4C8C-B183-2FDFFBD9A54F"}]}]}],"references":[{"url":"https://github.com/l00neyhacker/CVE-2021-40649","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/l00neyhacker/CVE-2021-40649","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-40650","sourceIdentifier":"cve@mitre.org","published":"2022-06-14T10:15:18.037","lastModified":"2026-07-09T01:17:02.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set."},{"lang":"es","value":"En Connx Versión 6.2.0.1269 (20210623), una cookie puede ser emitida por la aplicación y no tener el flag seguro establecido"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:N/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softwareag:connx:6.2.0.1269:*:*:*:*:*:*:*","matchCriteriaId":"000FF904-3B87-4C8C-B183-2FDFFBD9A54F"}]}]}],"references":[{"url":"https://github.com/l00neyhacker/CVE-2021-40650","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/l00neyhacker/CVE-2021-40650","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42675","sourceIdentifier":"cve@mitre.org","published":"2022-06-14T17:15:08.120","lastModified":"2026-07-09T01:17:06.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Kreado Kreasfero 1.5 does not properly sanitize uploaded files to the media directory. One can upload a malicious PHP file and obtain remote code execution."},{"lang":"es","value":"Kreado Kreasfero versión 1.5, no sanea apropiadamente los archivos subidos al directorio multimedia. Puede subirse un archivo PHP malicioso y obtener una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kreado:kreasfero:1.5:*:*:*:*:*:*:*","matchCriteriaId":"AED945A6-DA1F-4052-AC22-CDE1ADF52472"}]}]}],"references":[{"url":"https://twitter.com/1ofThegutHakrs/status/1536246485188128768","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://twitter.com/1ofThegutHakrs/status/1536246485188128768","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-41672","sourceIdentifier":"cve@mitre.org","published":"2022-06-15T16:15:08.407","lastModified":"2026-07-09T01:17:04.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database."},{"lang":"es","value":"PEEL Shopping CMS versión 9.4.0, es vulnerable a una inyección SQL autenticada en el archivo utilisateurs.php. Un usuario que pertenezca al grupo de administradores puede inyectar una consulta SQL maliciosa para afectar a la lógica de ejecución de la aplicación y recuperar información de la base de datos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:peel:peel_shopping:9.4.0:*:*:*:*:*:*:*","matchCriteriaId":"45FFE80C-0ABF-494F-9AE3-9A35E2535DC2"}]}]}],"references":[{"url":"https://github.com/advisto/peel-shopping/issues/5","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/advisto/peel-shopping/issues/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30023","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T15:15:09.203","lastModified":"2026-07-09T01:17:28.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda ONT GPON AC1200 Dual band WiFi HG9 v1.0.1 is vulnerable to Command Injection via the Ping function."},{"lang":"es","value":"Tenda ONT GPON AC1200 Dual band WiFi HG9 versión v1.0.1, es vulnerable a una inyección de comandos por medio de la función Ping"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:hg9_firmware:1.0.1:*:*:*:*:*:*:*","matchCriteriaId":"6923B663-AD93-4D3F-86E7-DA80D9ECE87F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:hg9:-:*:*:*:*:*:*:*","matchCriteriaId":"2AF5C6DE-C14B-4700-8EFC-3EDA0BED0535"}]}]}],"references":[{"url":"https://github.com/Haniwa0x01/CVE-2022-30023","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Haniwa0x01/CVE-2022-30023","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31382","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T17:15:08.537","lastModified":"2026-07-09T01:17:30.490","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php."},{"lang":"es","value":"Se ha detectado que Directory Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro searchdata en el archivo search-dirctory.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"77986F29-8C0B-4B73-BD32-6A610A89C64B"}]}]}],"references":[{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31382.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31382.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31383","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T17:15:08.580","lastModified":"2026-07-09T01:17:30.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php."},{"lang":"es","value":"Se ha detectado que Directory Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro editid en el archivo view-directory.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"77986F29-8C0B-4B73-BD32-6A610A89C64B"}]}]}],"references":[{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31383.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31383.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31384","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T17:15:08.627","lastModified":"2026-07-09T01:17:30.723","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php."},{"lang":"es","value":"Se ha detectado que Directory Management System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro fullname en el archivo add-directory.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"77986F29-8C0B-4B73-BD32-6A610A89C64B"}]}]}],"references":[{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31384.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-31384.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24562","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T19:15:07.723","lastModified":"2026-07-09T01:17:17.433","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the victim's endpoint, which can result in data theft and remote code execution."},{"lang":"es","value":"En IOBit IOTransfer versión 4.3.1.1561, un atacante no autenticado puede enviar peticiones GET y POST a Airserv y conseguir acceso arbitrario de lectura/escritura a todo el sistema de archivos (con privilegios de administrador) en el endpoint de la víctima, lo que puede resultar en el robo de datos y una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:C/I:C/A:C","baseScore":10.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:iotransfer:4.3.1.1561:*:*:*:*:*:*:*","matchCriteriaId":"97A397DD-605A-4021-B392-32BC8F128C67"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167775/IOTransfer-4.0-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/@tomerp_77017/exploiting-iotransfer-insecure-api-cve-2022-24562-a2c4a3f9149d","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/167775/IOTransfer-4.0-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://medium.com/%40tomerp_77017/exploiting-iotransfer-insecure-api-cve-2022-24562-a2c4a3f9149d","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-26173","sourceIdentifier":"cve@mitre.org","published":"2022-06-16T22:15:07.940","lastModified":"2026-07-09T01:17:21.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"JForum v2.8.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via http://target_host:port/jforum-2.8.0/jforum.page, which allows attackers to arbitrarily add admin accounts."},{"lang":"es","value":"Se ha detectado que JForum versión v2.8.0, contiene una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) por medio de http://target_host:port/jforum-2.8.0/jforum.page, que permite a atacantes añadir arbitrariamente cuentas de administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jforum:jforum:2.8.0:*:*:*:*:*:*:*","matchCriteriaId":"5DB863A5-98CF-4A8E-9A40-E534A75BFDD4"}]}]}],"references":[{"url":"https://community.jforum.net/posts/list/248.page","source":"cve@mitre.org","tags":["Mailing List","Release Notes","Vendor Advisory"]},{"url":"https://github.com/WULINPIN/CVE/blob/main/JForum/poc.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://jforum.net/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://sourceforge.net/p/jforum2/wiki2/NewFeatures281/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://community.jforum.net/posts/list/248.page","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Release Notes","Vendor Advisory"]},{"url":"https://github.com/WULINPIN/CVE/blob/main/JForum/poc.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://jforum.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://sourceforge.net/p/jforum2/wiki2/NewFeatures281/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45024","sourceIdentifier":"cve@mitre.org","published":"2022-06-17T13:15:12.243","lastModified":"2026-07-09T01:17:10.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to XML External Entity (XXE)."},{"lang":"es","value":"ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition versión  4.2.1, es vulnerable a un ataque de tipo XML External Entity (XXE)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rocketsoftware:ags-zena:4.2.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"6F475B39-4862-4827-95BE-FDD57C119651"}]}]}],"references":[{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-45025","sourceIdentifier":"cve@mitre.org","published":"2022-06-17T13:15:12.293","lastModified":"2026-07-09T01:17:10.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cleartext Storage of Sensitive Information in a Cookie."},{"lang":"es","value":"ASG technologies ( A Rocket Software Company) ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 es vulnerable a un Almacenamiento en Texto sin Cifrar de Información Confidencial en una Cookie"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rocketsoftware:ags-zena:4.2.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"6F475B39-4862-4827-95BE-FDD57C119651"}]}]}],"references":[{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-45026","sourceIdentifier":"cve@mitre.org","published":"2022-06-17T13:15:12.343","lastModified":"2026-07-09T01:17:10.423","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASG technologies ASG-Zena Cross Platform Server Enterprise Edition 4.2.1 is vulnerable to Cross Site Scripting (XSS)."},{"lang":"es","value":"ASG technologies ASG-Zena Cross Platform Server Enterprise Edition versión 4.2.1, es vulnerable a un ataque de tipo Cross Site Scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rocketsoftware:ags-zena:4.2.1:*:*:*:enterprise:*:*:*","matchCriteriaId":"6F475B39-4862-4827-95BE-FDD57C119651"}]}]}],"references":[{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://docs.rocketsoftware.com/bundle/ven1649700711249/page/ayk1652945111726.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25585","sourceIdentifier":"cve@mitre.org","published":"2022-06-21T14:15:08.097","lastModified":"2026-07-09T01:17:20.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unioncms v1.0.13 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Default settings."},{"lang":"es","value":"Se ha detectado que Unioncms versión v1.0.13, contiene una vulnerabilidad de cross-site scripting (XSS) almacenado por medio de la configuración predeterminada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:unioncms_project:unioncms:1.0.13:*:*:*:*:*:*:*","matchCriteriaId":"8E5CB98C-1419-4DB8-AC1F-FDC98E576536"}]}]}],"references":[{"url":"https://github.com/union-home/unioncms/issues/5","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/union-home/unioncms/issues/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-21046","sourceIdentifier":"cve@mitre.org","published":"2022-06-24T16:15:08.120","lastModified":"2026-07-09T00:16:53.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A local privilege escalation vulnerability was identified within the \"luminati_net_updater_win_eagleget_com\" service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate their privilege and conduct code execution as a SYSTEM privilege."},{"lang":"es","value":"Se ha identificado una vulnerabilidad de escalada de privilegios local en el servicio \"luminati_net_updater_win_eagleget_com\" de la versión 2.1.5.20 Stable de EagleGet Downloader. Este problema permite a un usuario no administrativo autenticado escalar su privilegio y conducir una ejecución de código como privilegio de SYSTEM"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softonic:eagleget:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.6.40","matchCriteriaId":"41DFCD01-3B06-40C5-AFBB-893452204E0A"}]}]}],"references":[{"url":"https://medium.com/@n1pwn/local-privilege-escalation-in-eagleget-1fde79fe47c0","source":"cve@mitre.org"},{"url":"https://medium.com/%40n1pwn/local-privilege-escalation-in-eagleget-1fde79fe47c0","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-29330","sourceIdentifier":"cve@mitre.org","published":"2022-06-24T16:15:09.617","lastModified":"2026-07-09T01:17:27.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to access the PJSIP and SIP extension credentials, cryptographic keys and voicemails files via unspecified vectors."},{"lang":"es","value":"Una falta de control de acceso en el sistema de respaldo de Telesoft VitalPBX versiones anteriores a 3.2.1, permite a atacantes acceder a las credenciales de las extensiones PJSIP y SIP, a las claves criptográficas y los archivos de mensajes de voz por medio de vectores no especificados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-330"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vitalpbx:vitalpbx:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.1","matchCriteriaId":"16786075-2658-4198-85D1-9F2DB24D525F"}]}]}],"references":[{"url":"https://www.arsouyes.org/blog/2022/2022-06-30-VitalPBX-0day","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.arsouyes.org/blog/2022/2022-06-30-VitalPBX-0day","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-27509","sourceIdentifier":"cve@mitre.org","published":"2022-06-26T13:15:08.130","lastModified":"2026-07-09T01:16:42.263","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a specially crafted XSS payload in the 'subject' field. The payload executes when the recipient logs into their mailbox."},{"lang":"es","value":"Un ataque de tipo XSS persistente en Galaxkey Secure Mail Client en Galaxkey versiones hasta 5.6.11.5, permite a un atacante llevar a cabo una toma de control de la cuenta al interceptar la petición HTTP Post cuando es enviado un correo electrónico e inyectando una carga útil de tipo XSS especialmente diseñada en el campo \"subject\". La carga útil es ejecutada cuando el destinatario es conectado a su buzón de correo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:galaxkey:galaxkey:*:*:*:*:*:*:*:*","versionEndExcluding":"5.6.11.5","matchCriteriaId":"D32C0E21-5211-4459-B2E1-EC49239AA79A"}]}]}],"references":[{"url":"https://medium.com/@tomhulme_74888/persistent-cross-site-scripting-leading-to-full-account-takeover-on-galaxkey-v5-6-11-4-8bf96be35b54","source":"cve@mitre.org"},{"url":"https://medium.com/%40tomhulme_74888/persistent-cross-site-scripting-leading-to-full-account-takeover-on-galaxkey-v5-6-11-4-8bf96be35b54","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2020-21161","sourceIdentifier":"cve@mitre.org","published":"2022-06-27T15:15:07.593","lastModified":"2026-07-09T00:16:53.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en Ruckus Wireless ZoneDirector versión 9.8.3.0"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruckuswireless:zonedirector_firmware:9.8.3.0:*:*:*:*:*:*:*","matchCriteriaId":"51EC9ED4-65ED-4C3D-82AE-8999F7B095FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruckuswireless:zonedirector:-:*:*:*:*:*:*:*","matchCriteriaId":"BC847897-E9C7-4247-BC22-E999847E1110"}]}]}],"references":[{"url":"https://dollahibrahim.blogspot.com/2019/11/cross-site-scripting-on-ruckus.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://dollahibrahim.blogspot.com/2019/11/cross-site-scripting-on-ruckus.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-33009","sourceIdentifier":"cve@mitre.org","published":"2022-06-27T23:15:08.313","lastModified":"2026-07-09T01:17:32.163","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado en LightCMS versión v1.3.11, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de la carga de un archivo PDF diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lightcms_project:lightcms:1.3.11:*:*:*:*:*:*:*","matchCriteriaId":"839D2756-08AD-46B0-9B7B-694C35D3B6CE"}]}]}],"references":[{"url":"https://github.com/eddy8/LightCMS","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/eddy8/LightCMS/issues/30","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/eddy8/LightCMS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/eddy8/LightCMS/issues/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31897","sourceIdentifier":"cve@mitre.org","published":"2022-06-29T01:15:07.637","lastModified":"2026-07-09T01:17:31.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SourceCodester Zoo Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via public_html/register_visitor?msg=."},{"lang":"es","value":"SourceCodester Zoo Management System versión 1.0, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de public_html/register_visitor?msg="}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"541460D0-FA92-4BC4-A965-28C723E93736"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/167572/Zoo-Management-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/167572/Zoo-Management-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-32384","sourceIdentifier":"cve@mitre.org","published":"2022-07-01T21:15:08.320","lastModified":"2026-07-09T01:17:31.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet."},{"lang":"es","value":"Se ha detectado que Tenda AC23 versión v16.03.07.44, contiene un desbordamiento de pila por medio del parámetro security_5g en la función formWifiBasicSet"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac23_ac2100_firmware:16.03.07.44:*:*:*:*:*:*:*","matchCriteriaId":"1874FFA4-4C7D-43DC-8C4F-62386704EA37"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac23_ac2100:-:*:*:*:*:*:*:*","matchCriteriaId":"91036786-3497-4A99-8081-E9A97BE49551"}]}]}],"references":[{"url":"https://drive.google.com/file/d/16hshiCHS8j3YaFPkQD3xajVuwu_QVBe3/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.google.com/file/d/16hshiCHS8j3YaFPkQD3xajVuwu_QVBe3/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-33075","sourceIdentifier":"cve@mitre.org","published":"2022-07-05T18:15:08.150","lastModified":"2026-07-09T01:17:32.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via unspecified vectors."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenada en la función Add Classification de Zoo Management System versión v1.0, permite a atacantes ejecutar scripts web o HTM arbitrarios por medio de vectores no especificados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:zoo_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"541460D0-FA92-4BC4-A965-28C723E93736"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/167603/Zoo-Management-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/167603/Zoo-Management-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-32385","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T12:15:08.317","lastModified":"2026-07-09T01:17:31.660","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote)."},{"lang":"es","value":"Tenda AC23 versión v16.03.07.44, es vulnerable a un desbordamiento de pila que permitirá una ejecución de código arbitrario (remoto)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac23_ac2100_firmware:16.03.07.44:*:*:*:*:*:*:*","matchCriteriaId":"1874FFA4-4C7D-43DC-8C4F-62386704EA37"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac23_ac2100:-:*:*:*:*:*:*:*","matchCriteriaId":"91036786-3497-4A99-8081-E9A97BE49551"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1wyc9CBd3NW2bFbRhGcAaHEYJK1G2a21Y/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/LuGakki/Vuln/blob/main/Tenda%20AC23.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1wyc9CBd3NW2bFbRhGcAaHEYJK1G2a21Y/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/LuGakki/Vuln/blob/main/Tenda%20AC23.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-32386","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T12:15:08.360","lastModified":"2026-07-09T01:17:31.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan."},{"lang":"es","value":"Se ha detectado que Tenda AC23 versión v16.03.07.44, contiene un desbordamiento de búfer por medio de la función fromAdvSetMacMtuWan"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac23_ac2100_firmware:16.03.07.44:*:*:*:*:*:*:*","matchCriteriaId":"1874FFA4-4C7D-43DC-8C4F-62386704EA37"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac23_ac2100:-:*:*:*:*:*:*:*","matchCriteriaId":"91036786-3497-4A99-8081-E9A97BE49551"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1XPTEt10yJt9WcLrIt6YpDV5OlP-U6dBR/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/LuGakki/Vuln/blob/main/Tenda%20AC23.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1XPTEt10yJt9WcLrIt6YpDV5OlP-U6dBR/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/LuGakki/Vuln/blob/main/Tenda%20AC23.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24138","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T13:15:09.230","lastModified":"2026-07-09T01:17:15.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has \"rwx\" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine component with a malicious executable thus gaining code execution as a high privilege user (Low Privilege -> high integrity ADMIN)."},{"lang":"es","value":"IOBit Advanced System Care (Asc.exe) versión 15 y Action Download Center descargan componentes de la suite IOBit en la carpeta ProgramData, la carpeta ProgramData presenta permisos \"rwx\" para usuarios no privilegiados. Los usuarios poco privilegiados pueden usar SetOpLock para esperar a CreateProcess y cambiar el componente genuino por un ejecutable malicioso, obteniendo así la ejecución de código como usuario con altos privilegios (Privilegio bajo -) ADMIN de integridad alta)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_systemcare:15:*:*:*:free:*:*:*","matchCriteriaId":"2A031687-9518-44FF-A39F-00FEDC96B1BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_systemcare:15:*:*:*:pro:*:*:*","matchCriteriaId":"AA804555-859A-4A03-9133-4BEE1B84981A"}]}]}],"references":[{"url":"https://github.com/tomerpeled92/CVE/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/tomerpeled92/CVE/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24139","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T13:15:09.273","lastModified":"2026-07-09T01:17:16.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In IOBit Advanced System Care (AscService.exe) 15, an attacker with SEImpersonatePrivilege can create a named pipe with the same name as one of ASCService's named pipes. ASCService first tries to connect before trying to create the named pipes, because of that during login the service will try to connect to the attacker which will lead to either escalation of privileges (through token manipulation and ImpersonateNamedPipeClient() ) from ADMIN -> SYSTEM or from Local ADMIN-> Domain ADMIN depending on the user and named pipe that is used."},{"lang":"es","value":"En IOBit Advanced System Care (AscService.exe) versión 15, un atacante con SEImpersonatePrivilege puede crear una tubería con nombre con el mismo nombre que una de las tuberías con nombre de ASCService. ASCService primero intenta conectarse antes de intentar crear las tuberías con nombre, debido a que durante el inicio de sesión el servicio intentará conectarse con el atacante lo que conllevará a una escalada de privilegios (mediante la manipulación de tokens e ImpersonateNamedPipeClient() ) desde ADMIN -) SYSTEM o desde Local ADMIN-) Domain ADMIN dependiendo del usuario y la tubería con nombre que sea usado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_system_care:15:*:*:*:free:*:*:*","matchCriteriaId":"FF6E8D50-6B8B-43AA-9338-1A4DBE83DB34"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_system_care:15:*:*:*:pro:*:*:*","matchCriteriaId":"1DA08A7C-9D84-4C40-84B4-C0541BCAB266"}]}]}],"references":[{"url":"https://github.com/tomerpeled92/CVE/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/tomerpeled92/CVE/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24140","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T13:15:09.313","lastModified":"2026-07-09T01:17:16.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IOBit Advanced System Care 15, iTop Screen Recorder 2.1, iTop VPN 3.2, Driver Booster 9, and iTop Screenshot sends HTTP requests in their update procedure in order to download a config file. After downloading the config file, the products will parse the HTTP location of the update from the file and will try to install the update automatically with ADMIN privileges. An attacker Intercepting this communication can supply the product a fake config file with malicious locations for the updates thus gaining a remote code execution on an endpoint."},{"lang":"es","value":"IOBit Advanced System Care versión 15, iTop Screen Recorder versión 2.1, iTop VPN versión 3.2, Driver Booster versión 9 e iTop Screenshot envían peticiones HTTP en su procedimiento de actualización para descargar un archivo de configuración. Después de descargar el archivo de configuración, los productos analizarán la ubicación HTTP de la actualización desde el archivo e intentarán instalar la actualización automáticamente con privilegios de administrador. Un atacante que intercepte esta comunicación puede suministrar al producto un archivo de configuración falso con ubicaciones maliciosas para las actualizaciones, obteniendo así una ejecución de código remota en un endpoint"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.7,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-494"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_system_care:15:*:*:*:free:*:*:*","matchCriteriaId":"FF6E8D50-6B8B-43AA-9338-1A4DBE83DB34"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:advanced_system_care:15:*:*:*:pro:*:*:*","matchCriteriaId":"1DA08A7C-9D84-4C40-84B4-C0541BCAB266"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:driver_booster:9:*:*:*:*:*:*:*","matchCriteriaId":"B9D2756E-6714-4D24-B06E-13AC9E1872A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:itop_screen_recorder:2.1:*:*:*:*:*:*:*","matchCriteriaId":"1EE3AD53-D48B-4FA0-BCAB-FDDBA8217F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:itop_screenshot:-:*:*:*:*:*:*:*","matchCriteriaId":"ED706F7F-0675-499C-9F7D-D69563139413"},{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:itop_vpn:3.2:*:*:*:*:*:*:*","matchCriteriaId":"D35825EC-63C8-4374-B4F4-FD88193C7895"}]}]}],"references":[{"url":"https://github.com/tomerpeled92/CVE/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/tomerpeled92/CVE/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-24141","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T13:15:09.357","lastModified":"2026-07-09T01:17:16.303","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient()."},{"lang":"es","value":"El componente iTopVPNmini.exe de iTop VPN versión 3.2, intentará conectarse a datastate_iTopVPN_Pipe_Server en un bucle. Un atacante que abriera una tubería con nombre con el mismo nombre puede usarla para obtener el token de otro usuario escuchando conexiones y abusando de la función ImpersonateNamedPipeClient()"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:N","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iobit:itop_vpn:3.2:*:*:*:*:*:*:*","matchCriteriaId":"D35825EC-63C8-4374-B4F4-FD88193C7895"}]}]}],"references":[{"url":"https://github.com/tomerpeled92/CVE/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/tomerpeled92/CVE/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-33047","sourceIdentifier":"cve@mitre.org","published":"2022-07-06T19:15:08.590","lastModified":"2026-07-09T01:17:32.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c."},{"lang":"es","value":"Se ha detectado que OTFCC versión v0.10.4, contiene un desbordamiento del búfer de la pila de memoria previamente liberada por medio del archivo otfccbuild.c"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:otfcc_project:otfcc:0.10.4:*:*:*:*:*:*:*","matchCriteriaId":"CF47B8F2-5558-4B1F-8E40-0E7D0397AE3C"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1g3MQajVLZAaZMRfIQHSLT6XRw-B4Dmz8/view?usp=sharing","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1g3MQajVLZAaZMRfIQHSLT6XRw-B4Dmz8/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-33098","sourceIdentifier":"cve@mitre.org","published":"2022-07-07T19:15:08.387","lastModified":"2026-07-09T01:17:32.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted SVG document, with JavaScript, for a profile picture."},{"lang":"es","value":"Se ha detectado que Magnolia CMS versión v6.2.19, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio de la función Edit Contact. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:magnolia-cms:magnolia_cms:6.2.19:*:*:*:*:*:*:*","matchCriteriaId":"0B49DE8B-D8B9-4A46-8270-DE4C45CA2C48"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167705/Magnolia-CMS-6.2.19-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"https://docs.magnolia-cms.com/product-docs/6.2/releases/release-notes-for-magnolia-cms-6.2.22/","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2021-36665","sourceIdentifier":"cve@mitre.org","published":"2022-07-12T14:15:14.407","lastModified":"2026-07-09T01:16:58.107","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Druva 6.9.0 for macOS, allows attackers to gain escalated local privileges via the inSyncUpgradeDaemon."},{"lang":"es","value":"Se ha detectado un problema en Druva versión 6.9.0 para macOS, que permite a atacantes conseguir privilegios locales escalados por medio de inSyncUpgradeDaemon"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:macos:*:*","versionEndExcluding":"7.0.0","matchCriteriaId":"598CBC2B-5D3A-4365-BABC-569B32D3BCC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"7.0.0","matchCriteriaId":"A0A331B3-077E-46D2-A41A-DE10E6576685"}]}]}],"references":[{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"cve@mitre.org","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36666","sourceIdentifier":"cve@mitre.org","published":"2022-07-12T14:15:14.453","lastModified":"2026-07-09T01:16:58.237","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Druva 6.9.0 for MacOS, allows attackers to gain escalated local privileges via the inSyncDecommission."},{"lang":"es","value":"Se ha detectado un problema en Druva versión 6.9.0 para MacOS, que permite a atacantes conseguir privilegios locales escalados por medio de inSyncDecommission"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:macos:*:*","versionEndExcluding":"7.0.0","matchCriteriaId":"598CBC2B-5D3A-4365-BABC-569B32D3BCC1"}]}]}],"references":[{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"cve@mitre.org","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36667","sourceIdentifier":"cve@mitre.org","published":"2022-07-12T14:15:14.493","lastModified":"2026-07-09T01:16:58.353","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library."},{"lang":"es","value":"Una vulnerabilidad de inyección de comandos en Druva inSync versión 6.9.0 para MacOS, permite a atacantes ejecutar comandos arbitrarios por medio de una carga útil diseñada para el servidor HTTP local debido a una llamada no saneada a la biblioteca python os.system"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:macos:*:*","versionEndExcluding":"7.0.0","matchCriteriaId":"598CBC2B-5D3A-4365-BABC-569B32D3BCC1"}]}]}],"references":[{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"cve@mitre.org","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36668","sourceIdentifier":"cve@mitre.org","published":"2022-07-12T14:15:14.533","lastModified":"2026-07-09T01:16:58.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"URL injection in Driva inSync 6.9.0 for MacOS, allows attackers to force a visit to an arbitrary url via the port parameter to the Electron App."},{"lang":"es","value":"Una inyección de URL en Driva inSync versión 6.9.0 para MacOS, permite a atacantes forzar una visita a una url arbitraria por medio del parámetro port a la aplicación Electron"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:linux:*:*","versionEndExcluding":"5.9.3","matchCriteriaId":"34B79F28-2D9C-4E66-9CEA-E8EF3C38F37C"},{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:macos:*:*","versionEndExcluding":"7.0.1","matchCriteriaId":"8FBA2945-CB72-436C-88A6-0BAB7C26FDBB"},{"vulnerable":true,"criteria":"cpe:2.3:a:druva:insync_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"7.0.1","matchCriteriaId":"BC8A2F46-A431-4C4C-B377-68011BB58255"}]}]}],"references":[{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"cve@mitre.org","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://docs.druva.com/Knowledge_Base/Security_Update/Security_Advisory_for_inSync_Client_7.0.1_and_before","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://imhotepisinvisible.com/druva-lpe/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31904","sourceIdentifier":"cve@mitre.org","published":"2022-07-12T14:15:16.880","lastModified":"2026-07-09T01:17:31.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EGT-Kommunikationstechnik UG Mediacenter before v2.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Online_Update.php."},{"lang":"es","value":"Se ha detectado que EGT-Kommunikationstechnik UG Mediacenter versiones anteriores a v2.0, contenía una vulnerabilidad de tipo cross-site scripting (XSS) por medio del componente Online_Update.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uberrider:mediacenter:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0","matchCriteriaId":"3AE25339-6BFF-47C7-AB6C-0AD7F7D4CDFF"}]}]}],"references":[{"url":"https://uberrider.de/?page_id=247","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://uberrider.de/?page_id=247","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-30024","sourceIdentifier":"cve@mitre.org","published":"2022-07-14T14:15:13.277","lastModified":"2026-07-09T01:17:29.053","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected."},{"lang":"es","value":"Un desbordamiento de búfer en el demonio httpd en los dispositivos TP-Link TL-WR841N V12 (versión de firmware 3.16.9) permite a un atacante remoto autenticado ejecutar código arbitrario por medio de una petición GET a la página de Herramientas del sistema de la red Wi-Fi. Esto afecta a los dispositivos TL-WR841 V12 TL-WR841N(EU)_V12_160624 y TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 y TL-WR841 V10 TL-WR841N_V10_150310 también están afectados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"44B31977-DF82-44D4-B86D-06811BAD44EA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841:10:*:*:*:*:*:*:*","matchCriteriaId":"1D0FF223-7AE0-4423-B291-A5E3624FE2E0"},{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841:11:*:*:*:*:*:*:*","matchCriteriaId":"71CC9729-8915-4D0E-B1BC-63D494EEA021"},{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841:12:*:*:*:*:*:*:*","matchCriteriaId":"6C94F6B3-2160-4F2D-AFA4-B540AA3B7193"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9:*:*:*:*:*:*:*","matchCriteriaId":"B81E723C-539A-41E7-8486-A8263E9491F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n:12:*:*:*:*:*:*:*","matchCriteriaId":"E855A3D8-9968-4DF9-890D-62028472A11B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n\\(eu\\)_firmware:160325:*:*:*:*:*:*:*","matchCriteriaId":"1F581106-3805-44B4-81B6-9C30D02DE3B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n\\(eu\\):11:*:*:*:*:*:*:*","matchCriteriaId":"F57BBF8C-693B-4249-8ACF-1FEE55D777D5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n_firmware:150616:*:*:*:*:*:*:*","matchCriteriaId":"D129F04E-E5E0-47C8-82DF-4B782306BC9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n:11:*:*:*:*:*:*:*","matchCriteriaId":"508A2761-3DB2-4973-8B9C-22BE876EE987"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n_firmware:150310:*:*:*:*:*:*:*","matchCriteriaId":"8CB29067-7290-4B39-ABF8-4805BAF78804"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n:10:*:*:*:*:*:*:*","matchCriteriaId":"605FA887-700C-4A7E-A253-E672D5554737"}]}]}],"references":[{"url":"https://pastebin.com/0XRFr3zE","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://pastebin.com/0XRFr3zE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-32119","sourceIdentifier":"cve@mitre.org","published":"2022-07-15T12:15:09.020","lastModified":"2026-07-09T01:17:31.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Arox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php."},{"lang":"es","value":"Se ha detectado que Arox School ERP Pro versión v1.0, contiene múltiples vulnerabilidades de carga de archivos arbitrarios por medio de la función Add Photo en el archivo photogalleries.inc.php y la función import staff excel en el archivo 1finance_master.inc.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arox:school_erp_pro:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0BD75EE7-86E6-44F6-AD3D-B086CBAAAC74"}]}]}],"references":[{"url":"https://github.com/JC175/CVE-2022-32119","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/JC175/CVE-2022-32119","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-35305","sourceIdentifier":"cve@mitre.org","published":"2022-07-15T14:15:09.343","lastModified":"2026-07-09T01:16:45.717","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross site scripting (XSS) in gollum 5.0 to 5.1.2 via the filename parameter to the 'New Page' dialog."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross site scripting (XSS) en gollum versiones 5.0 a 5.1.2, por medio del parámetro filename del diálogo \"New Page\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gollum_project:gollum:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.1.2","matchCriteriaId":"C67B7E1E-54B8-4EF0-806B-66508F1D8B94"}]}]}],"references":[{"url":"https://github.com/Szarny/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/gollum/","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/gollum/gollum/releases/tag/v5.1.2","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/Szarny/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/gollum/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/gollum/gollum/releases/tag/v5.1.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-42923","sourceIdentifier":"cve@mitre.org","published":"2022-07-18T00:15:08.457","lastModified":"2026-07-09T01:17:07.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\\ShowMyPC\\-ShowMyPC3606\\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator."},{"lang":"es","value":"ShowMyPC 3606 en Windows sufre una vulnerabilidad de secuestro de DLL. Si un atacante sobrescribe el archivo %temp%\\ShowMyPC\\\\N-ShowMyPC3606\\NwodVPN.dll, ejecutará cualquier código malicioso contenido en ese archivo. El código se ejecutará con privilegios de usuario normales a menos que el usuario ejecute específicamente ShowMyPC como administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:showmypc:showmypc:3606:*:*:*:*:*:*:*","matchCriteriaId":"E7214F66-00B9-4492-804D-6F8A509FB759"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://f20.be/cves/showmypc-cve-2021-42923","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://f20.be/cves/showmypc-cve-2021-42923","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-32450","sourceIdentifier":"cve@mitre.org","published":"2022-07-18T13:15:10.460","lastModified":"2026-07-09T01:17:31.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AnyDesk 7.0.9 allows a local user to gain SYSTEM privileges via a symbolic link because the user can write to their own %APPDATA% folder (used for ad.trace and chat) but the product runs as SYSTEM when writing chat-room data there."},{"lang":"es","value":"AnyDesk versión 7.0.9, permite a un usuario local conseguir privilegios de SYSTEM por medio de un enlace simbólico, ya que el usuario puede escribir en su propia carpeta %APPDATA% (usada para ad.trace y el chat), pero el producto es ejecutado como SYSTEM cuando son escritos allí los datos de la sala de chat"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:anydesk:anydesk:7.0.9:*:*:*:*:*:*:*","matchCriteriaId":"0E4AD7BF-E6F3-402E-89E9-9C7D8E19840C"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/167608/AnyDesk-7.0.9-Arbitrary-File-Write-Denial-Of-Service.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2022/Jul/9","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Jun/44","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/167608/AnyDesk-7.0.9-Arbitrary-File-Write-Denial-Of-Service.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://seclists.org/fulldisclosure/2022/Jul/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Jun/44","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29709","sourceIdentifier":"cve@mitre.org","published":"2022-07-25T12:15:08.287","lastModified":"2026-07-09T01:17:28.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters."},{"lang":"es","value":"Se ha detectado que CommuniLink Internet Limited CLink Office versión v2.0, contiene múltiples vulnerabilidades de inyección SQL por medio de los parámetros username y password"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:communilink:clink_office:2.0:*:*:*:*:*:*:*","matchCriteriaId":"316E2F22-D936-42A9-8B1B-4C4CEBFDF891"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/167240/CLink-Office-2.0-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/167240/CLink-Office-2.0-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-24992","sourceIdentifier":"cve@mitre.org","published":"2022-07-25T18:22:19.270","lastModified":"2026-07-09T01:17:18.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal."},{"lang":"es","value":"Una vulnerabilidad en el componente process.php de QR Code Generator versión v5.2.7, permite a atacantes llevar a cabo un salto de directorios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qr_code_generator_project:qr_code_generator:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.7","matchCriteriaId":"BC18C78D-8606-4563-BF4F-1E6084958B48"}]}]}],"references":[{"url":"https://codecanyon.net/item/qrcdr-responsive-qr-code-generator/9226839","source":"cve@mitre.org","tags":["Product"]},{"url":"https://n0lsec.medium.com/qrcdr-path-traversal-vulnerability-bb89acc0c100","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://codecanyon.net/item/qrcdr-responsive-qr-code-generator/9226839","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://n0lsec.medium.com/qrcdr-path-traversal-vulnerability-bb89acc0c100","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35131","sourceIdentifier":"cve@mitre.org","published":"2022-07-25T21:15:08.730","lastModified":"2026-07-09T01:17:33.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles."},{"lang":"es","value":"Joplin versión v2.8.8, permite a atacantes ejecutar comandos arbitrarios por medio de una carga útil diseñada inyectada en los títulos de Node"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joplinapp:joplin:2.8.8:*:*:*:*:-:*:*","matchCriteriaId":"20B5D126-34FC-4584-B3C7-A0EE8A71990C"}]}]}],"references":[{"url":"https://github.com/laurent22/joplin/releases/tag/v2.9.1","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/ly1g3/Joplin-CVE-2022-35131","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/laurent22/joplin/releases/tag/v2.9.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/ly1g3/Joplin-CVE-2022-35131","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34611","sourceIdentifier":"cve@mitre.org","published":"2022-07-27T02:15:09.450","lastModified":"2026-07-09T01:17:33.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the \"Contac #\" text field."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo /index.php/?p=report de Online Fire Reporting System versión v1.0, permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el campo de texto \"Contac #\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"951C3F1D-E425-4709-85C3-9A153CEC5C6A"}]}]}],"references":[{"url":"https://github.com/As4ki/CVE-report/blob/main/OFRS.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/As4ki/CVE-report/blob/main/OFRS.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2022-31321","sourceIdentifier":"cve@mitre.org","published":"2022-08-01T20:15:08.767","lastModified":"2026-07-09T01:17:30.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input."},{"lang":"es","value":"Se ha detectado que el parámetro foldername en Bolt versión 5.1.7, presenta una comprobación de entrada incorrecta, permitiendo a atacantes llevar a cabo una enumeración de directorios o causar una Denegación de Servicio (DoS) por medio de una entrada diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:boltcms:bolt:*:*:*:*:*:*:*:*","versionEndIncluding":"5.7","matchCriteriaId":"B745F7C0-5689-430D-B64C-6B6F8FBF2116"}]}]}],"references":[{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34530","sourceIdentifier":"cve@mitre.org","published":"2022-08-01T20:15:08.810","lastModified":"2026-07-09T01:17:33.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames."},{"lang":"es","value":"Un problema en la funcionalidad login and reset de Backdrop CMS versión v1.22.0, permite a atacantes enumerar los nombres de usuario por medio de peticiones de restablecimiento de contraseñas y las distintas respuestas devueltas basadas en los nombres de usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-640"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:backdropcms:backdrop_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"1.22.0","matchCriteriaId":"68C60B12-CA83-4FE7-A033-69E152A3309E"}]}]}],"references":[{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35118","sourceIdentifier":"cve@mitre.org","published":"2022-08-01T20:15:08.853","lastModified":"2026-07-09T01:17:33.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities."},{"lang":"es","value":"Se ha detectado que PyroCMS versión v3.9, contiene múltiples vulnerabilidades de tipo cross-site scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pyrocms:pyrocms:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9","matchCriteriaId":"607CDD24-4284-4FCF-8181-30C72F79D434"}]}]}],"references":[{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35493","sourceIdentifier":"cve@mitre.org","published":"2022-08-08T15:15:08.853","lastModified":"2026-07-08T17:17:18.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in json search parse and the json response in wrteam.in, eShop - Multipurpose Ecommerce Store Website version 3.0.4 allows remote attackers to inject arbitrary web script or HTML via the get_products?search parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el parse de la búsqueda json y la respuesta json en wrteam.in, eShop - Multipurpose Ecommerce Store Website versión 3.0.4, permite a atacantes remotos inyectar script web o HTML arbitrario por medio del parámetro get_products?search"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:03:48.218662Z","id":"CVE-2022-35493","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wrteam:eshop_-_ecommerce_\\/_store_website:*:*:*:*:*:*:*:*","versionEndIncluding":"3.0.4","matchCriteriaId":"9B57D0FE-EC6A-41AF-B341-44130CB1DC48"}]}]}],"references":[{"url":"https://github.com/Keyvanhardani/Exploit-eShop-Multipurpose-Ecommerce-Store-Website-3.0.4-Cross-Site-Scripting-XSS/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Keyvanhardani/Exploit-eShop-Multipurpose-Ecommerce-Store-Website-3.0.4-Cross-Site-Scripting-XSS/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36262","sourceIdentifier":"cve@mitre.org","published":"2022-08-15T12:15:20.673","lastModified":"2026-07-09T01:17:36.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in taocms 3.0.2. in the website settings that allows arbitrary php code to be injected by modifying config.php."},{"lang":"es","value":"Se ha detectado un problema en taocms versión 3.0.2. en la configuración del sitio web que permite inyectar código php arbitrario al modificar el archivo config.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:taogogo:taocms:3.0.2:*:*:*:*:*:*:*","matchCriteriaId":"AA84748C-B58B-4A72-A527-7FF567BACCC2"}]}]}],"references":[{"url":"https://github.com/taogogo/taocms","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/taogogo/taocms/issues/34","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/taogogo/taocms/issues/34?by=xboy%28topsec%29","source":"cve@mitre.org"},{"url":"https://github.com/taogogo/taocms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/taogogo/taocms/issues/34","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/taogogo/taocms/issues/34?by=xboy%28topsec%29","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-36524","sourceIdentifier":"cve@mitre.org","published":"2022-08-15T17:15:13.823","lastModified":"2026-07-09T01:17:36.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Static Default Credentials via /etc/init0.d/S80telnetd.sh."},{"lang":"es","value":"D-Link GO-RT-AC750 versiones GORTAC750_revA_v101b03 &amp; GO-RT-AC750_revB_FWv200b02 son vulnerables a las credenciales estáticas por defecto por medio del archivo /etc/init0.d/S80telnetd.sh."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:go-rt-ac750_firmware:101b03:*:*:*:*:*:*:*","matchCriteriaId":"11857770-E809-483A-993F-1C827428B334"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:go-rt-ac750:revision_a:*:*:*:*:*:*:*","matchCriteriaId":"426BE281-6336-4A4E-892B-CE8BBCA8ABF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:go-rt-ac750_firmware:200b02:*:*:*:*:*:*:*","matchCriteriaId":"E610B4D9-198B-4986-89CC-F3C75DBC3EF3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:go-rt-ac750:revision_b:*:*:*:*:*:*:*","matchCriteriaId":"5F4EF05A-EF25-4E60-8A08-9C0CDD9244EF"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1WNKrDUbYfSWbSve9ONILkLY6dbM8I7hh/view?usp=sharing","source":"cve@mitre.org","tags":["Broken Link","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://drive.google.com/file/d/1WNKrDUbYfSWbSve9ONILkLY6dbM8I7hh/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-36526","sourceIdentifier":"cve@mitre.org","published":"2022-08-15T17:15:14.000","lastModified":"2026-07-09T01:17:36.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link GO-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Authentication Bypass via function phpcgi_main in cgibin."},{"lang":"es","value":"D-Link GO-RT-AC750 versiones GORTAC750_revA_v101b03 &amp; GO-RT-AC750_revB_FWv200b02 son vulnerables a una omisión de autenticación por medio de la función phpcgi_main en cgibin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:go-rt-ac750_firmware:101b03:*:*:*:*:*:*:*","matchCriteriaId":"11857770-E809-483A-993F-1C827428B334"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:go-rt-ac750:revision_a:*:*:*:*:*:*:*","matchCriteriaId":"426BE281-6336-4A4E-892B-CE8BBCA8ABF7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:go-rt-ac750_firmware:200b02:*:*:*:*:*:*:*","matchCriteriaId":"E610B4D9-198B-4986-89CC-F3C75DBC3EF3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:go-rt-ac750:revision_b:*:*:*:*:*:*:*","matchCriteriaId":"5F4EF05A-EF25-4E60-8A08-9C0CDD9244EF"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1ji5Ph6c-qgp0lBvbY8BZJjeqbju3VeK8/view?usp=sharing","source":"cve@mitre.org","tags":["Broken Link","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://drive.google.com/file/d/1ji5Ph6c-qgp0lBvbY8BZJjeqbju3VeK8/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-24654","sourceIdentifier":"cve@mitre.org","published":"2022-08-15T19:15:08.250","lastModified":"2026-07-09T01:17:18.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authenticated stored cross-site scripting (XSS) vulnerability in \"Field Server Address\" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) almacenado y autenticado en el campo \"Field Server Address\" en INTELBRAS ATA 200 Firmware 74.19.10.21,  permite a atacantes inyectar código JavaScript mediante una carga útil diseñada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:intelbras:ata_200_firmware:74.19.10.21:*:*:*:*:*:*:*","matchCriteriaId":"9DCF802F-2A3C-4AB8-BC0C-E6A4DDAA5689"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:intelbras:ata_200:-:*:*:*:*:*:*:*","matchCriteriaId":"72F1D1F4-9D76-4080-AEF9-5A8C88DC6C02"}]}]}],"references":[{"url":"https://github.com/leonardobg/CVE-2022-24654","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/168064/Intelbras-ATA-200-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/leonardobg/CVE-2022-24654","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/168064/Intelbras-ATA-200-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-36530","sourceIdentifier":"cve@mitre.org","published":"2022-08-16T13:15:11.593","lastModified":"2026-07-09T01:17:36.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in rageframe2 2.6.37. There is a XSS vulnerability in the user agent related parameters of the info.php page."},{"lang":"es","value":"Se ha detectado un problema en rageframe2 versión 2.6.37. Se presenta una vulnerabilidad de tipo XSS en los parámetros relacionados con el agente de usuario de la página info.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rageframe:rageframe:2.6.37:*:*:*:*:*:*:*","matchCriteriaId":"A47AB39E-4AD7-4349-BBD5-4F11B4D4C0D4"}]}]}],"references":[{"url":"https://github.com/jianyan74/rageframe2","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jianyan74/rageframe2/issues/106","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jianyan74/rageframe2/issues/106?by=xboy%28Topsec%29","source":"cve@mitre.org"},{"url":"https://github.com/jianyan74/rageframe2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/jianyan74/rageframe2/issues/106","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jianyan74/rageframe2/issues/106?by=xboy%28Topsec%29","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-35167","sourceIdentifier":"cve@mitre.org","published":"2022-08-19T02:15:07.200","lastModified":"2026-07-09T01:17:34.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Printix Cloud Print Management v1.3.1149.0 for Windows was discovered to contain insecure permissions."},{"lang":"es","value":"Se ha detectado que Printix Cloud Print Management versión v1.3.1149.0 para Windows contiene permisos no seguros."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:prinitix:cloud_print_management:1.3.1149.0:*:*:*:*:windows:*:*","matchCriteriaId":"2ADC9AEC-A1B7-4D2A-A94E-1064D3830013"}]}]}],"references":[{"url":"https://www.pentagrid.ch/en/blog/vulnerabilities-in-printix-cloud-print-management/","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://www.pentagrid.ch/en/blog/vulnerabilities-in-printix-cloud-print-management/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34624","sourceIdentifier":"cve@mitre.org","published":"2022-08-19T14:15:08.423","lastModified":"2026-07-09T01:17:33.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Mealie1.0.0beta3 does not terminate download tokens after a user logs out, allowing attackers to perform a man-in-the-middle attack via a crafted GET request."},{"lang":"es","value":"Mealie versión 1.0.0beta3, no finaliza los tokens de descarga después de que un usuario cierre la sesión, lo que permite a atacantes llevar a cabo un ataque de tipo man-in-the-middle por medio de una petición GET diseñada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mealie:mealie:0.5.5:*:*:*:*:*:*:*","matchCriteriaId":"10C41CD5-5C61-460E-9B99-DED00F430FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:mealie:mealie:1.0.0:beta3:*:*:*:*:*:*","matchCriteriaId":"99A25AF5-BEFA-4807-A4FE-33A3A7C6980A"}]}]}],"references":[{"url":"https://gainsec.com/2022/08/19/cve-2022-34615-cve-2022-34621-cve-2022-34623-cve-2022-34624/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gainsec.com/2022/08/19/cve-2022-34615-cve-2022-34621-cve-2022-34623-cve-2022-34624/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35201","sourceIdentifier":"cve@mitre.org","published":"2022-08-19T15:15:08.417","lastModified":"2026-07-09T01:17:34.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability."},{"lang":"es","value":"Se ha detectado que Tenda-AC18 versión V15.03.05.05, contiene una vulnerabilidad de ejecución de comandos remota (RCE)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac18_firmware:15.03.05.05:*:*:*:*:*:*:*","matchCriteriaId":"4D5CB727-FC6B-4212-A61E-2888A0DADFB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac18:-:*:*:*:*:*:*:*","matchCriteriaId":"CF9F8AF9-F921-4348-922B-EE5E6037E7AC"}]}]}],"references":[{"url":"http://124.222.176.39/21f93b5e3b39b22b6df1e6a9c61ed70d54e8378bbeacd844efff921b9a1a8624/index.html","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.tendacn.com/default.html","source":"cve@mitre.org","tags":["Product"]},{"url":"http://124.222.176.39/21f93b5e3b39b22b6df1e6a9c61ed70d54e8378bbeacd844efff921b9a1a8624/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.tendacn.com/default.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-36233","sourceIdentifier":"cve@mitre.org","published":"2022-08-19T22:15:09.110","lastModified":"2026-07-09T01:17:35.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd."},{"lang":"es","value":"Tenda AC9 versión V15.03.2.13, es vulnerable a un desbordamiento del búfer por medio de httpd, form_fast_setting_wifi_set. httpd."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac9_firmware:15.03.2.13:*:*:*:*:*:*:*","matchCriteriaId":"3A8DEAB5-8E48-4789-A2BA-AB0691D5644D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac9:-:*:*:*:*:*:*:*","matchCriteriaId":"E7871810-DC61-4B96-8C3D-2DA1FE202C91"}]}]}],"references":[{"url":"https://www.cnblogs.com/Amalll/p/16606980.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cnblogs.com/Amalll/p/16606980.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35554","sourceIdentifier":"cve@mitre.org","published":"2022-08-19T23:15:09.810","lastModified":"2026-07-09T01:17:35.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple reflected XSS vulnerabilities occur when handling error message of BPC SmartVista version 3.28.0 allowing an attacker to execute javascript code at client side."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo XSS reflejado ocurren cuando es manejado el mensaje de error de BPC SmartVista versión 3.28.0, permitiendo a un atacante ejecutar código javascript en el lado del cliente."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista:*:*:*:*:*:*:*:*","versionEndIncluding":"3.28.0","matchCriteriaId":"353B1938-EF01-4178-89F9-6667D0BC3BEB"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/reflected-xss-in-smartvista-cardgen-version-3.28.0-cve-2022-35554","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/reflected-xss-in-smartvista-cardgen-version-3.28.0-cve-2022-35554","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28598","sourceIdentifier":"cve@mitre.org","published":"2022-08-22T17:15:08.123","lastModified":"2026-07-09T01:17:25.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users."},{"lang":"es","value":"Frappe ERPNext versión 12.29.0, es vulnerable a un ataque de tipo XSS cuando el software no neutraliza o neutraliza incorrectamente la entrada controlable por el usuario antes de colocarla en la salida que es usada como página web que sirve a otros usuarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:frappe:erpnext:12.29.0:*:*:*:*:*:*:*","matchCriteriaId":"D364DA01-686F-4525-81CE-7CB8389A8A23"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/171730/ERPNext-12.29-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"https://github.com/patrickdeanramos/CVE-2022-28598/blob/main/ERPNext%20-%2012.29.0.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/171730/ERPNext-12.29-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/patrickdeanramos/CVE-2022-28598/blob/main/ERPNext%20-%2012.29.0.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35191","sourceIdentifier":"cve@mitre.org","published":"2022-08-23T00:15:08.467","lastModified":"2026-07-09T01:17:34.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via a crafted HTTP connection request."},{"lang":"es","value":"El firmware de D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 versión v1.01, permite a atacantes no autenticados causar una Denegación de Servicio (DoS) por medio de una petición de conexión HTTP diseñada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dsl-3782_firmware:1.01:*:*:*:*:*:*:*","matchCriteriaId":"D7FBB746-D313-4F4F-8F2E-32363A9C7C75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*","matchCriteriaId":"7F8D1900-34CB-45D3-8DF3-503E10B75E5B"}]}]}],"references":[{"url":"https://pastebin.com/wD1UfaZz","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://pastebin.com/wD1UfaZz","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-42232","sourceIdentifier":"cve@mitre.org","published":"2022-08-23T01:15:07.663","lastModified":"2026-07-09T01:17:04.647","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in /usr/bin/tddp. The vulnerability is caused by the program taking part of the received data packet as part of the command. This will cause an attacker to execute arbitrary commands on the router."},{"lang":"es","value":"TP-Link Archer A7 Archer versión A7(US)_V5_210519, está afectado por una vulnerabilidad de inyección de comandos en /usr/bin/tddp. La vulnerabilidad es causada por el programa que toma parte del paquete de datos recibido como parte del comando. Esto causará que un atacante ejecute comandos arbitrarios en el router."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_a7_firmware:210519:*:*:*:*:*:*:*","matchCriteriaId":"08A88342-1230-40B9-BB58-BD866079E164"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_a7:v5:*:*:*:*:*:*:*","matchCriteriaId":"EEF6E740-0F6B-4B3E-A9A3-8D0E19C8E2DE"}]}]}],"references":[{"url":"https://github.com/mQaLeX/IoT/blob/main/tp-link/Archer%20A7%28US%29_V5_20519_tddp.md","source":"cve@mitre.org"},{"url":"https://github.com/mQaLeX/IoT/blob/main/tp-link/Archer%20A7%28US%29_V5_20519_tddp.md","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-42627","sourceIdentifier":"cve@mitre.org","published":"2022-08-23T12:15:08.487","lastModified":"2026-07-09T01:17:04.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The WAN configuration page \"wan.htm\" on D-Link DIR-615 devices with firmware 20.06 can be accessed directly without authentication which can lead to disclose the information about WAN settings and also leverage attacker to modify the data fields of page."},{"lang":"es","value":"La página de configuración de la WAN \"wan.htm\" en los dispositivos D-Link DIR-615 con el firmware versión 20.06, puede ser accedida directamente sin autenticación lo que puede conllevar a divulgar la información sobre la configuración de la WAN y también aprovechar el atacante para modificar los campos de datos de la página."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:*","matchCriteriaId":"727D4E44-493D-44DD-8421-3AE04B0BE6C0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-615:-:*:*:*:*:*:*:*","matchCriteriaId":"2E92E959-C211-4979-A233-163BEFCF6F0D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-615_j1_firmware:20.06:*:*:*:*:*:*:*","matchCriteriaId":"6E2599D5-B1D1-4856-8A4E-31C12FE5198B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-615_j1:-:*:*:*:*:*:*:*","matchCriteriaId":"A573F4F5-3783-40A1-BD4A-02D08EDC660F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-615_t1_firmware:20.06:*:*:*:*:*:*:*","matchCriteriaId":"293DFD86-8F57-4CCE-9E1F-4005AF6B9A3A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-615_t1:-:*:*:*:*:*:*:*","matchCriteriaId":"4AE3434D-8087-4826-AEBA-F3F8B3841E4B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-615jx10_firmware:20.06:*:*:*:*:*:*:*","matchCriteriaId":"288BEF27-F996-46A6-89BA-C1D7FF270A91"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-615jx10:-:*:*:*:*:*:*:*","matchCriteriaId":"22D56D4F-8146-4456-BA84-5C8B65AD7B88"}]}]}],"references":[{"url":"https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/sanjokkarki/D-Link-DIR-615/blob/main/CVE-2021-42627","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-35203","sourceIdentifier":"cve@mitre.org","published":"2022-08-23T13:15:08.427","lastModified":"2026-07-09T01:17:34.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in TrendNet TV-IP572PI v1.0 allows unauthenticated attackers to access sensitive system information."},{"lang":"es","value":"Un problema de control de acceso en TrendNet TV-IP572PI versión v1.0, permite a atacantes no autenticados acceder a información confidencial del sistema."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tv-ip572pi_firmware:1.0:*:*:*:*:*:*:*","matchCriteriaId":"800D0158-322C-437F-9B4E-E0C709257BE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:trendnet:tv-ip572pi:-:*:*:*:*:*:*:*","matchCriteriaId":"47FDC1D3-97F8-4869-967C-978BB6FD26DD"}]}]}],"references":[{"url":"https://medium.com/@shrutukapoor25/cve-2022-35203-2372a0728279","source":"cve@mitre.org"},{"url":"https://medium.com/%40shrutukapoor25/cve-2022-35203-2372a0728279","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-2569","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-08-24T16:15:11.907","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The affected device stores sensitive information in cleartext, which may allow an authenticated user to access session data stored in the OAuth database belonging to legitimate users"},{"lang":"es","value":"El dispositivo afectado almacena información confidencial en texto sin cifrar, lo que puede permitir a un usuario autenticado acceder a los datos de sesión almacenados en la base de datos OAuth que pertenecen a usuarios legítimos"}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"ARC Informatique","product":"PcVue 12 OAuth web service configuration","versions":[{"version":"All","lessThan":"12.0.27","versionType":"custom","status":"affected"}]},{"vendor":"ARC Informatique","product":"PcVue 15 OAuth web service configuration","versions":[{"version":"All","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-16T15:50:26.795107Z","id":"CVE-2022-2569","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndExcluding":"12.0.27","matchCriteriaId":"FE8E62FB-E716-46E8-9E8B-BFCF5E6167BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"15.2.2","matchCriteriaId":"E9D949F2-C563-4FB4-A39E-D03024E82411"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-01-0","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-235-01-0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"]}]}},{"cve":{"id":"CVE-2022-35192","sourceIdentifier":"cve@mitre.org","published":"2022-08-26T00:15:09.103","lastModified":"2026-07-09T01:17:34.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp."},{"lang":"es","value":"D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware versión v1.01, permite a atacantes no autenticados causar una Denegación de Servicio (DoS) por medio del parámetro User o Pwd del archivo Login.asp."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dsl-3782_firmware:1.01:*:*:*:*:*:*:*","matchCriteriaId":"D7FBB746-D313-4F4F-8F2E-32363A9C7C75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*","matchCriteriaId":"7F8D1900-34CB-45D3-8DF3-503E10B75E5B"}]}]}],"references":[{"url":"https://pastebin.com/upHp001e","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://pastebin.com/upHp001e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-37053","sourceIdentifier":"cve@mitre.org","published":"2022-08-28T16:15:09.080","lastModified":"2026-07-09T01:17:37.697","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php."},{"lang":"es","value":"TRENDnet TEW733GR versión v1.03B01, es vulnerable a una inyección de comandos por medio del archivo /htdocs/upnpinc/gena.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tew733gr_firmware:1.03b01:*:*:*:*:*:*:*","matchCriteriaId":"E1C12863-35B1-4C71-B41D-7F62F2028E20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:trendnet:tew733gr:-:*:*:*:*:*:*:*","matchCriteriaId":"34D48BE0-B241-4272-9DF5-7F1DC598081E"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1P_-h5wNtRiyVToDUjRNZhsmtILINv7EL/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1P_-h5wNtRiyVToDUjRNZhsmtILINv7EL/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38555","sourceIdentifier":"cve@mitre.org","published":"2022-08-28T17:15:08.460","lastModified":"2026-07-09T01:17:40.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name."},{"lang":"es","value":"Linksys E1200 versión v1.0.04, es vulnerable a un desbordamiento del búfer por medio de la función ej_get_web_page_name."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linksys:e1200_firmware:1.0.04:*:*:*:*:*:*:*","matchCriteriaId":"6466C106-5F59-4346-9B37-00947E179FA6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:linksys:e1200:-:*:*:*:*:*:*:*","matchCriteriaId":"47605441-7B24-4FF5-9956-6836117130EA"}]}]}],"references":[{"url":"https://github.com/xxy1126/Vuln/tree/main/1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xxy1126/Vuln/tree/main/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-32993","sourceIdentifier":"cve@mitre.org","published":"2022-08-29T21:15:09.140","lastModified":"2026-07-09T01:17:32.027","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh."},{"lang":"es","value":"Se ha detectado que TOTOLINK A7000R versión V4.1cu.4134, contiene un problema de control de acceso por medio del archivo /cgi-bin/ExportSettings.sh"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a7000r_firmware:4.1cu.4134:*:*:*:*:*:*:*","matchCriteriaId":"9A7261B4-E27C-4113-907F-F6EFEEFAB77D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a7000r:-:*:*:*:*:*:*:*","matchCriteriaId":"603DA206-05D4-48FD-A506-F3BD8B4383B2"}]}]}],"references":[{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/laotun-s/POC/blob/main/CVE-2022-32993.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36552","sourceIdentifier":"cve@mitre.org","published":"2022-08-30T16:15:08.290","lastModified":"2026-07-09T01:17:37.217","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains an issue in the component /cgi-bin/DownloadFlash which allows attackers to steal all data such as source code and system files via a crafted GET request."},{"lang":"es","value":"Tenda AC6(AC1200) versión v5.0 Firmware v02.03.01.114 y anteriores, contiene un problema en el componente /cgi-bin/DownloadFlash que permite a atacantes robar todos los datos, como el código fuente y los archivos del sistema, por medio de una petición GET diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"02.03.01.114","matchCriteriaId":"5C6C5B36-57EC-4A59-B0B4-0E446A753375"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac6:5.0:*:*:*:*:*:*:*","matchCriteriaId":"8F96A7CA-6FED-4409-A459-C17B7C164861"}]}]}],"references":[{"url":"https://drive.google.com/drive/folders/1VxR4lhaWNWLuAPdJK2aRF6zfo_mRyiFO?usp=sharing","source":"cve@mitre.org","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://drive.google.com/drive/folders/1VxR4lhaWNWLuAPdJK2aRF6zfo_mRyiFO?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37176","sourceIdentifier":"cve@mitre.org","published":"2022-08-30T16:15:08.520","lastModified":"2026-07-09T01:17:38.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard."},{"lang":"es","value":"Tenda AC6(AC1200) versión v5.0 Firmware versiones v02.03.01.114 y anteriores, contiene una vulnerabilidad que permite a atacantes eliminar la contraseña de Wi-Fi y forzar el dispositivo en modo de seguridad abierto por medio de un paquete diseñado enviado a goform/setWizard"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tendacn:ac6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"02.03.01.114","matchCriteriaId":"5C6C5B36-57EC-4A59-B0B4-0E446A753375"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tendacn:ac6:5.0:*:*:*:*:*:*:*","matchCriteriaId":"8F96A7CA-6FED-4409-A459-C17B7C164861"}]}]}],"references":[{"url":"https://drive.google.com/drive/folders/1L6ojSooP8sbZLQYRsAxlb0IWVAZef8Z7?usp=sharing","source":"cve@mitre.org","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://drive.google.com/drive/folders/1L6ojSooP8sbZLQYRsAxlb0IWVAZef8Z7?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36202","sourceIdentifier":"cve@mitre.org","published":"2022-08-31T21:15:08.767","lastModified":"2026-07-09T01:17:35.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter."},{"lang":"es","value":"Doctors Appointment System versión 1.0, es vulnerable a un Control de Acceso Incorrecto por medio del archivo edoc/patient/settings.php. El archivo settings.php está afectado por un Control de Acceso Incorrecto (IDOR) por medio del parámetro id="}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:doctor\\'s_appointment_system_project:doctor\\'s_appointment_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"7823F3E3-1620-422E-96A2-C2B4636CF5E8"}]}]}],"references":[{"url":"https://github.com/aznull/CVEs","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/aznull/CVEs","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/hashenudara/simple-doctors-appointment-project.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-36640","sourceIdentifier":"cve@mitre.org","published":"2022-09-02T21:15:16.427","lastModified":"2026-07-09T01:17:37.567","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states \"If InfluxDB is being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be publicly available to any unauthenticated user. The default settings do NOT enable authentication and authorization.\""},{"lang":"es","value":"influxData influxDB versiones anteriores a v1.8.10, no contiene ningún mecanismo o control de autenticación, lo que permite a atacantes no autenticados ejecutar comandos arbitrarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:*","versionEndExcluding":"1.8.0","matchCriteriaId":"9D5EBB78-EEED-4A60-87E0-385BDBE13A57"}]}]}],"references":[{"url":"http://www.krsecu.com/CVE/409b5310045bd6b9a984a5fb63bd8786d5c5681a8ad5b1c815c84b2b90002ad7.docx","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://dl.influxdata.com/influxdb/releases/influxdb_1.8.10_amd64.deb","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.influxdata.com/downloads/","source":"cve@mitre.org","tags":["Patch","Product"]},{"url":"https://www.influxdata.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"http://www.krsecu.com/CVE/409b5310045bd6b9a984a5fb63bd8786d5c5681a8ad5b1c815c84b2b90002ad7.docx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://dl.influxdata.com/influxdb/releases/influxdb_1.8.10_amd64.deb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.influxdata.com/downloads/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Product"]},{"url":"https://www.influxdata.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-36271","sourceIdentifier":"cve@mitre.org","published":"2022-09-07T14:15:09.107","lastModified":"2026-07-09T01:17:36.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Outbyte PC Repair Installation File 1.7.112.7856 is vulnerable to Dll Hijacking. iertutil.dll is missing so an attacker can use a malicious dll with same name and can get admin privileges."},{"lang":"es","value":"El archivo de Instalación de Outbyte PC Repair versión 1.7.112.7856, es vulnerable a un secuestro de Dll. El archivo iertutil.dll falta, por lo que un atacante puede usar una dll maliciosa con el mismo nombre y puede conseguir privilegios de administrador"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:outbyte:pc_repair:1.7.112.7856:*:*:*:*:*:*:*","matchCriteriaId":"1061C0F3-9BD1-4F47-BB1E-799E2395082C"}]}]}],"references":[{"url":"https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/SaumyajeetDas/POC-of-CVE-2022-36271","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30078","sourceIdentifier":"cve@mitre.org","published":"2022-09-07T19:15:08.513","lastModified":"2026-07-09T01:17:29.430","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters."},{"lang":"es","value":"Las versiones del firmware NETGEAR versiones R6200_V2 hasta R6200v2-V1.0.3.12_10.1.11 y las versiones del firmware R6300_V2 hasta R6300v2-V1.0.4.52_10.0.93, permiten a atacantes remotos autenticados ejecutar un comando arbitrario por medio de meta caracteres de shell en los parámetros ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length o ipv6_lan_length"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6200_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.3.12_10.1.11","matchCriteriaId":"B330F17F-724A-4FF3-9634-0478B396332F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*","matchCriteriaId":"719248B0-BE22-4836-A23E-FE9F7590FB0C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.4.52_10.0.93","matchCriteriaId":"16489CF6-FA8C-4983-BC40-1BF3868536E3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6300:v2:*:*:*:*:*:*:*","matchCriteriaId":"10938043-F7DF-42C3-8C16-F92CAF8E5576"}]}]}],"references":[{"url":"https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30078/CVE-2022-30078.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-37144","sourceIdentifier":"cve@mitre.org","published":"2022-09-08T01:15:07.407","lastModified":"2026-07-09T01:17:37.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user."},{"lang":"es","value":"La plataforma PlexTrac versiones anteriores a 1.17.0, de la API no restringe los intentos excesivos de envío de MFA TOTP.&#xa0;Un atacante remoto no autenticado en posesión de un nombre de usuario y una contraseña válidos puede pasar por la fuerza bruta las protecciones de MFA para iniciar sesión como el usuario objetivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plextrac:plextrac:*:*:*:*:*:*:*:*","versionEndExcluding":"1.17.0","matchCriteriaId":"E6DC413C-DC04-4DE8-B407-F14BB7974FC9"}]}]}],"references":[{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37145","sourceIdentifier":"cve@mitre.org","published":"2022-09-08T01:15:07.450","lastModified":"2026-07-09T01:17:37.943","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The PlexTrac platform prior to version 1.17.0 does not restrict excessive authentication attempts for accounts configured to use the PlexTrac authentication provider. An unauthenticated remote attacker could perform a bruteforce attack on the login page with no time or attempt limitation in an attempt to obtain valid credentials for the platform users configured to use the PlexTrac authentication provider."},{"lang":"es","value":"La plataforma PlexTrac versiones anteriores a 1.17.0 no restringe los intentos de autenticación excesivos para las cuentas configuradas para usar el proveedor de autenticación PlexTrac.&#xa0;Un atacante remoto no autenticado podría llevar a cabo un ataque de fuerza bruta en la página de inicio de sesión sin límite de tiempo o de intento en un intento de obtener credenciales válidas para usuarios de la plataforma configurados para usar el proveedor de autenticación PlexTrac"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plextrac:plextrac:*:*:*:*:*:*:*:*","versionEndExcluding":"1.17.0","matchCriteriaId":"E6DC413C-DC04-4DE8-B407-F14BB7974FC9"}]}]}],"references":[{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37146","sourceIdentifier":"cve@mitre.org","published":"2022-09-08T01:15:07.490","lastModified":"2026-07-09T01:17:38.080","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users configured to use PlexTrac as their authentication provider take significantly longer than those for invalid users, allowing for valid users to be enumerated by an unauthenticated remote attacker. Note that the lockout policy implemented in Plextrac version 1.17.0 makes it impossible to distinguish between valid, locked user accounts and user accounts that do not exist, but does not prevent valid, unlocked users from being enumerated."},{"lang":"es","value":"La plataforma PlexTrac versiones anteriores a 1.28.0 permite la enumeración de nombres de usuario por medio de tiempos de respuesta HTTP en intentos de inicio de sesión no válidos para usuarios configurados para usar el proveedor de autenticación PlexTrac.&#xa0;Los intentos de inicio de sesión para usuarios desbloqueados válidos configurados para usar PlexTrac como su proveedor de autenticación tardan mucho más que los de usuarios no válidos, lo que permite a un atacante remoto no autenticado enumerar a usuarios válidos.&#xa0;Tenga en cuenta que la política de bloqueo implementada en Plextract versión 1.17.0 hace que sea imposible distinguir entre cuentas de usuario válidas bloqueadas y cuentas de usuario que no existen, pero no impide que se enumeren usuarios válidos desbloqueados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-203"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plextrac:plextrac:*:*:*:*:*:*:*:*","versionEndExcluding":"1.28.0","matchCriteriaId":"D0322295-011C-4161-8DCA-C44C413DC551"}]}]}],"references":[{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"cve@mitre.org","tags":["Technical Description","Third Party Advisory"]},{"url":"https://www.controlgap.com/blog/a-plextrac-story","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30079","sourceIdentifier":"cve@mitre.org","published":"2022-09-08T12:15:08.617","lastModified":"2026-07-09T01:17:29.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter."},{"lang":"es","value":"Se ha detectado una  vulnerabilidad de inyección de comandos en el firmware Netgear R6200 v2 por medio de R6200v2-V1.0.3.12, por medio del binario /sbin/acos_service, que podría permitir a atacantes remotos autenticados la capacidad de modificar valores en el parámetro vulnerable"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6200:r6200v2-v1.0.3.12:*:*:*:*:*:*:*","matchCriteriaId":"28027BC8-02CE-4E00-B677-08399A29A7F6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6200:v2:*:*:*:*:*:*:*","matchCriteriaId":"719248B0-BE22-4836-A23E-FE9F7590FB0C"}]}]}],"references":[{"url":"https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30079/CVE-2022-30079.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30079/CVE-2022-30079.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-38613","sourceIdentifier":"cve@mitre.org","published":"2022-09-09T16:15:09.047","lastModified":"2026-07-09T01:17:41.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Path Traversal vulnerability in SmartVista Cardgen v3.28.0 allows authenticated attackers to read arbitrary files in the system."},{"lang":"es","value":"Una vulnerabilidad de Salto de Ruta en SmartVista Cardgen versión v3.28.0, permite a atacantes autenticados leer archivos arbitrarios en el sistema"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista_cardgen:3.28.0:*:*:*:*:*:*:*","matchCriteriaId":"1FDC542A-84A6-471F-9BEB-F253DE33042A"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/path-traversal-in-smartvista-cardgen-version-3.28.0-cve-2022-38613","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/path-traversal-in-smartvista-cardgen-version-3.28.0-cve-2022-38613","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38614","sourceIdentifier":"cve@mitre.org","published":"2022-09-09T17:15:08.453","lastModified":"2026-07-09T01:17:41.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the IGB Files and OutfileService features of SmartVista Cardgen v3.28.0 allows attackers to list and download arbitrary files via modifying the PATH parameter."},{"lang":"es","value":"Un problema en las funciones IGB Files y OutfileService de SmartVista Cardgen versión v3.28.0, permite a atacantes listar y descargar archivos arbitrarios por medio de la modificación del parámetro PATH"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista_cardgen:3.28.0:*:*:*:*:*:*:*","matchCriteriaId":"1FDC542A-84A6-471F-9BEB-F253DE33042A"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/list-all-files-in-arbitrary-folder-in-smartvista-cardgen-version-3.28.0-cve-2022-38614","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-cardgen/list-all-files-in-arbitrary-folder-in-smartvista-cardgen-version-3.28.0-cve-2022-38614","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38615","sourceIdentifier":"cve@mitre.org","published":"2022-09-09T17:15:08.503","lastModified":"2026-07-09T01:17:41.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf."},{"lang":"es","value":"Se ha detectado que SmartVista SVFE2 versión v2.2.22, contiene múltiples vulnerabilidades de inyección SQL por medio de los parámetros UserForm:j_id88, UserForm:j_id90 y UserForm:j_id92 en el archivo /SVFE2/pages/feegroups/service_group.jsf"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista_front-end:*:*:*:*:*:*:*:*","versionEndIncluding":"2.2.22","matchCriteriaId":"D536344F-1D8F-4813-8137-608A835AFAA4"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-service-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38615","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-service-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38615","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34108","sourceIdentifier":"cve@mitre.org","published":"2022-09-12T04:15:12.667","lastModified":"2026-07-09T01:17:33.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the Feature Navigator of Micro-Star International MSI Feature Nagivator v1.0.1808.0901 allows attackers to cause a Denial of Service (DoS) via a crafted image or video file."},{"lang":"es","value":"Un problema en Feature Navigator de Micro-Star International MSI Feature Nagivator versión v1.0.1808.0901, permite a atacantes causar una Denegación de Servicio (DoS) por medio de un archivo de imagen o vídeo diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:msi:micro-star_international_feature_navigator:1.0.1808.0901:*:*:*:*:*:*:*","matchCriteriaId":"D96FADFC-6EE6-4AC7-B2ED-DE020DE4D2F8"}]}]}],"references":[{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34109","sourceIdentifier":"cve@mitre.org","published":"2022-09-12T04:15:12.767","lastModified":"2026-07-09T01:17:33.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to write arbitrary files to the directory \\PromoPhoto\\, regardless of file type or size."},{"lang":"es","value":"Un problema en Micro-Star International MSI Feature Navigator versión v1.0.1808.0901, permite a atacantes escribir archivos arbitrarios en el directorio \\PromoPhoto\\, independientemente del tipo o tamaño del archivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:msi:micro-star_international_feature_navigator:1.0.1808.0901:*:*:*:*:*:*:*","matchCriteriaId":"D96FADFC-6EE6-4AC7-B2ED-DE020DE4D2F8"}]}]}],"references":[{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-34110","sourceIdentifier":"cve@mitre.org","published":"2022-09-12T04:15:12.827","lastModified":"2026-07-09T01:17:33.350","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size."},{"lang":"es","value":"Un problema en Micro-Star International MSI Feature Navigator versión v1.0.1808.0901, permite a atacantes descargar archivos arbitrarios independientemente del tipo o tamaño del archivo"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:msi:micro-star_international_feature_navigator:1.0.1808.0901:*:*:*:*:*:*:*","matchCriteriaId":"D96FADFC-6EE6-4AC7-B2ED-DE020DE4D2F8"}]}]}],"references":[{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gainsec.com/2022/08/26/cve-2022-34109-cve-2022-34110-cve-2022-34108/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38616","sourceIdentifier":"cve@mitre.org","published":"2022-09-13T12:15:10.727","lastModified":"2026-07-09T01:17:41.590","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf."},{"lang":"es","value":"Se ha detectado que SmartVista SVFE2 versión v2.2.22, contiene una vulnerabilidad de inyección SQL por medio del parámetro UserForm:j_id90 en el archivo /feegroups/tgrt_group.jsf"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista_front-end:*:*:*:*:*:*:*:*","versionEndIncluding":"2.2.22","matchCriteriaId":"D536344F-1D8F-4813-8137-608A835AFAA4"}]}]}],"references":[{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38616","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://tf1t.gitbook.io/mycve/smartvista/smartvista-svfe2/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38616","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37257","sourceIdentifier":"cve@mitre.org","published":"2022-09-15T13:15:09.653","lastModified":"2026-07-09T01:17:38.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js."},{"lang":"es","value":"Vulnerabilidad de contaminación de prototipos en la función convertLater en el archivo npm-convert.js en stealjs steal versión 2.2.4, por medio de la variable requestedVersion en el archivo npm-convert.js"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1321"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stealjs:steal:2.2.4:*:*:*:*:node.js:*:*","matchCriteriaId":"3819AF82-351A-415D-B7D8-60208158D5E3"}]}]}],"references":[{"url":"https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/npm-convert.js#L362","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/npm-convert.js#L371","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/stealjs/steal/issues/1526","source":"cve@mitre.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/npm-convert.js#L362","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/npm-convert.js#L371","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/stealjs/steal/issues/1526","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-29649","sourceIdentifier":"cve@mitre.org","published":"2022-09-15T15:15:09.877","lastModified":"2026-07-09T01:17:28.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Qsmart Next v4.1.2 was discovered to contain a cross-site scripting (XSS) vulnerability."},{"lang":"es","value":"Se ha detectado que Qsmart Next versión v4.1.2, contiene una vulnerabilidad de tipo cross-site scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qsmart_next_project:qsmart_next:4.1.2:*:*:*:*:*:*:*","matchCriteriaId":"B49A104A-413A-4E6B-9218-9DE06E3DC7FC"}]}]}],"references":[{"url":"https://gist.github.com/arifseyda/bce00ed14562975d1a96d1d9a0660ec7","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/arifseyda/bce00ed14562975d1a96d1d9a0660ec7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36532","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T03:15:09.507","lastModified":"2026-07-09T01:17:36.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution."},{"lang":"es","value":"Bolt CMS contiene una vulnerabilidad en versión 5.1.12 y anteriores, que permite a un usuario autenticado con privilegios ROLE_EDITOR descargar y renombrar un archivo malicioso para lograr una ejecución de código remota"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bolt:bolt_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.12","matchCriteriaId":"BBFC6CC7-DF4D-4DC7-A566-04C2B333F896"}]}]}],"references":[{"url":"https://lutrasecurity.com/en/articles/cve-2022-36532/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://lutrasecurity.com/en/articles/cve-2022-36532/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36533","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T03:15:09.553","lastModified":"2026-07-09T01:17:36.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability."},{"lang":"es","value":"Se ha detectado que Super Flexible Software GmbH &amp; Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, contiene una vulnerabilidad de tipo cross-site scripting (XSS)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:syncovery:syncovery:*:*:*:*:*:*:*:*","versionStartIncluding":"8.00","versionEndExcluding":"9.48j","matchCriteriaId":"1F9921B5-A86F-4011-A9B1-889E9985B10E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36534","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T03:15:09.593","lastModified":"2026-07-09T01:17:36.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php."},{"lang":"es","value":"Se ha detectado que Super Flexible Software GmbH &amp; Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, contiene múltiples vulnerabilidades de ejecución de código remota (RCE) por medio de los parámetros Job_ExecuteBefore y Job_ExecuteAfter en el archivo post_profilesettings.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:syncovery:syncovery:*:*:*:*:*:*:*:*","versionStartIncluding":"8.00","versionEndExcluding":"9.48j","matchCriteriaId":"1F9921B5-A86F-4011-A9B1-889E9985B10E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/170245/Syncovery-For-Linux-Web-GUI-Authenticated-Remote-Command-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36536","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T03:15:09.633","lastModified":"2026-07-09T01:17:36.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens."},{"lang":"es","value":"Un problema en el componente post_applogin.php de Super Flexible Software GmbH &amp; Co. KG Syncovery 9 para Linux versiones v9.47x y anteriores, permite a atacantes escalar privilegios por medio de la creación de tokens de sesión diseñados"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-330"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:syncovery:syncovery:*:*:*:*:*:*:*:*","versionStartIncluding":"8.00","versionEndExcluding":"9.48j","matchCriteriaId":"1F9921B5-A86F-4011-A9B1-889E9985B10E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}]}]}],"references":[{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.mgm-sp.com/en/multiple-vulnerabilities-in-syncovery-for-linux/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37775","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T17:15:12.727","lastModified":"2026-07-09T01:17:39.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Genesys PureConnect Interaction Web Tools Chat Service (up to at least 26- September- 2019) allows XSS within the Printable Chat History via the participant -> name JSON POST parameter."},{"lang":"es","value":"El servicio de chat de Genesys PureConnect Interaction Web Tools (hasta al menos el 26 de septiembre de 2019) permite un ataque de tipo XSS dentro del historial de chat imprimible por medio del parámetro POST JSON del participante -) name"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:genesys:pureconnect:*:*:*:*:*:*:*:*","versionEndIncluding":"2022-09-26","matchCriteriaId":"17D5AA51-3CE3-4170-A1BE-21BA77B52CAA"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/168410/Genesys-PureConnect-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cxsecurity.com/issue/WLB-2022090038","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://help.genesys.com/pureconnect/mergedprojects/wh_tr/desktop/pdfs/web_tools_dg.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/168410/Genesys-PureConnect-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://cxsecurity.com/issue/WLB-2022090038","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://help.genesys.com/pureconnect/mergedprojects/wh_tr/desktop/pdfs/web_tools_dg.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-37251","sourceIdentifier":"cve@mitre.org","published":"2022-09-16T22:15:12.057","lastModified":"2026-07-09T01:17:38.333","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via Drafts."},{"lang":"es","value":"Craft CMS versión 4.2.0.1, es vulnerable a un ataque de tipo Cross Site Scripting (XSS) por medio de Drafts"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:craftcms:craft_cms:4.2.0.1:*:*:*:*:*:*:*","matchCriteriaId":"3AFD2A34-547A-4DFE-A60A-2A4032CC8BC7"}]}]}],"references":[{"url":"https://labs.integrity.pt/advisories/cve-2022-37251/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://labs.integrity.pt/advisories/cve-2022-37251/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38617","sourceIdentifier":"cve@mitre.org","published":"2022-09-19T13:15:09.103","lastModified":"2026-07-09T01:17:41.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at /SVFE2/pages/audit/voiceaudit.jsf."},{"lang":"es","value":"Se ha detectado que SmartVista SVFE2 versión v2.2.22, contiene una vulnerabilidad de inyección SQL por medio del parámetro voiceAudit:j_id97 en el archivo /SVFE2/pages/audit/voiceaudit.jsf"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista:2.2.22:*:*:*:*:*:*:*","matchCriteriaId":"702F5A7E-C8BC-482B-B92A-C89529A36302"}]}]}],"references":[{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-voice-audit-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38617","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-voice-audit-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38617","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37700","sourceIdentifier":"cve@mitre.org","published":"2022-09-19T16:15:11.350","lastModified":"2026-07-09T01:17:38.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zentao Demo15 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: URL : view-source:https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig."},{"lang":"es","value":"Zentao Demo15 es vulnerable a un Salto de Directorio. El impacto es: obtención de información confidencial (remota). El componente es: URL : view-source:https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:easycorp:zentao:15.0:-:*:*:*:*:*:*","matchCriteriaId":"895883CB-A8E5-4C6D-82AA-0A3AC96847B3"}]}]}],"references":[{"url":"https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/@sc0p3hacker/cve-2022-37700-directory-transversal-in-zentao-easy-soft-alm-2573c1f0fc21","source":"cve@mitre.org"},{"url":"https://demo15.zentao.pm/user-login.html/zentao/index.php?mode=getconfig","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/%40sc0p3hacker/cve-2022-37700-directory-transversal-in-zentao-easy-soft-alm-2573c1f0fc21","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-38577","sourceIdentifier":"cve@mitre.org","published":"2022-09-19T16:15:11.457","lastModified":"2026-07-09T01:17:40.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators."},{"lang":"es","value":"Se ha detectado que ProcessMaker versiones anteriores a 3.5.4, contiene permisos inseguros en la página de perfil de usuario. Esta vulnerabilidad permite a atacantes escalar usuarios normales a Administradores"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-03T18:18:06.679251Z","id":"CVE-2022-38577","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-281"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-281"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:processmaker:processmaker:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.4","matchCriteriaId":"33DAA56B-BBBD-4899-A18F-34880860AE82"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/168427/ProcessMaker-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://drive.google.com/file/d/1iP9NYUkYEy_FGMpcnTkUWn8nGcqDT02_/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/168427/ProcessMaker-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://drive.google.com/file/d/1iP9NYUkYEy_FGMpcnTkUWn8nGcqDT02_/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38618","sourceIdentifier":"cve@mitre.org","published":"2022-09-19T16:15:11.500","lastModified":"2026-07-09T01:17:41.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/country_group.jsf."},{"lang":"es","value":"Se ha detectado que SmartVista SVFE2 versión v2.2.22, contiene una vulnerabilidad de inyección SQL por medio de los parámetros UserForm:j_id88, UserForm:j_id90 y UserForm:j_id92 en el archivo /SVFE2/pages/feegroups/country_group.jsf"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista:2.2.22:*:*:*:*:*:*:*","matchCriteriaId":"702F5A7E-C8BC-482B-B92A-C89529A36302"}]}]}],"references":[{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38618","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-tariff-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38618","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38619","sourceIdentifier":"cve@mitre.org","published":"2022-09-21T00:15:10.553","lastModified":"2026-07-09T01:17:41.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /SVFE2/pages/feegroups/mcc_group.jsf."},{"lang":"es","value":"Se ha descubierto que SmartVista SVFE2 versión v2.2.22, contiene una vulnerabilidad de inyección SQL por medio del parámetro UserForm:j_id90 en el archivo /SVFE2/pages/feegroups/mcc_group.jsf"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-28T15:29:08.924706Z","id":"CVE-2022-38619","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bpcbt:smartvista_front-end:2.2.22:*:*:*:*:*:*:*","matchCriteriaId":"6244A89D-09D1-4E50-A614-E0F696FCF3C8"}]}]}],"references":[{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-mcc-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38619","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://dtro.gitbook.io/note_cve/sql-injection-in-terminal-mcc-group-feature-of-smartvista-svfe2-version-2.2.22-cve-2022-38619","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40027","sourceIdentifier":"cve@mitre.org","published":"2022-09-21T18:15:10.287","lastModified":"2026-07-09T01:17:42.953","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newTask.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter."},{"lang":"es","value":"Se ha detectado que SourceCodester Simple Task Managing System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del componente newTask.php. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el parámetro shortName"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-28T13:39:04.958378Z","id":"CVE-2022-40027","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_task_managing_system_project:simple_task_managing_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"DAD72E30-181F-47F3-BB38-BF40AABDD45A"}]}]}],"references":[{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS1.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS1.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40028","sourceIdentifier":"cve@mitre.org","published":"2022-09-21T18:15:10.330","lastModified":"2026-07-09T01:17:43.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullName parameter."},{"lang":"es","value":"Se ha detectado que SourceCodester Simple Task Managing System versión v1.0, contiene una vulnerabilidad de cross-site scripting (XSS) por medio del componente newProjectValidation.php. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el parámetro fullName"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-28T13:37:24.706081Z","id":"CVE-2022-40028","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_task_managing_system_project:simple_task_managing_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"DAD72E30-181F-47F3-BB38-BF40AABDD45A"}]}]}],"references":[{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40029","sourceIdentifier":"cve@mitre.org","published":"2022-09-21T18:15:10.373","lastModified":"2026-07-09T01:17:43.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SourceCodester Simple Task Managing System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component newProjectValidation.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shortName parameter."},{"lang":"es","value":"Se ha detectado que SourceCodester Simple Task Managing System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio del componente newProjectValidation.php. Esta vulnerabilidad permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el parámetro shortName"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-28T13:36:23.101443Z","id":"CVE-2022-40029","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_task_managing_system_project:simple_task_managing_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"DAD72E30-181F-47F3-BB38-BF40AABDD45A"}]}]}],"references":[{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS3.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-XSS3.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40030","sourceIdentifier":"cve@mitre.org","published":"2022-09-21T18:15:10.417","lastModified":"2026-07-09T01:17:43.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php."},{"lang":"es","value":"Se ha detectado que SourceCodester Simple Task Managing System versión v1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro bookId en el archivo changeStatus.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-28T13:59:17.453409Z","id":"CVE-2022-40030","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_task_managing_system_project:simple_task_managing_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"DAD72E30-181F-47F3-BB38-BF40AABDD45A"}]}]}],"references":[{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-SQL2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://github.com/xidaner/CVE_HUNTER/blob/main/CVE_09/2022-09-01-SQL2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-28978","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T00:15:09.603","lastModified":"2026-07-09T01:17:26.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stored cross-site scripting (XSS) vulnerability in the Site module's user membership administration page in Liferay Portal 7.0.1 through 7.4.1, and Liferay DXP 7.0 before fix pack 102, 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the a user's name."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) Almacenado en la página de administración de la membresía del usuario del módulo Site en Liferay Portal versiones 7.0.1 hasta 7.4.1, y Liferay DXP versión 7.0 versiones anteriores a fix pack 102, 7.1 anteriores a fix pack 26, 7.2 anteriores a fix pack 15, y 7.3 anteriores a service pack 3, permite a atacantes remotos inyectar scripts web o HTML arbitrarios por medio del nombre de un usuario"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T18:52:15.479006Z","id":"CVE-2022-28978","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_100:*:*:*:*:*:*","matchCriteriaId":"8C9B7CF8-5553-47B6-BB57-0429D78AE301"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_101:*:*:*:*:*:*","matchCriteriaId":"FF82A60A-EA50-4409-9A2B-284C35315DF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_97:*:*:*:*:*:*","matchCriteriaId":"8693CC24-CEF6-4479-A3DA-8FD5C73E9548"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_98:*:*:*:*:*:*","matchCriteriaId":"B1A95A94-83C6-4DCC-8208-B76B53678B25"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_99:*:*:*:*:*:*","matchCriteriaId":"A1831C4F-7887-489E-91C1-3997114917DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.1","versionEndExcluding":"7.4.2","matchCriteriaId":"48765E9D-CDEE-4648-A15F-404BDB51CABD"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28978-stored-xss-with-user-name-in-site-membership","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28978-stored-xss-with-user-name-in-site-membership","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-28979","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T00:15:09.880","lastModified":"2026-07-09T01:17:26.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Liferay Portal v7.1.0 through v7.4.2 and Liferay DXP 7.1 before fix pack 26, 7.2 before fix pack 15, and 7.3 before service pack 3 was discovered to contain a cross-site scripting (XSS) vulnerability in the Portal Search module's Custom Facet widget. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Parameter Name text field."},{"lang":"es","value":"Se ha detectado que Liferay Portal versioens v7.1.0 hasta v7.4.2 y Liferay DXP versiones 7.1 antes del fix pack 26, 7.2 antes del fix pack 15 y 7.3 antes del service pack 3 contienen una vulnerabilidad de cross-site scripting (XSS) en el widget Custom Facet del módulo Portal Search. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de una carga útil manipulada inyectada en el campo de texto Custom Parameter Name"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T19:59:49.272901Z","id":"CVE-2022-28979","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.4.3.4","matchCriteriaId":"71B2CB88-0B25-4CFC-A223-B740E2847FD3"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17381","source":"cve@mitre.org","tags":["Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28979-xss-in-custom-facet-widget","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17381","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28979-xss-in-custom-facet-widget","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-28982","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T00:15:09.947","lastModified":"2026-07-09T01:17:27.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in Liferay Portal v7.3.3 through v7.4.2 and Liferay DXP v7.3 before service pack 3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name of a tag."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en Liferay Portal versiones v7.3.3 hasta v7.4.2 y Liferay DXP versiones v7.3 anteriores a service pack 3 permite a atacantes ejecutar scripts web o HTML arbitrarios por medio de una carga útil diseñada inyectada en el nombre de una etiqueta"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T18:12:46.379816Z","id":"CVE-2022-28982","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.3","versionEndExcluding":"7.4.3.4","matchCriteriaId":"5A3A8F5E-502D-4BB3-9D19-E73FF74C00E3"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28982-reflected-xss-with-tag-name-in-%253Cliferay-asset-asset-tags-selector%253E","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28982-reflected-xss-with-tag-name-in-%253Cliferay-asset-asset-tags-selector%253E","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-39975","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T00:15:10.310","lastModified":"2026-07-09T01:17:42.577","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Liferay DXP 7.3 before update 10, and 7.4 before update 35 does not check user permission before showing the preview of a \"Content Page\" type page, allowing attackers to view unpublished \"Content Page\" pages via URL manipulation."},{"lang":"es","value":"El módulo Layout en Liferay Portal versiones v7.3.3 hasta v7.4.3.34, y Liferay DXP versiones 7.3 anteriores a update 10, y 7.4 anteriores a update 35, no comprueba el permiso del usuario antes de mostrar la vista previa de una página de tipo \"Content Page\", permitiendo a atacantes visualizar páginas de tipo \"Content Page\" no publicadas por medio de la manipulación de la URL"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T18:55:52.747515Z","id":"CVE-2022-39975","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_6:*:*:*:*:*:*","matchCriteriaId":"A7A399C4-6D4B-438C-9BAE-2893E457028A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_7:*:*:*:*:*:*","matchCriteriaId":"0CBACD88-B4F8-4496-9706-C666768AC9B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_8:*:*:*:*:*:*","matchCriteriaId":"510C440D-8B79-4685-8105-7A21A77CFC61"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_9:*:*:*:*:*:*","matchCriteriaId":"89C1DF64-7F4B-4231-A0F5-E4760D7CE008"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_17:*:*:*:*:*:*","matchCriteriaId":"A96A2A4A-3EB3-4074-A846-EC6EECC04B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_18:*:*:*:*:*:*","matchCriteriaId":"56DAE678-10B9-419D-9F5D-96E3AC3A6E4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_19:*:*:*:*:*:*","matchCriteriaId":"064F4C28-B1F5-44C2-91AA-A09FD56EC0B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_20:*:*:*:*:*:*","matchCriteriaId":"814D0CE3-B89F-423C-B1E3-47BD0A474491"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_21:*:*:*:*:*:*","matchCriteriaId":"58DB7C5A-B4E3-410A-B491-3F322B340BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_22:*:*:*:*:*:*","matchCriteriaId":"86B581B6-02B0-40B9-BB5C-E28FC51042DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_23:*:*:*:*:*:*","matchCriteriaId":"E7EFBC14-6785-4435-BA96-D77A857BC1C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_24:*:*:*:*:*:*","matchCriteriaId":"585635F8-53DC-4F64-BF6B-C6F72A5F4D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_25:*:*:*:*:*:*","matchCriteriaId":"355DD7FC-E9C7-43D6-8313-0474AB314F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_26:*:*:*:*:*:*","matchCriteriaId":"B0FDE8B1-444A-4FEB-AC97-4B29C914EB8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_27:*:*:*:*:*:*","matchCriteriaId":"683D063A-0E32-4E2D-8CBF-A57F45071F6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_28:*:*:*:*:*:*","matchCriteriaId":"7DFEBCAB-1D9B-4BED-A2C6-11BA863F1EE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_29:*:*:*:*:*:*","matchCriteriaId":"DB8733C4-8CE4-4E4B-A2AE-919AA69DAF8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_30:*:*:*:*:*:*","matchCriteriaId":"D372D9B9-5A83-4FF8-8DE5-617D99D1A8B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_31:*:*:*:*:*:*","matchCriteriaId":"7519ABB1-57A7-46F1-97FC-DD44787F2B6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_32:*:*:*:*:*:*","matchCriteriaId":"87BD916B-245C-4D62-B595-1985784C2ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_33:*:*:*:*:*:*","matchCriteriaId":"841E15A8-0819-4E48-B7E3-3ACCB4C1F43B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_34:*:*:*:*:*:*","matchCriteriaId":"91A243D9-7633-4836-B72D-75EF6C0F8876"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.3","versionEndExcluding":"7.4.3.35","matchCriteriaId":"A3D3F7B7-C39B-48E5-AD3A-1399B405F97B"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-39975","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-39975","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-28977","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T01:15:10.753","lastModified":"2026-07-09T01:17:26.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"HtmlUtil.escapeRedirect in Liferay Portal 7.3.1 through 7.4.2, and Liferay DXP 7.0 fix pack 91 through 101, 7.1 fix pack 17 through 25, 7.2 fix pack 5 through 14, and 7.3 before service pack 3 can be circumvented by using multiple forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via the (1) 'redirect` parameter (2) `FORWARD_URL` parameter, and (3) others parameters that rely on HtmlUtil.escapeRedirect."},{"lang":"es","value":"El archivo HtmlUtil.escapeRedirect en Liferay Portal versiones 7.3.1 hasta 7.4.2, y Liferay DXP versiones 7.0 fix pack 91 hasta 101, 7.1 fix pack 17 hasta 25, 7.2 fix pack 5 hasta 14, y 7. 3 anteriores a service pack 3, puede ser omitido mediante el uso de múltiples barras diagonales, lo que permite a atacantes remotos redirigir a usuarios a URLs externas arbitrarias por medio del parámetro (1) \"redirect\" (2) \"FORWARD_URL\" y (3) otros parámetros que dependen de HtmlUtil.escapeRedirect"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T16:00:44.111370Z","id":"CVE-2022-28977","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_100:*:*:*:*:*:*","matchCriteriaId":"8C9B7CF8-5553-47B6-BB57-0429D78AE301"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_101:*:*:*:*:*:*","matchCriteriaId":"FF82A60A-EA50-4409-9A2B-284C35315DF6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_97:*:*:*:*:*:*","matchCriteriaId":"8693CC24-CEF6-4479-A3DA-8FD5C73E9548"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_98:*:*:*:*:*:*","matchCriteriaId":"B1A95A94-83C6-4DCC-8208-B76B53678B25"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_99:*:*:*:*:*:*","matchCriteriaId":"A1831C4F-7887-489E-91C1-3997114917DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.1","versionEndExcluding":"7.4.3.4","matchCriteriaId":"22E35E99-E5B4-4A85-84CE-3139AFF96B85"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28977-htmlutil.escaperedirect-circumvention-with-multiple-forward-slash","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-28980","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T01:15:11.743","lastModified":"2026-07-09T01:17:27.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal v7.4.3.4 and Liferay DXP v7.4 GA allows attackers to execute arbitrary web scripts or HTML via parameters with the filter_ prefix."},{"lang":"es","value":"Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en Liferay Portal versión v7.4.3.4 y Liferay DXP versión v7.4 GA, permiten a atacantes ejecutar scripts web o HTML arbitrarios por medio de parámetros con el prefijo filter_"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T17:48:12.211228Z","id":"CVE-2022-28980","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga:*:*:*:*:*:*","matchCriteriaId":"0DB2556C-DE8B-4102-985D-C65A35A8BE5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionEndExcluding":"7.4.3.5","matchCriteriaId":"E04E0EDA-8E18-43C3-A0B2-DF45B7CE811D"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28980-reflected-xss-with-filter_%2A-parameters-in-applied-fragment-filters","source":"cve@mitre.org"},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28980-reflected-xss-with-filter_%2A-parameters-in-applied-fragment-filters","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-28981","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T01:15:11.820","lastModified":"2026-07-09T01:17:27.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Path traversal vulnerability in the Hypermedia REST APIs module in Liferay Portal 7.4.0 through 7.4.2 allows remote attackers to access files outside of com.liferay.headless.discovery.web/META-INF/resources via the `parameter` parameter."},{"lang":"es","value":"Una vulnerabilidad de salto de ruta en el módulo Hypermedia REST APIs de Liferay Portal versiones 7.4.0 hasta 7.4.2, permite a atacantes remotos acceder a archivos fuera de com.liferay.headless.discovery.web/META-INF/resources por medio del parámetro \"parameter\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T17:49:02.360376Z","id":"CVE-2022-28981","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndIncluding":"7.4.2","matchCriteriaId":"92A45267-93C8-47BC-A366-2A603FFB3546"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28981-path-traversal-vulnerability-in-hypermedia-rest-apis","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-28981-path-traversal-vulnerability-in-hypermedia-rest-apis","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-38512","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T01:15:11.897","lastModified":"2026-07-09T01:17:39.917","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Translation module in Liferay Portal v7.4.3.12 through v7.4.3.36, and Liferay DXP 7.4 update 8 through 36 does not check permissions before allowing a user to export a web content for translation, allowing attackers to download a web content page's XLIFF translation file via crafted URL."},{"lang":"es","value":"El módulo de traducción de Liferay Portal versiones v7.4.3.12 hasta v7.4.3.36, y Liferay DXP versiones 7.4 update 8 hasta 36, no comprueba los permisos antes de permitir a un usuario exportar un contenido web para su traducción, permitiendo a atacantes descargar el archivo de traducción XLIFF de una página de contenido web por medio de una URL diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T18:08:04.225721Z","id":"CVE-2022-38512","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_17:*:*:*:*:*:*","matchCriteriaId":"A96A2A4A-3EB3-4074-A846-EC6EECC04B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_18:*:*:*:*:*:*","matchCriteriaId":"56DAE678-10B9-419D-9F5D-96E3AC3A6E4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_19:*:*:*:*:*:*","matchCriteriaId":"064F4C28-B1F5-44C2-91AA-A09FD56EC0B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_20:*:*:*:*:*:*","matchCriteriaId":"814D0CE3-B89F-423C-B1E3-47BD0A474491"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_21:*:*:*:*:*:*","matchCriteriaId":"58DB7C5A-B4E3-410A-B491-3F322B340BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_22:*:*:*:*:*:*","matchCriteriaId":"86B581B6-02B0-40B9-BB5C-E28FC51042DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_23:*:*:*:*:*:*","matchCriteriaId":"E7EFBC14-6785-4435-BA96-D77A857BC1C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_24:*:*:*:*:*:*","matchCriteriaId":"585635F8-53DC-4F64-BF6B-C6F72A5F4D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_25:*:*:*:*:*:*","matchCriteriaId":"355DD7FC-E9C7-43D6-8313-0474AB314F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_26:*:*:*:*:*:*","matchCriteriaId":"B0FDE8B1-444A-4FEB-AC97-4B29C914EB8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_27:*:*:*:*:*:*","matchCriteriaId":"683D063A-0E32-4E2D-8CBF-A57F45071F6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_28:*:*:*:*:*:*","matchCriteriaId":"7DFEBCAB-1D9B-4BED-A2C6-11BA863F1EE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_29:*:*:*:*:*:*","matchCriteriaId":"DB8733C4-8CE4-4E4B-A2AE-919AA69DAF8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_30:*:*:*:*:*:*","matchCriteriaId":"D372D9B9-5A83-4FF8-8DE5-617D99D1A8B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_31:*:*:*:*:*:*","matchCriteriaId":"7519ABB1-57A7-46F1-97FC-DD44787F2B6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_32:*:*:*:*:*:*","matchCriteriaId":"87BD916B-245C-4D62-B595-1985784C2ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_33:*:*:*:*:*:*","matchCriteriaId":"841E15A8-0819-4E48-B7E3-3ACCB4C1F43B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_34:*:*:*:*:*:*","matchCriteriaId":"91A243D9-7633-4836-B72D-75EF6C0F8876"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_35:*:*:*:*:*:*","matchCriteriaId":"6E2B1876-78B1-407A-9392-94FFF33AC803"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_36:*:*:*:*:*:*","matchCriteriaId":"4C6BBDC0-9D68-4653-9177-E49B847B04ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.12","versionEndIncluding":"7.4.3.36","matchCriteriaId":"F8A78EE0-809C-4D58-9778-296ACB01C1EF"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-38512","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-38512","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-34026","sourceIdentifier":"cve@mitre.org","published":"2022-09-22T18:15:09.983","lastModified":"2026-07-09T01:17:32.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ICEcoder v8.1 allows attackers to execute a directory traversal."},{"lang":"es","value":"ICEcoder versión v8.1, permite a atacantes ejecutar un salto de directorio"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T15:04:28.049318Z","id":"CVE-2022-34026","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:icecoder:icecoder:8.1:*:*:*:*:*:*:*","matchCriteriaId":"4C47354C-DE50-4271-8884-807BC04EB07F"}]}]}],"references":[{"url":"https://gist.github.com/enferas/85cdbadf5cba32ec7c8db6ea9e6833bf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder/blob/master/classes/Settings.php","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder/blob/master/lib/settings.php","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/enferas/85cdbadf5cba32ec7c8db6ea9e6833bf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder/blob/master/classes/Settings.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/icecoder/ICEcoder/blob/master/lib/settings.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-30426","sourceIdentifier":"cve@mitre.org","published":"2022-09-23T00:15:09.747","lastModified":"2026-07-09T01:17:29.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir."},{"lang":"es","value":"Se presenta una vulnerabilidad de desbordamiento del búfer de la pila, que podría conllevar a una ejecución de código arbitrario en el controlador UEFI DXE de algunos productos Acer. Un ataque podría explotar esta vulnerabilidad para escalar el privilegio del anillo 3 al anillo 0, y secuestrar el flujo de control durante la ejecución de UEFI DXE. Esto afecta a versiones de firmware Altos T110 F3 versiones anteriores a P13 incluyéndola (más reciente) y AP130 F2 versiones anteriores a P04 incluyéndola (más reciente) y Aspire 1600X versiones anteriores a P11.A3L incluyéndola (más reciente) y Aspire 1602M versiones anteriores a P11.A3L incluyéndola (más reciente) y Aspire 7600U versiones anteriores a P11. A4 incluyéndola (más reciente) y Aspire MC605 versiones de firmware anteriores a P11.A4L incluyéndola (más reciente) y Aspire TC-105 versiones de firmware anteriores a P12.B0L incluyéndola (más reciente) y Aspire TC-120 versiones de firmware anteriores a P11-A4 incluyéndola (más reciente) y Aspire U5-620 versiones de firmware anteriores a P11.A1 incluyéndola (más reciente) y Aspire X1935 versiones de firmware anteriores a P11. A3L incluyéndola (más reciente) y Aspire X3475 versiones de firmware anteriores a P11.A3L incluyéndola (más reciente) y Aspire X3995 versiones de firmware anteriores a P11.A3L incluyéndola (más reciente) y Aspire XC100 versiones de firmware anteriores a P11.B3 incluyéndola (más reciente) y Aspire XC600 versiones de firmware anteriores a P11.A4 incluyéndola (más reciente) y Aspire Z3-615 versiones de firmware anteriores a P11. A2L incluyéndola (más reciente) y Veriton E430G versiones de firmware anteriores a P21.A1 incluyéndola (más reciente) y Veriton B630_49 versiones de firmware anteriores a AAP02SR incluyéndola (más reciente) y Veriton E430 versiones de firmware anteriores a P11.A4 incluyéndola (más reciente) y Veriton M2110G versiones de firmware anteriores a P21.A3 incluyéndola (más reciente) y Veriton M2120G fir."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-27T16:05:03.668341Z","id":"CVE-2022-30426","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p13","matchCriteriaId":"3B2791BB-A1C2-4121-B095-9E26506B9C51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*","matchCriteriaId":"5192B7DC-EDF8-438E-A3F4-8141124A894C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p04","matchCriteriaId":"6A2A45A3-5B4F-47D2-8EC3-49DD183AA182"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*","matchCriteriaId":"7F9D4FC0-0F81-4F53-BA5D-30E4941C3EB4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3l","matchCriteriaId":"B80DDBC5-581F-442F-8656-BD9CB1F1CE38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*","matchCriteriaId":"8BED3067-CAC9-4705-9E9A-7960B29923AC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3l","matchCriteriaId":"02B51526-8A53-444C-803B-C9C7A925DD8C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*","matchCriteriaId":"D615C9B3-0F1A-4DEA-97EC-82D38EAD64DF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4","matchCriteriaId":"E1BD824E-31EF-4CB0-9545-485A8A8C71A5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*","matchCriteriaId":"7DF2DACF-5EE4-43E9-8AA6-C06EE2AF3386"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4l","matchCriteriaId":"56ADF471-DC77-4280-8DEB-888D33AC8D4B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*","matchCriteriaId":"B4BF06C4-D5B0-44C1-8B5F-9752D6B96EC6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p12.b0l","matchCriteriaId":"44AB957C-37C7-4318-AE58-6068FA3CFB20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*","matchCriteriaId":"1AB402BB-37AB-45CB-B46F-9F1B30CCBF3E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11-a4","matchCriteriaId":"36F88B4D-92BF-4F72-B263-22A755E64976"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*","matchCriteriaId":"63853105-572F-4A6A-9EAF-BABD865669BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a1","matchCriteriaId":"CB661FEE-48E5-4715-B24F-97CEC4FE10D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*","matchCriteriaId":"3495EC6F-F427-4C8C-8060-07EC25EF0B2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3l","matchCriteriaId":"CEE0D973-F42D-400B-90A4-344E8718B700"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*","matchCriteriaId":"057EAAC2-B41D-4129-90E1-40E503956314"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3l","matchCriteriaId":"A52714FA-63D2-4737-903A-DB5D005AF6D0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*","matchCriteriaId":"CA0D813C-8185-4684-920A-FA0DE59E8372"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3l","matchCriteriaId":"24028FEA-A178-4E9A-AF22-B3DDFF395B94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*","matchCriteriaId":"4B67ECCB-7A82-4C8E-82DD-94454C0250DF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.b3","matchCriteriaId":"2A4D90E6-997B-464B-9583-73ADAB1A59C1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*","matchCriteriaId":"3A675A48-D67D-45EF-9536-1AC1CD625AC3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4","matchCriteriaId":"825F42E9-78D0-46B3-8A15-8256AA6D7921"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*","matchCriteriaId":"8A1080F0-A741-4D3E-8BD5-23418EDFAABE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a2l","matchCriteriaId":"147C6EBF-B966-44FA-BE98-47B62C4B2C3C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*","matchCriteriaId":"8941F8FF-B1FB-43D3-BD51-EF975FCDEA5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"aap02sr","matchCriteriaId":"9F671E74-9ECA-4128-8651-6531DF8943C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*","matchCriteriaId":"BFF5700B-A1B1-478C-9D46-7BB03B02A33A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a1","matchCriteriaId":"5569439E-70BE-4292-923B-36CFB243157F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*","matchCriteriaId":"80AFD3EE-BD0E-4305-A614-49A9EBDE8DFE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4","matchCriteriaId":"3DF01945-D1B8-46FB-ADB1-E6961CD62304"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*","matchCriteriaId":"72D7420D-B331-4CED-B3CB-FCFE89A0AD2B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a3","matchCriteriaId":"27DCBE2B-2144-4B3A-B8BE-D20524E9D480"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*","matchCriteriaId":"B926D324-52A0-4154-BFD1-828A86E14E71"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11-a3","matchCriteriaId":"D3FC4021-CE28-4345-9E29-0FC021043D5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*","matchCriteriaId":"CA330154-46D5-48F9-BC38-3F32398E9B66"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11-b0l","matchCriteriaId":"B0EB70DA-B093-4413-958D-EAB4287B2B03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*","matchCriteriaId":"B9F018AD-3FAC-4640-AF1B-0E152C11C9DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.b0","matchCriteriaId":"05BB96E6-2E46-4AA8-B85B-BC081A20AC09"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*","matchCriteriaId":"59F23A15-D272-4F2B-86DF-C33CD3E75FB1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a3","matchCriteriaId":"0923E59D-3416-412C-B860-D3E627026DB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*","matchCriteriaId":"9E820FD3-6104-4E48-8A11-EE9C5DC1988C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a3","matchCriteriaId":"FD6940E0-06D8-406F-8CAB-EBEFF61395E9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*","matchCriteriaId":"3410E262-1FC3-4913-8A63-3A4058B0A895"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a0","matchCriteriaId":"6516D45E-ED3C-45D4-A26B-B9B6EE57ABA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*","matchCriteriaId":"1257B81A-F0C9-4E3C-9058-1BA99412B54D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.b0","matchCriteriaId":"563037E2-10B9-41A5-A960-8C2DCBA1910B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*","matchCriteriaId":"EFABCD4B-3BB7-440B-AAA9-3DD867EA631B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a2l","matchCriteriaId":"280227DB-8784-4A6E-96A2-06326D3A2B71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*","matchCriteriaId":"36A00E5B-1887-407F-BDAE-268DB0F8CAA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.b0","matchCriteriaId":"4B70CE5F-2E47-4E0F-8915-B090D01EA6C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*","matchCriteriaId":"F56E9648-5D73-41F4-A8AA-B1EFD6F3A290"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a1","matchCriteriaId":"F174F4D1-0A29-4920-93A6-9FB0B15F4834"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*","matchCriteriaId":"B1812657-8B66-4B5F-B919-EA8D7096EBFF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4","matchCriteriaId":"270A755C-AB19-4861-A124-05845EC32EC3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*","matchCriteriaId":"5B81F010-F6D6-458F-8618-CF2AE99CA20F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a4","matchCriteriaId":"634D7E54-8EDE-4C96-9397-14423609E65F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*","matchCriteriaId":"4B7FE60D-E18E-4848-AB0C-34FD48EA8206"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3","matchCriteriaId":"BAB09332-C738-4705-B87A-28335833F4B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*","matchCriteriaId":"D8DA37FE-1185-49E2-AF47-C9FABAF7BEA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p11.a3","matchCriteriaId":"2ADD04E1-905C-4EFF-996A-DE40126DE812"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*","matchCriteriaId":"9CE7F361-623E-4402-877A-0AAE4B3A2C9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"p21.a1","matchCriteriaId":"B0F99D10-818F-41C8-AA2E-A234494FD87F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*","matchCriteriaId":"8ADA6657-4BE8-47C7-B9AF-2ACD532D3EC3"}]}]}],"references":[{"url":"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38553","sourceIdentifier":"cve@mitre.org","published":"2022-09-26T10:15:09.883","lastModified":"2026-07-09T01:17:40.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Academy Learning Management System before v5.9.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter."},{"lang":"es","value":"Se ha detectado que Academy Learning Management System versiones anteriores a 5.9.1, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado por medio del parámetro Search."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-21T16:14:15.596841Z","id":"CVE-2022-38553","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:creativeitem:academy_learning_management_system:*:*:*:*:*:*:*:*","versionEndExcluding":"5.9.1","matchCriteriaId":"A54B4E70-321B-47A8-9106-EE5A65D112D8"}]}]}],"references":[{"url":"https://codecanyon.net/item/academy-course-based-learning-management-system/22703468","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://demo.creativeitem.com/academy/home/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E","source":"cve@mitre.org"},{"url":"https://github.com/4websecurity/CVE-2022-38553/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://codecanyon.net/item/academy-course-based-learning-management-system/22703468","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]},{"url":"https://demo.creativeitem.com/academy/home/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://demo.creativeitem.com/academy/home/search?query=%22%3E%3Cscript%3Ealert%28%22XSS%22%29%3C/script%3E","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/4websecurity/CVE-2022-38553/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40048","sourceIdentifier":"cve@mitre.org","published":"2022-09-29T01:15:11.560","lastModified":"2026-07-09T01:17:43.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Flatpress v1.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the Upload File function."},{"lang":"es","value":"Se ha detectado que Flatpress versión v1.2.1, contiene una vulnerabilidad de ejecución de código remota (RCE) en la función Upload File"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-20T19:57:28.611180Z","id":"CVE-2022-40048","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"093CD9A0-00B2-442D-A7E8-9F4787EEC169"}]}]}],"references":[{"url":"https://github.com/flatpressblog/flatpress/issues/152","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/flatpressblog/flatpress/issues/152","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35155","sourceIdentifier":"cve@mitre.org","published":"2022-09-30T19:15:15.407","lastModified":"2026-07-09T01:17:34.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bus Pass Management System v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the searchdata parameter."},{"lang":"es","value":"Se ha detectado que Bus Pass Management System versión v1.0, contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado por medio del parámetro searchdata"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-23T13:30:41.144070Z","id":"CVE-2022-35155","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"2E4D3314-CB15-4EAB-B63F-2017C012C330"}]}]}],"references":[{"url":"https://github.com/shellshok3/Cross-Site-Scripting-XSS/blob/main/Bus%20Pass%20Management%20System%201.0.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/168555/Bus-Pass-Management-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"https://github.com/shellshok3/Cross-Site-Scripting-XSS/blob/main/Bus%20Pass%20Management%20System%201.0.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35156","sourceIdentifier":"cve@mitre.org","published":"2022-09-30T19:15:15.510","lastModified":"2026-07-09T01:17:34.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bus Pass Management System 1.0 was discovered to contain a SQL Injection vulnerability via the searchdata parameter at /buspassms/download-pass.php.."},{"lang":"es","value":"Se ha detectado que Bus Pass Management System versión 1.0, contiene una vulnerabilidad de inyección SQL por medio del parámetro searchdata en el archivo /buspassms/download-pass.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-20T15:58:27.306716Z","id":"CVE-2022-35156","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:bus_pass_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"2E4D3314-CB15-4EAB-B63F-2017C012C330"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/168555/Bus-Pass-Management-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/50543","source":"cve@mitre.org"},{"url":"https://packetstormsecurity.com/files/168555/Bus-Pass-Management-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2022-40341","sourceIdentifier":"cve@mitre.org","published":"2022-09-30T19:15:15.887","lastModified":"2026-07-09T01:17:44.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file."},{"lang":"es","value":"Se ha detectado que mojoPortal versión v2.7, contiene una vulnerabilidad de descarga de archivos arbitraria que permite a atacantes ejecutar código arbitrario por medio de un archivo PNG diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-20T15:36:27.617816Z","id":"CVE-2022-40341","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mojoportal:mojoportal:2.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C27465AD-B505-48F8-9473-2B07A7634FC8"}]}]}],"references":[{"url":"https://weed-1.gitbook.io/cve/mojoportal/upload-malicious-file-in-mojoportal-v2.7-cve-2022-40341","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://weed-1.gitbook.io/cve/mojoportal/upload-malicious-file-in-mojoportal-v2.7-cve-2022-40341","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36551","sourceIdentifier":"cve@mitre.org","published":"2022-10-03T12:15:09.627","lastModified":"2026-07-09T01:17:37.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Server Side Request Forgery (SSRF) in the Data Import module in Heartex - Label Studio Community Edition versions 1.5.0 and earlier allows an authenticated user to access arbitrary files on the system. Furthermore, self-registration is enabled by default in these versions of Label Studio enabling a remote attacker to create a new account and then exploit the SSRF."},{"lang":"es","value":"Una vulnerabilidad de tipo Server Side Request Forgery (SSRF) en el módulo de importación de datos en Heartex - Label Studio Community Edition versiones 1.5.0 y anteriores, permite a un usuario autenticado acceder a archivos arbitrarios en el sistema. Además, el auto registro está habilitado por defecto en estas versiones de Label Studio, permitiendo a un atacante remoto crear una nueva cuenta y luego explotar una vulnerabilidad de tipo SSRF"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:heartex:label_studio:*:*:*:*:community:*:*:*","versionEndIncluding":"1.5.0","matchCriteriaId":"9A355EAD-BADA-44D1-8E3A-C314BBD2E321"}]}]}],"references":[{"url":"http://labelstud.io","source":"cve@mitre.org","tags":["Product"]},{"url":"http://packetstormsecurity.com/files/171548/Label-Studio-1.5.0-Server-Side-Request-Forgery.html","source":"cve@mitre.org"},{"url":"https://github.com/heartexlabs/label-studio/pull/2840","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"http://labelstud.io","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http://packetstormsecurity.com/files/171548/Label-Studio-1.5.0-Server-Side-Request-Forgery.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/heartexlabs/label-studio/pull/2840","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40123","sourceIdentifier":"cve@mitre.org","published":"2022-10-03T13:15:11.460","lastModified":"2026-07-09T01:17:44.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the \"f\" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system."},{"lang":"es","value":"Se ha detectado que mojoPortal versión v2.7, contiene una vulnerabilidad de salto de ruta por medio del parámetro \"f\" en el archivo /DesignTools/CssEditor.aspx. Esta vulnerabilidad permite a atacantes autenticados leer archivos arbitrarios en el sistema"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mojoportal:mojoportal:2.7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C27465AD-B505-48F8-9473-2B07A7634FC8"}]}]}],"references":[{"url":"https://weed-1.gitbook.io/cve/mojoportal/directory-traversal-in-mojoportal-v2.7-cve-2022-40123","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://weed-1.gitbook.io/cve/mojoportal/directory-traversal-in-mojoportal-v2.7-cve-2022-40123","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36634","sourceIdentifier":"cve@mitre.org","published":"2022-10-07T20:15:14.993","lastModified":"2026-07-09T01:17:37.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in ZKTeco ZKBioSecurity V5000 3.0.5_r allows attackers to arbitrarily create admin users via a crafted HTTP request."},{"lang":"es","value":"Un problema de control de acceso en ZKTeco ZKBioSecurity V5000 versión 3.0.5_r permite a atacantes crear arbitrariamente usuarios administradores por medio de una petición HTTP diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:zkbiosecurity_v5000:3.0.5.0_r:*:*:*:*:*:*:*","matchCriteriaId":"65D5BDDB-F432-4961-A0A2-825E8545E1D7"}]}]}],"references":[{"url":"https://seclists.org/fulldisclosure/2022/Sep/29","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2022/Sep/29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36635","sourceIdentifier":"cve@mitre.org","published":"2022-10-07T23:15:12.727","lastModified":"2026-07-09T01:17:37.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do."},{"lang":"es","value":"Se ha detectado que ZKteco ZKBioSecurity V5000 versión 4.1.3, contiene una vulnerabilidad de inyección SQL por medio del componente /baseOpLog.do"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:zkbiosecurity_v5000:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"D6F7927F-67F4-4288-8DA4-1BE7C06F1DFB"}]}]}],"references":[{"url":"https://medium.com/stolabs/cve-2022-36635-a-sql-injection-in-zksecuritybio-to-rce-c5bde2962d47","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://medium.com/stolabs/cve-2022-36635-a-sql-injection-in-zksecuritybio-to-rce-c5bde2962d47","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40047","sourceIdentifier":"cve@mitre.org","published":"2022-10-11T19:15:20.327","lastModified":"2026-07-09T01:17:43.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php."},{"lang":"es","value":"Se ha detectado que Flatpress v1.2.1 contiene una vulnerabilidad de tipo cross-site scripting (XSS) reflejado por medio del parámetro page en el archivo /flatpress/admin.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:*","matchCriteriaId":"093CD9A0-00B2-442D-A7E8-9F4787EEC169"}]}]}],"references":[{"url":"https://github.com/flatpressblog/flatpress/issues/153","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/flatpressblog/flatpress/issues/153","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40440","sourceIdentifier":"cve@mitre.org","published":"2022-10-12T00:15:10.117","lastModified":"2026-07-09T01:17:44.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"mxGraph v4.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the setTooltips() function."},{"lang":"es","value":"Se ha detectado que mxGraph versión v4.2.2, contiene una vulnerabilidad de tipo cross-site scripting (XSS) por medio de la función setTooltips()"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jgraph:mxgraph:4.2.2:*:*:*:*:*:*:*","matchCriteriaId":"BAA6B0A1-A52B-44FD-A6CF-587A172E758D"}]}]}],"references":[{"url":"https://github.com/SxB64/mxgraph-xss-vul/wiki","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jgraph/mxgraph","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/SxB64/mxgraph-xss-vul/wiki","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jgraph/mxgraph","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-33106","sourceIdentifier":"cve@mitre.org","published":"2022-10-12T14:15:09.863","lastModified":"2026-07-09T01:17:32.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the attacker to brute force the admin password leading to Account Take Over."},{"lang":"es","value":"Se ha detectado que la versión U250 es vulnerable a un ataque No Rate Limit, que permite al atacante forzar la contraseña del administrador, conllevando a una toma de control de la cuenta"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-16T13:41:48.248336Z","id":"CVE-2022-33106","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:wijungle:u250_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A46CA24D-9EAD-4999-9627-2A792F618149"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:wijungle:u250:-:*:*:*:*:*:*:*","matchCriteriaId":"97E18334-8245-478A-B0AE-E5358C6410A6"}]}]}],"references":[{"url":"https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://hexisanoob.gitbook.io/hexisanoob/cves/cve-2022-33106","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38902","sourceIdentifier":"cve@mitre.org","published":"2022-10-13T13:15:10.043","lastModified":"2026-07-09T01:17:42.403","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Blog module - add new topic functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the name field of newly created topic."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la funcionalidad Blog module - add new topic en Liferay Digital Experience Platform 7.3.10 SP3, permite a atacantes remotos inyectar scripts JS o HTML arbitrarios en el campo del nombre del tema recién creado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-15T15:15:52.295888Z","id":"CVE-2022-38902","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_6:*:*:*:*:*:*","matchCriteriaId":"A7A399C4-6D4B-438C-9BAE-2893E457028A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_7:*:*:*:*:*:*","matchCriteriaId":"0CBACD88-B4F8-4496-9706-C666768AC9B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_8:*:*:*:*:*:*","matchCriteriaId":"510C440D-8B79-4685-8105-7A21A77CFC61"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndIncluding":"7.4.0","matchCriteriaId":"52877E3A-4E07-4B14-BABC-B70266FEFEDE"}]}]}],"references":[{"url":"https://drive.proton.me/urls/D27RQ14NGW#b71d8XrBl2Mu","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.offensity.com/en/blog/authenticated-persistent-xss-in-liferay-dxp-cms-cve-2022-38901-and-cve-2022-38902/","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://drive.proton.me/urls/D27RQ14NGW#b71d8XrBl2Mu","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.offensity.com/en/blog/authenticated-persistent-xss-in-liferay-dxp-cms-cve-2022-38901-and-cve-2022-38902/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-41542","sourceIdentifier":"cve@mitre.org","published":"2022-10-17T14:15:13.793","lastModified":"2026-07-09T01:17:46.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"devhub 0.102.0 was discovered to contain a broken session control."},{"lang":"es","value":"Se ha detectado que devhub versión 0.102.0, contiene un control de sesión roto"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-13T15:32:00.984336Z","id":"CVE-2022-41542","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devhubapp:devhub:0.102.0:*:*:*:*:*:*:*","matchCriteriaId":"AD11DD38-4E7B-44FA-86A8-3BA34536B99C"}]}]}],"references":[{"url":"https://app.devhubapp.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://devhubapp.com/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://medium.com/@sc0p3hacker/cve-2022-41542-session-mis-configuration-in-devhub-application-ca956bb9027a","source":"cve@mitre.org"},{"url":"https://app.devhubapp.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://devhubapp.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://medium.com/%40sc0p3hacker/cve-2022-41542-session-mis-configuration-in-devhub-application-ca956bb9027a","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-40055","sourceIdentifier":"cve@mitre.org","published":"2022-10-17T18:15:12.737","lastModified":"2026-07-09T01:17:43.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in GX Group GPON ONT Titanium 2122A T2122-V1.26EXL allows attackers to escalate privileges via a brute force attack at the login page."},{"lang":"es","value":"Un problema en GX Group GPON ONT Titanium 2122A versión T2122-V1.26EXL, permite a atacantes escalar privilegios por medio de un ataque de fuerza bruta en la página de inicio de sesión"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-14T20:24:01.297793Z","id":"CVE-2022-40055","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gxgroup:gpon_ont_titanium_2122a_firmware:t2122-v1.26exl:*:*:*:*:*:*:*","matchCriteriaId":"BEF8730F-BDB4-4E91-B3AE-14DAAFC76E7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gxgroup:gpon_ont_titanium_2122a:c40-210:*:*:*:*:*:*:*","matchCriteriaId":"D0E8C46A-093B-4160-8D33-C327890AE8B8"}]}]}],"references":[{"url":"https://blog.alphathreat.in/index.php?post/2022/10/01/Achieving-CVE-2022-40055","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://blog.alphathreat.in/index.php?post/2022/10/01/Achieving-CVE-2022-40055","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-3305","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T11:15:09.513","lastModified":"2026-07-09T01:17:01.363","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Beijing Feishu Technology Co., Ltd Feishu v3.40.3 was discovered to contain an untrusted search path vulnerability."},{"lang":"es","value":"Se ha detectado que Beijing Feishu Technology Co., Ltd Feishu versión 3.40.3, contiene una vulnerabilidad de ruta de búsqueda no confiable"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-13T14:58:43.862416Z","id":"CVE-2021-3305","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-426"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-426"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:feishu:feishu:*:*:*:*:*:*:*:*","versionStartIncluding":"3.40.3","versionEndIncluding":"3.41.3","matchCriteriaId":"DB806253-AB3A-42A7-93A4-FA41FCE9F413"}]}]}],"references":[{"url":"https://github.com/liong007/Feishu/issues/1","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.feishu.cn/","source":"nvd@nist.gov","tags":["Vendor Advisory"]},{"url":"https://github.com/liong007/Feishu/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42112","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.203","lastModified":"2026-07-09T01:17:46.330","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Portal Search module's Sort widget in Liferay Portal 7.2.0 through 7.4.3.24, and Liferay DXP 7.2 before fix pack 19, 7.3 before update 5, and DXP 7.4 before update 25 allows remote attackers to inject arbitrary web script or HTML via a crafted payload."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el widget Sort del módulo Portal Search en Liferay Portal versiones 7.2.0 hasta 7.4.3.24, y Liferay DXP 7.2 versiones anteriores a fix pack 19, 7.3 anteriores a update 5, y DXP versiones 7.4 anteriores a update 25, permite a atacantes remotos inyectar scripts web o HTML arbitrarios por medio de una carga útil diseñada"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-10T02:43:43.584517Z","id":"CVE-2022-42112","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2","matchCriteriaId":"AF8EBC77-BA94-4AA8-BAF0-D1E3C9146459"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"54E499E6-C747-476B-BFE2-C04D9F8744F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga1:*:*:*:*:*:*","matchCriteriaId":"186D21EA-CD15-4F50-B129-6EF8DCB4FE50"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_17:*:*:*:*:*:*","matchCriteriaId":"A96A2A4A-3EB3-4074-A846-EC6EECC04B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_18:*:*:*:*:*:*","matchCriteriaId":"56DAE678-10B9-419D-9F5D-96E3AC3A6E4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_19:*:*:*:*:*:*","matchCriteriaId":"064F4C28-B1F5-44C2-91AA-A09FD56EC0B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_20:*:*:*:*:*:*","matchCriteriaId":"814D0CE3-B89F-423C-B1E3-47BD0A474491"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_21:*:*:*:*:*:*","matchCriteriaId":"58DB7C5A-B4E3-410A-B491-3F322B340BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_22:*:*:*:*:*:*","matchCriteriaId":"86B581B6-02B0-40B9-BB5C-E28FC51042DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_23:*:*:*:*:*:*","matchCriteriaId":"E7EFBC14-6785-4435-BA96-D77A857BC1C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_24:*:*:*:*:*:*","matchCriteriaId":"585635F8-53DC-4F64-BF6B-C6F72A5F4D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.4.3.25","matchCriteriaId":"2DAC6B76-A5D8-4164-8DF8-1058858F78EE"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42112","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42112","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42113","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.247","lastModified":"2026-07-09T01:17:46.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in Document Library module in Liferay Portal 7.4.3.30 through 7.4.3.36, and Liferay DXP 7.4 update 30 through update 36 allows remote attackers to inject arbitrary web script or HTML via the `redirect` parameter."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en el módulo Document Library de Liferay Portal versiones 7.4.3.30 hasta 7.4.3.36, y Liferay DXP versiones 7.4 update 30 hasta update 36, permite a atacantes remotos inyectar script web o HTML arbitrarios por medio del parámetro \"redirect\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-10T02:41:39.272934Z","id":"CVE-2022-42113","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_30:*:*:*:*:*:*","matchCriteriaId":"D372D9B9-5A83-4FF8-8DE5-617D99D1A8B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_31:*:*:*:*:*:*","matchCriteriaId":"7519ABB1-57A7-46F1-97FC-DD44787F2B6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_32:*:*:*:*:*:*","matchCriteriaId":"87BD916B-245C-4D62-B595-1985784C2ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_33:*:*:*:*:*:*","matchCriteriaId":"841E15A8-0819-4E48-B7E3-3ACCB4C1F43B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_34:*:*:*:*:*:*","matchCriteriaId":"91A243D9-7633-4836-B72D-75EF6C0F8876"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_35:*:*:*:*:*:*","matchCriteriaId":"6E2B1876-78B1-407A-9392-94FFF33AC803"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_36:*:*:*:*:*:*","matchCriteriaId":"4C6BBDC0-9D68-4653-9177-E49B847B04ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.30","versionEndExcluding":"7.4.3.37","matchCriteriaId":"C4595361-88D2-42D7-8B52-295572A474E4"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42113","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42114","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.287","lastModified":"2026-07-09T01:17:46.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Role module's edit role assignees page in Liferay Portal 7.4.0 through 7.4.3.36, and Liferay DXP 7.4 before update 37 allows remote attackers to inject arbitrary web script or HTML."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en la página de edición de asignados de roles del módulo Role en Liferay Portal versiones 7.4.0 hasta 7.4.3.36, y Liferay DXP versiones 7.4 anteriores a update 37, permite a atacantes remotos inyectar script web o HTML arbitrarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-10T02:40:21.410093Z","id":"CVE-2022-42114","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionEndExcluding":"7.4","matchCriteriaId":"9751440B-FA20-42E4-9B44-5DDF227CDA1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga1:*:*:*:*:*:*","matchCriteriaId":"186D21EA-CD15-4F50-B129-6EF8DCB4FE50"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_17:*:*:*:*:*:*","matchCriteriaId":"A96A2A4A-3EB3-4074-A846-EC6EECC04B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_18:*:*:*:*:*:*","matchCriteriaId":"56DAE678-10B9-419D-9F5D-96E3AC3A6E4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_19:*:*:*:*:*:*","matchCriteriaId":"064F4C28-B1F5-44C2-91AA-A09FD56EC0B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_20:*:*:*:*:*:*","matchCriteriaId":"814D0CE3-B89F-423C-B1E3-47BD0A474491"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_21:*:*:*:*:*:*","matchCriteriaId":"58DB7C5A-B4E3-410A-B491-3F322B340BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_22:*:*:*:*:*:*","matchCriteriaId":"86B581B6-02B0-40B9-BB5C-E28FC51042DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_23:*:*:*:*:*:*","matchCriteriaId":"E7EFBC14-6785-4435-BA96-D77A857BC1C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_24:*:*:*:*:*:*","matchCriteriaId":"585635F8-53DC-4F64-BF6B-C6F72A5F4D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_25:*:*:*:*:*:*","matchCriteriaId":"355DD7FC-E9C7-43D6-8313-0474AB314F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_26:*:*:*:*:*:*","matchCriteriaId":"B0FDE8B1-444A-4FEB-AC97-4B29C914EB8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_27:*:*:*:*:*:*","matchCriteriaId":"683D063A-0E32-4E2D-8CBF-A57F45071F6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_28:*:*:*:*:*:*","matchCriteriaId":"7DFEBCAB-1D9B-4BED-A2C6-11BA863F1EE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_29:*:*:*:*:*:*","matchCriteriaId":"DB8733C4-8CE4-4E4B-A2AE-919AA69DAF8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_30:*:*:*:*:*:*","matchCriteriaId":"D372D9B9-5A83-4FF8-8DE5-617D99D1A8B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_31:*:*:*:*:*:*","matchCriteriaId":"7519ABB1-57A7-46F1-97FC-DD44787F2B6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_32:*:*:*:*:*:*","matchCriteriaId":"87BD916B-245C-4D62-B595-1985784C2ABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_33:*:*:*:*:*:*","matchCriteriaId":"841E15A8-0819-4E48-B7E3-3ACCB4C1F43B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_34:*:*:*:*:*:*","matchCriteriaId":"91A243D9-7633-4836-B72D-75EF6C0F8876"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_35:*:*:*:*:*:*","matchCriteriaId":"6E2B1876-78B1-407A-9392-94FFF33AC803"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_36:*:*:*:*:*:*","matchCriteriaId":"4C6BBDC0-9D68-4653-9177-E49B847B04ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.3.37","matchCriteriaId":"0086FDBD-9139-44E9-A01B-BE5C59456DC7"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42114","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42114","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42115","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.330","lastModified":"2026-07-09T01:17:46.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in the Object module's edit object details page in Liferay Portal 7.4.3.4 through 7.4.3.36 allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into the object field's `Label` text field."},{"lang":"es","value":"Una vulnerabilidad de tipo cross-site scripting (XSS) en la página de edición de detalles de objetos del módulo Object en Liferay Portal 7.4.3.4 hasta 7.4.3.36, permite a atacantes remotos inyectar script web o HTML arbitrario por medio de una carga útil diseñada inyectada en el campo de texto \"Label\" del campo de objetos"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-13T14:40:02.211779Z","id":"CVE-2022-42115","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.4","versionEndExcluding":"7.4.3.37","matchCriteriaId":"8E68913A-1A6F-4AFC-AFAD-A9372AFE6281"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42115","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42115","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42116","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.373","lastModified":"2026-07-09T01:17:46.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Frontend Editor module's integration with CKEditor in Liferay Portal 7.3.2 through 7.4.3.14, and Liferay DXP 7.3 before update 6, and 7.4 before update 15 allows remote attackers to inject arbitrary web script or HTML via the (1) name, or (2) namespace parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-site scripting (XSS) en la integración del módulo Frontend Editor con CKEditor en Liferay Portal versiones 7.3.2 hasta 7.4.3.14, y Liferay DXP versiones 7.3 anteriores a update 6, y versiones 7.4 anteriores a update 15, permite a atacantes remotos inyectar script web o HTML arbitrarios por medio del parámetro (1) name, o (2) namespace"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-13T14:38:42.434125Z","id":"CVE-2022-42116","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"5C0B6536-11D4-48A1-8EC8-FCDFFFD07540"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga1:*:*:*:*:*:*","matchCriteriaId":"186D21EA-CD15-4F50-B129-6EF8DCB4FE50"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndExcluding":"7.4.3.15","matchCriteriaId":"5DC7AD5B-063F-4C30-A9D9-08C3F90185D9"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42116","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42116","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42117","sourceIdentifier":"cve@mitre.org","published":"2022-10-18T21:15:16.413","lastModified":"2026-07-09T01:17:47.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.3.2 through 7.4.3.16, and Liferay DXP 7.3 before update 6, and 7.4 before update 17 allows remote attackers to inject arbitrary web script or HTML."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el módulo Frontend Taglib en Liferay Portal versiones 7.3.2 hasta 7.4.3.16, y Liferay DXP versiones 7.3 anteriores a update 6, y versiones 7.4 anteriores a 17, permite a atacantes remotos inyectar script web o HTML arbitrarios"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-12T17:58:40.075450Z","id":"CVE-2022-42117","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3","matchCriteriaId":"5C0B6536-11D4-48A1-8EC8-FCDFFFD07540"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:*:*:*:*:*:*:*","matchCriteriaId":"D7FEE38F-02E9-4801-9030-DFC4223C0E60"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp3:*:*:*:*:*:*","matchCriteriaId":"1CF5B84B-1719-4581-8474-C55CEFFD8305"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga1:*:*:*:*:*:*","matchCriteriaId":"186D21EA-CD15-4F50-B129-6EF8DCB4FE50"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndIncluding":"7.4.3.16","matchCriteriaId":"3E947128-538F-48C9-98F4-339C0760C6FC"}]}]}],"references":[{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42117","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-33077","sourceIdentifier":"cve@mitre.org","published":"2022-10-19T02:15:08.903","lastModified":"2026-07-09T01:17:32.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint."},{"lang":"es","value":"Un problema de control de acceso en nopcommerce versión v4.50.2, permite a atacantes modificar arbitrariamente la dirección de cualquier cliente por medio del endpoint addressedit"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T14:26:50.880796Z","id":"CVE-2022-33077","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nopcommerce:nopcommerce:*:*:*:*:*:*:*:*","versionEndIncluding":"4.50.2","matchCriteriaId":"6BF31E7C-D5C7-4192-BF6F-E02354EB3041"}]}]}],"references":[{"url":"https://medium.com/@rohan_pagey/cve-2022-33077-idor-to-change-address-of-any-customer-via-parameter-pollution-in-nopcommerce-4-5-2fa4bc763cc6","source":"cve@mitre.org"},{"url":"https://medium.com/%40rohan_pagey/cve-2022-33077-idor-to-change-address-of-any-customer-via-parameter-pollution-in-nopcommerce-4-5-2fa4bc763cc6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://medium.com/%40rohan_pagey/cve-2022-33077-idor-to-change-address-of-any-customer-via-parameter-pollution-in-nopcommerce-4-5-2fa4bc763cc6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2022-38901","sourceIdentifier":"cve@mitre.org","published":"2022-10-19T02:15:09.000","lastModified":"2026-07-09T01:17:42.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Document and Media module - file upload functionality in Liferay Digital Experience Platform 7.3.10 SP3 allows remote attackers to inject arbitrary JS script or HTML into the description field of uploaded svg file."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross-site scripting (XSS) en el módulo Document and Media - funcionalidad de descarga de archivos en Liferay Digital Experience Platform versión 7.3.10 SP3, permite a atacantes remotos inyectar scripts JS o HTML arbitrarias en el campo description del archivo svg descargado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T14:19:08.807251Z","id":"CVE-2022-38901","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.3","matchCriteriaId":"4A46C2D9-63F5-41D7-A804-8B82093B805A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_1:*:*:*:*:*:*","matchCriteriaId":"46AF397F-A95C-4FAD-A6EA-CB623B7A262A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_10:*:*:*:*:*:*","matchCriteriaId":"3B8C3B3F-1BBB-47A5-A789-B207B6346FFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_11:*:*:*:*:*:*","matchCriteriaId":"AD5D1171-954A-4E75-813D-E8392CFE4029"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_12:*:*:*:*:*:*","matchCriteriaId":"F148098A-D867-4C8B-9632-6B7F24D50C30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_13:*:*:*:*:*:*","matchCriteriaId":"8A112ED2-27C2-45E3-8FA0-6043F7D3BEED"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_14:*:*:*:*:*:*","matchCriteriaId":"0744AC04-9663-4DA1-9657-EC5BF0C68499"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_15:*:*:*:*:*:*","matchCriteriaId":"5703FE2B-011A-4A40-AB67-B989438F2183"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_16:*:*:*:*:*:*","matchCriteriaId":"41A54448-B1AB-4E92-8523-5D4A46A83533"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_17:*:*:*:*:*:*","matchCriteriaId":"A96A2A4A-3EB3-4074-A846-EC6EECC04B43"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_18:*:*:*:*:*:*","matchCriteriaId":"56DAE678-10B9-419D-9F5D-96E3AC3A6E4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_19:*:*:*:*:*:*","matchCriteriaId":"064F4C28-B1F5-44C2-91AA-A09FD56EC0B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_2:*:*:*:*:*:*","matchCriteriaId":"C2C2351E-BDEE-4A79-A00C-6520B54996EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_20:*:*:*:*:*:*","matchCriteriaId":"814D0CE3-B89F-423C-B1E3-47BD0A474491"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_21:*:*:*:*:*:*","matchCriteriaId":"58DB7C5A-B4E3-410A-B491-3F322B340BDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_22:*:*:*:*:*:*","matchCriteriaId":"86B581B6-02B0-40B9-BB5C-E28FC51042DB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_23:*:*:*:*:*:*","matchCriteriaId":"E7EFBC14-6785-4435-BA96-D77A857BC1C8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_24:*:*:*:*:*:*","matchCriteriaId":"585635F8-53DC-4F64-BF6B-C6F72A5F4D29"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_25:*:*:*:*:*:*","matchCriteriaId":"355DD7FC-E9C7-43D6-8313-0474AB314F18"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_26:*:*:*:*:*:*","matchCriteriaId":"B0FDE8B1-444A-4FEB-AC97-4B29C914EB8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_27:*:*:*:*:*:*","matchCriteriaId":"683D063A-0E32-4E2D-8CBF-A57F45071F6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_28:*:*:*:*:*:*","matchCriteriaId":"7DFEBCAB-1D9B-4BED-A2C6-11BA863F1EE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_3:*:*:*:*:*:*","matchCriteriaId":"25F5C3E9-CBB0-4114-91A4-41F0E666026A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_4:*:*:*:*:*:*","matchCriteriaId":"5E2B5687-B311-460E-A562-D754AF271F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_5:*:*:*:*:*:*","matchCriteriaId":"B49D0CB9-8ED7-46AB-9BA5-7235A2CD9117"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_6:*:*:*:*:*:*","matchCriteriaId":"DF169364-096C-4294-B89F-C07AF1DCC9C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_7:*:*:*:*:*:*","matchCriteriaId":"30CB2C54-1A20-4226-ACC6-AC8131899AE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_8:*:*:*:*:*:*","matchCriteriaId":"65693260-5B0F-47AA-BF08-D2979997A40A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:update_9:*:*:*:*:*:*","matchCriteriaId":"C9116909-04C3-4040-B945-4A6225425520"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.5","versionEndIncluding":"7.4.3.28","matchCriteriaId":"C0FF0E3A-B8C0-4867-9702-86F17ED4555A"}]}]}],"references":[{"url":"https://drive.proton.me/urls/D27RQ14NGW#b71d8XrBl2Mu","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.offensity.com/en/blog/authenticated-persistent-xss-in-liferay-dxp-cms-cve-2022-38901-and-cve-2022-38902/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.proton.me/urls/D27RQ14NGW#b71d8XrBl2Mu","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.offensity.com/en/blog/authenticated-persistent-xss-in-liferay-dxp-cms-cve-2022-38901-and-cve-2022-38902/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-41415","sourceIdentifier":"cve@mitre.org","published":"2022-10-19T12:15:10.283","lastModified":"2026-07-09T01:17:45.840","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable."},{"lang":"es","value":"Se ha detectado que Acer Altos W2000h-W570h F4 versión R01.03.0018, contiene un desbordamiento de pila en el componente RevserveMem. Esta vulnerabilidad permite a atacantes causar una Denegación de Servicio (DoS) por medio de una inyección de shellcode diseñado en la variable NVRAM"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T20:20:35.872816Z","id":"CVE-2022-41415","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:acer:altos_w2000h-w570h_f4_firmware:r01.03.0018:*:*:*:*:*:*:*","matchCriteriaId":"8808CB5F-9E59-41AE-8BE2-76520F488EEA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:acer:altos_w2000h-w570h_f4:-:*:*:*:*:*:*:*","matchCriteriaId":"65CA62DE-A740-4970-B601-6FE7B051A85A"}]}]}],"references":[{"url":"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-41415/CVE-2022-41415.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-33231","sourceIdentifier":"cve@mitre.org","published":"2022-10-20T11:15:10.123","lastModified":"2026-07-09T01:16:54.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in New equipment page in EasyVista Service Manager 2018.1.181.1 allows remote attackers to run arbitrary code via the notes field."},{"lang":"es","value":"Una vulnerabilidad de tipo Cross Site Scripting (XSS) en la página New equipment en EasyVista Service Manager versión 2018.1.181.1, permite a atacantes remotos ejecutar código arbitrario por medio del campo de notas"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T18:03:38.274205Z","id":"CVE-2021-33231","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:easyvista:service_manager:2018.1.181.1:*:*:*:*:*:*:*","matchCriteriaId":"C0B45F92-CFE3-41A5-924E-761B05AEC872"}]}]}],"references":[{"url":"https://armysick.github.io/cve-2021-33231/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://armysick.github.io/cve-2021-33231/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31366","sourceIdentifier":"cve@mitre.org","published":"2022-10-20T12:15:09.677","lastModified":"2026-07-09T01:17:30.327","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the apiImportLabs function in api_labs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file."},{"lang":"es","value":"Una vulnerabilidad de descarga de archivos arbitraria en la función apiImportLabs en el archivo api_labs.php de la EVE-NG versión 2.0.3-112 Community, permite a atacantes ejecutar código arbitrario por medio de un archivo UNL diseñado"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T15:55:47.866448Z","id":"CVE-2022-31366","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eve-ng:eve-ng:2.0.3-112:*:*:*:community:*:*:*","matchCriteriaId":"35D5A27B-925A-44FF-916F-7BCA493E56BE"}]}]}],"references":[{"url":"https://erpaciocco.github.io/2022/eve-ng-rce/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://erpaciocco.github.io/2022/eve-ng-rce/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38580","sourceIdentifier":"cve@mitre.org","published":"2022-10-25T17:15:55.730","lastModified":"2026-07-09T01:17:40.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zalando Skipper v0.13.236 is vulnerable to Server-Side Request Forgery (SSRF)."},{"lang":"es","value":"Zalando Skipper versión v0.13.236, es vulnerable a un ataque de tipo Server-Side Request Forgery (SSRF)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-07T14:23:09.483594Z","id":"CVE-2022-38580","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zalando:skipper:*:*:*:*:*:*:*:*","versionEndExcluding":"0.13.237","matchCriteriaId":"A001BDFA-CC7D-4D1C-B88D-8EFCD6BDDD6C"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/171546/X-Skipper-Proxy-0.13.237-Server-Side-Request-Forgery.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/Fadavvi/9fffcfa4aaa9e25b77cfe7b3044b2857#file-cve-2022-38580","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://pastebin.com/dXxpgPAK","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/171546/X-Skipper-Proxy-0.13.237-Server-Side-Request-Forgery.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://gist.github.com/Fadavvi/9fffcfa4aaa9e25b77cfe7b3044b2857#file-cve-2022-38580","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://pastebin.com/dXxpgPAK","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42992","sourceIdentifier":"cve@mitre.org","published":"2022-10-27T12:15:10.530","lastModified":"2026-07-09T01:17:50.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple stored cross-site scripting (XSS) vulnerabilities in Train Scheduler App v1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Train Code, Train Name, and Destination text fields."},{"lang":"es","value":"Múltiples vulnerabilidades de Stored Cross-Site Scripting (XSS) en la aplicación Train Scheduler v1.0 permiten a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en los campos de texto Train Code, Train Name y Destination."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-07T13:24:48.627646Z","id":"CVE-2022-42992","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:train_scheduler_app_project:train_scheduler_app:1.0:*:*:*:*:*:*:*","matchCriteriaId":"58024D4D-EEF5-4BC1-81C7-61DB51856B2A"}]}]}],"references":[{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Train%20Scheduler%20App/XSS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Train%20Scheduler%20App/XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42991","sourceIdentifier":"cve@mitre.org","published":"2022-10-27T14:15:13.343","lastModified":"2026-07-09T01:17:50.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in Simple Online Public Access Catalog v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Account Full Name field."},{"lang":"es","value":"Una vulnerabilidad de Stored Cross-Site Scripting (XSS) en Simple Online Public Access Catalog v1.0 permite a los atacantes ejecutar scripts web o HTML de su elección a través de un payload inyectado en el campo Edit Account Full Name."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-07T13:26:19.423498Z","id":"CVE-2022-42991","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_online_public_access_catalog_project:simple_online_public_access_catalog:1.0:*:*:*:*:*:*:*","matchCriteriaId":"F22024FB-9FD8-411E-8426-D71A67335D38"}]}]}],"references":[{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Public%20Access%20Catalog/XSS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Simple%20Online%20Public%20Access%20Catalog/XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42993","sourceIdentifier":"cve@mitre.org","published":"2022-10-27T14:15:13.633","lastModified":"2026-07-09T01:17:51.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Password Storage Application v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Setup page."},{"lang":"es","value":"Se descubrió que Password Storage Application v1.0 contiene una vulnerabilidad de Cross-Site Scripting  (XSS) a través de la página de Setup."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-12T19:53:53.462965Z","id":"CVE-2022-42993","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:password_storage_application_project:password_storage_application:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3464F336-1753-45A4-9A36-2C6AE8CA8C4D"}]}]}],"references":[{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Password%20Storage%20Application/XSS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/draco1725/POC/blob/main/Exploit/Password%20Storage%20Application/XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-43340","sourceIdentifier":"cve@mitre.org","published":"2022-10-27T20:15:34.503","lastModified":"2026-07-09T01:17:53.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Request Forgery (CSRF) in dzzoffice 2.02.1_SC_UTF8 allows attackers to arbitrarily create user accounts and grant Administrator rights to regular users."},{"lang":"es","value":"Una Cross-Site Request Forgery (CSRF) en dzzoffice 2.02.1_SC_UTF8 permite a los atacantes crear cuentas de usuario de forma arbitraria y otorgar derechos de Administrador a usuarios normales."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-12T19:51:48.216615Z","id":"CVE-2022-43340","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dzzoffice:dzzoffice:2.02.1:*:*:*:*:*:*:*","matchCriteriaId":"0ECA901D-850D-468C-B516-01F29417313D"}]}]}],"references":[{"url":"https://github.com/zyx0814/dzzoffice","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/zyx0814/dzzoffice/issues/223","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/zyx0814/dzzoffice","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/zyx0814/dzzoffice/issues/223","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40487","sourceIdentifier":"cve@mitre.org","published":"2022-10-31T12:15:10.250","lastModified":"2026-07-09T01:17:44.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ProcessWire v3.0.200 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Search Users and Search Pages function. These vulnerabilities allow attackers to execute arbitrary web scripts or HTML via injection of a crafted payload."},{"lang":"es","value":"Se descubrió que ProcessWire v3.0.200 contiene múltiples vulnerabilidades de Cross-Site Scripting (XSS) a través de la función Buscar Usuarios y Páginas de Búsqueda. Estas vulnerabilidades permiten a los atacantes ejecutar scripts web o HTML arbitrarios mediante la inyección de un payload manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-06T15:53:06.697890Z","id":"CVE-2022-40487","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:processwire:processwire:3.0.200:*:*:*:*:*:*:*","matchCriteriaId":"AF3EE3C8-A566-44FF-9D8E-D645FEEB9C73"}]}]}],"references":[{"url":"https://gist.github.com/filipaze/32ab8683af8d82827028164e361b6e86","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://gist.github.com/filipaze/32ab8683af8d82827028164e361b6e86","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40488","sourceIdentifier":"cve@mitre.org","published":"2022-10-31T12:15:10.307","lastModified":"2026-07-09T01:17:44.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Forgery (CSRF)."},{"lang":"es","value":"Se descubrió que ProcessWire v3.0.200 contenía Cross-Site Request Forgery (CSRF).\n"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-06T18:23:05.116343Z","id":"CVE-2022-40488","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:processwire:processwire:3.0.200:*:*:*:*:*:*:*","matchCriteriaId":"AF3EE3C8-A566-44FF-9D8E-D645FEEB9C73"}]}]}],"references":[{"url":"https://gist.github.com/filipaze/76138289ded98aa45dfcd939a8afd331","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://gist.github.com/filipaze/76138289ded98aa45dfcd939a8afd331","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40839","sourceIdentifier":"cve@mitre.org","published":"2022-11-01T17:15:12.367","lastModified":"2026-07-09T01:17:45.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el parámetro alto y ancho en NdkAdvancedCustomizationFields v3.5.0 permite a atacantes no autenticados filtrar datos de la base de datos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-06T15:10:11.940539Z","id":"CVE-2022-40839","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ndk-design:ndkadvancedcustomizationfields:3.5.0:*:*:*:*:prestashop:*:*","matchCriteriaId":"CA9485A7-4D49-4732-9457-6EFD15C16D83"}]}]}],"references":[{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40840","sourceIdentifier":"cve@mitre.org","published":"2022-11-02T13:15:19.397","lastModified":"2026-07-09T01:17:45.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via createPdf.php."},{"lang":"es","value":"ndk design NdkAdvancedCustomizationFields 3.5.0 es vulnerable a Cross Site Scripting (XSS) a través de createPdf.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-02T20:56:08.756531Z","id":"CVE-2022-40840","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ndk-design:ndkadvancedcustomizationfields:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"3.5.0","matchCriteriaId":"73B18D52-9A29-4789-879A-099001F3D206"}]}]}],"references":[{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40840/poc.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40840/poc.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-43321","sourceIdentifier":"cve@mitre.org","published":"2022-11-09T14:15:17.047","lastModified":"2026-07-09T01:17:51.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Shopwind v3.4.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the component /common/library/Page.php."},{"lang":"es","value":"Se descubrió que Shopwind v3.4.3 contenía una vulnerabilidad de Cross-Site Scripting (XSS) Reflejada en el componente /common/library/Page.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-01T15:16:22.476760Z","id":"CVE-2022-43321","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shopwind:shopwind:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"287479F6-8F05-42E8-BBF6-5754432C9924"}]}]}],"references":[{"url":"https://github.com/shopwind/yii-shopwind/issues/1","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/shopwind/yii-shopwind/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44087","sourceIdentifier":"cve@mitre.org","published":"2022-11-10T15:15:20.017","lastModified":"2026-07-09T01:17:53.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT."},{"lang":"es","value":"Se descubrió que ESPCMS P8.21120101 contenía una vulnerabilidad de ejecución remota de código (RCE) en el componente UPFILE_PIC_ZOOM_HIGHT."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-01T13:42:15.502806Z","id":"CVE-2022-44087","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ecisp:espcms:p8.21120101:*:*:*:*:*:*:*","matchCriteriaId":"16DECF92-C687-40D1-BAFB-AB7AE692BEF4"}]}]}],"references":[{"url":"https://gitee.com/earclink/espcms/issues/I5WSA0","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gitee.com/earclink/espcms/issues/I5WSA0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44088","sourceIdentifier":"cve@mitre.org","published":"2022-11-10T15:15:20.163","lastModified":"2026-07-09T01:17:54.297","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION."},{"lang":"es","value":"Se descubrió que ESPCMS P8.21120101 contenía una vulnerabilidad de ejecución remota de código (RCE) en el componente INPUT_ISDESCRIPTION."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-01T14:06:55.252679Z","id":"CVE-2022-44088","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ecisp:espcms:p8.21120101:*:*:*:*:*:*:*","matchCriteriaId":"16DECF92-C687-40D1-BAFB-AB7AE692BEF4"}]}]}],"references":[{"url":"https://gitee.com/earclink/espcms/issues/I5WSND","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gitee.com/earclink/espcms/issues/I5WSND","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44089","sourceIdentifier":"cve@mitre.org","published":"2022-11-10T15:15:20.273","lastModified":"2026-07-09T01:17:54.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE."},{"lang":"es","value":"Se descubrió que ESPCMS P8.21120101 contenía una vulnerabilidad de ejecución remota de código (RCE) en el componente IS_GETCACHE."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-01T14:03:15.978771Z","id":"CVE-2022-44089","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ecisp:espcms:p8.21120101:*:*:*:*:*:*:*","matchCriteriaId":"16DECF92-C687-40D1-BAFB-AB7AE692BEF4"}]}]}],"references":[{"url":"https://gitee.com/earclink/espcms/issues/I5WSQ1","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gitee.com/earclink/espcms/issues/I5WSQ1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42118","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:12.410","lastModified":"2026-07-09T01:17:47.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in the Portal Search module in Liferay Portal 7.1.0 through 7.4.2, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 15, and 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the `tag` parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) en el módulo Portal Search en Liferay Portal 7.1.0 hasta 7.4.2 y Liferay DXP 7.1 antes del fix pack 27, 7.2 antes del fix pack 15 y 7.3 antes del service pack 3 permite a atacantes remotos inyectar script web o HTML arbitrario a través del parámetro \"etiqueta\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:37:48.681471Z","id":"CVE-2022-42118","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndIncluding":"7.4.2","matchCriteriaId":"201470D2-65E1-40D7-B01B-35A03930BEEA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17342","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42118","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17342","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42118","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42119","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:12.587","lastModified":"2026-07-09T01:17:47.620","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain Liferay products are vulnerable to Cross Site Scripting (XSS) via the Commerce module. This affects Liferay Portal 7.3.5 through 7.4.2 and Liferay DXP 7.3 before update 8."},{"lang":"es","value":"Ciertos productos de Liferay son vulnerables a Cross Site Scripting (XSS) a través del módulo Commerce. Esto afecta a Liferay Portal 7.3.5 hasta 7.4.2 y Liferay DXP 7.3 antes de la actualización 8."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:36:15.407420Z","id":"CVE-2022-42119","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.5","versionEndIncluding":"7.4.2","matchCriteriaId":"1A81CC5D-37E3-410F-9FD6-7DC84AB286CC"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_1:*:*:*:*:*:*","matchCriteriaId":"D60CDAA3-6029-4904-9D08-BB221BCFD7C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_2:*:*:*:*:*:*","matchCriteriaId":"B66F47E9-3D82-497E-BD84-E47A65FAF8C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_3:*:*:*:*:*:*","matchCriteriaId":"A0BA4856-59DF-427C-959F-3B836314F5D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_4:*:*:*:*:*:*","matchCriteriaId":"F3A5ADE1-4743-4A78-9FCC-CEB857012A5B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_5:*:*:*:*:*:*","matchCriteriaId":"2B420A18-5C8B-470F-9189-C84F8DAA74D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_6:*:*:*:*:*:*","matchCriteriaId":"A7A399C4-6D4B-438C-9BAE-2893E457028A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:update_7:*:*:*:*:*:*","matchCriteriaId":"0CBACD88-B4F8-4496-9706-C666768AC9B9"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17632","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42119","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17632","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42119","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42120","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:12.733","lastModified":"2026-07-09T01:17:47.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in the Fragment module in Liferay Portal 7.3.3 through 7.4.3.16, and Liferay DXP 7.3 before update 4, and 7.4 before update 17 allows attackers to execute arbitrary SQL commands via a PortletPreferences' `namespace` attribute."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el módulo Fragment en Liferay Portal 7.3.3 a 7.4.3.16, y Liferay DXP 7.3 antes de la actualización 4, y 7.4 antes de la actualización 17 permite a los atacantes ejecutar comandos SQL arbitrarios a través del atributo `namespace` de PortletPreferences."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-09-05T17:26:30.427915Z","id":"CVE-2022-42120","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:-:*:*:*:*:*:*","matchCriteriaId":"ADB5F13C-EE1E-4448-8FCF-5966F6874440"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.3","versionEndIncluding":"7.4.3.16","matchCriteriaId":"E0A4BD58-ACF2-416E-A1B1-447DDD001B54"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17513","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42120","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17513","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42120","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42121","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:12.843","lastModified":"2026-07-09T01:17:48.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in the Layout module in Liferay Portal 7.1.3 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before service pack 3, and 7.4 GA allows remote authenticated attackers to execute arbitrary SQL commands via a crafted payload injected into a page template's 'Name' field."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el módulo Layout en Liferay Portal 7.1.3 hasta 7.4.3.4, y Liferay DXP 7.1 anterior al fix pack 27, 7.2 anterior al fix pack 17, 7.3 anterior al service pack 3 y 7.4 GA permite a atacantes remotos autenticados ejecutar arbitrariamente Comandos SQL a través de un payload manipulado inyectado en el campo 'Nombre' de una plantilla de página."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T15:01:37.304427Z","id":"CVE-2022-42121","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.3","versionEndIncluding":"7.4.3.4","matchCriteriaId":"612C5E92-82FF-4C86-A9A4-BC4825033753"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:-:*:*:*:*:*:*","matchCriteriaId":"21C55D41-DB66-494D-BEEB-BDAC7CB4B31B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp1:*:*:*:*:*:*","matchCriteriaId":"9D75A0FF-BAEA-471A-87B2-8EC2A9F0A6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:sp2:*:*:*:*:*:*","matchCriteriaId":"D86CDCC0-9655-477B-83FA-ADDBB5AF43A2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.4:ga1:*:*:*:*:*:*","matchCriteriaId":"186D21EA-CD15-4F50-B129-6EF8DCB4FE50"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndIncluding":"7.4.2","matchCriteriaId":"201470D2-65E1-40D7-B01B-35A03930BEEA"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17414","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42121","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17414","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42121","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42122","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:12.960","lastModified":"2026-07-09T01:17:48.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in the Friendly Url module in Liferay Portal 7.3.7, and Liferay DXP 7.3 fix pack 2 through update 4 allows attackers to execute arbitrary SQL commands via a crafted payload injected into the `title` field of a friendly URL."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en el módulo URL Amigable en Liferay Portal 7.3.7 y Liferay DXP 7.3 fixpack 2 hasta la actualización 4 permite a los atacantes ejecutar comandos SQL arbitrarios a través de un payload manipulado inyectado en el campo \"título\" de una URL amigable."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:59:30.443367Z","id":"CVE-2022-42122","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:dxp:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"50EA838E-E234-4EE1-8193-5FAD0E093940"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:7.3.7:*:*:*:*:*:*:*","matchCriteriaId":"174B6D58-FBEA-4D06-8FBA-DE08B0DC6111"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17520","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42122","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17520","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42122","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42123","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.053","lastModified":"2026-07-09T01:17:48.490","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Zip slip vulnerability in the Elasticsearch Connector in Liferay Portal 7.3.3 through 7.4.3.18, and Liferay DXP 7.3 before update 6, and 7.4 before update 19 allows attackers to create or overwrite existing files on the filesystem via the installation of a malicious Elasticsearch Sidecar plugin."},{"lang":"es","value":"Una vulnerabilidad Zip slip en Elasticsearch Connector en Liferay Portal 7.3.3 a 7.4.3.18, y Liferay DXP 7.3 antes de la actualización 6 y 7.4 antes de la actualización 19 permite a los atacantes crear o sobrescribir archivos existentes en el sistema de archivos mediante la instalación maliciosa del complemento Elasticsearch Sidecar."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:56:31.664670Z","id":"CVE-2022-42123","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.3","versionEndExcluding":"7.4.3.19","matchCriteriaId":"AF1ADF5F-68DA-47D9-A6D9-16F8207525BB"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17518","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42123","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17518","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42123","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42124","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.123","lastModified":"2026-07-09T01:17:48.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ReDoS vulnerability in LayoutPageTemplateEntryUpgradeProcess in Liferay Portal 7.3.2 through 7.4.3.4 and Liferay DXP 7.2 fix pack 9 through fix pack 18, 7.3 before update 4, and DXP 7.4 GA allows remote attackers to consume an excessive amount of server resources via a crafted payload injected into the 'name' field of a layout prototype."},{"lang":"es","value":"Vulnerabilidad ReDoS en LayoutPageTemplateEntryUpgradeProcess en Liferay Portal 7.3.2 hasta 7.4.3.4 y Liferay DXP 7.2 fix pack 9 hasta fix pack 18, 7.3 antes de la actualización 4 y DXP 7.4 GA permite a atacantes remotos consumir una cantidad excesiva de recursos del servidor a través de un payload manipulado inyectado en el campo 'nombre' de un prototipo de diseño."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:49:41.775208Z","id":"CVE-2022-42124","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1333"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndExcluding":"7.4.3.5","matchCriteriaId":"C01C7D38-BC12-4921-ADE6-799945887D66"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17435","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17535","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42124","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17435","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17535","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42124","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42125","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.200","lastModified":"2026-07-09T01:17:48.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zip slip vulnerability in FileUtil.unzip in Liferay Portal 7.4.3.5 through 7.4.3.35 and Liferay DXP 7.4 update 1 through update 34 allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module."},{"lang":"es","value":"Vulnerabilidad de deslizamiento de zip en FileUtil.unzip en Liferay Portal 7.4.3.5 hasta 7.4.3.35 y Liferay DXP 7.4 actualización 1 hasta la actualización 34 permite a los atacantes crear o sobrescribir archivos existentes en el sistema de archivos mediante la implementación de un complemento/módulo malicioso."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:33:53.467507Z","id":"CVE-2022-42125","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*","matchCriteriaId":"8B1B2384-764F-43CC-8206-36DCBE9DDCBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:update34:*:*:*:*:*:*","matchCriteriaId":"9D07DB20-9DCF-4C05-99D2-F6B37A082C14"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.5","versionEndExcluding":"7.4.3.36","matchCriteriaId":"C8D5371D-B65B-4EBC-A6D5-823AD1EB3EE5"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17517","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42125","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17517","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42125","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42126","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.267","lastModified":"2026-07-09T01:17:49.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI."},{"lang":"es","value":"El módulo Asset Libraries en Liferay Portal 7.3.5 a 7.4.3.28, y Liferay DXP 7.3 antes de la actualización 8, y DXP 7.4 antes de la actualización 29 no verifica correctamente los permisos de las librerías de activos, lo que permite a los usuarios remotos autenticados ver las librerías de activos a través de la interfaz de usuario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:31:00.415150Z","id":"CVE-2022-42126","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*","matchCriteriaId":"8B1B2384-764F-43CC-8206-36DCBE9DDCBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.5","versionEndExcluding":"7.4.3.29","matchCriteriaId":"7B67012C-9345-40B8-9FB4-CF7AF5116420"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17593","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42126","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17593","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42126","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42127","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.347","lastModified":"2026-07-09T01:17:49.207","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page."},{"lang":"es","value":"El módulo URL Amigables en Liferay Portal v7.4.3.5 a 7.4.3.36 y Liferay DXP 7.4 actualizaciones 1 a 36 no verifica adecuadamente los permisos de usuario, lo que permite a atacantes remotos obtener el historial de todas las URL amigables que se asignaron a una página."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:27:47.922498Z","id":"CVE-2022-42127","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:update1:*:*:*:*:*:*","matchCriteriaId":"8B1B2384-764F-43CC-8206-36DCBE9DDCBF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:update36:*:*:*:*:*:*","matchCriteriaId":"1AB71307-7EAA-436A-9CBC-5A94F034FB48"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.3.5","versionEndExcluding":"7.4.3.37","matchCriteriaId":"AE688932-9AFE-4F7C-9856-22E315265C1F"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17607","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42127","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17607","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42127","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42128","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T01:15:13.430","lastModified":"2026-07-09T01:17:49.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API."},{"lang":"es","value":"El módulo Hypermedia REST APIs en Liferay Portal v7.4.1 a 7.4.3.4 y Liferay DXP 7.4 GA no comprueba correctamente los permisos, lo que permite a atacantes remotos obtener un objeto WikiNode a través de la API WikiNodeResource.getSiteWikiNodeByExternalReferenceCode."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:26:08.261907Z","id":"CVE-2022-42128","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.3.5","matchCriteriaId":"ADEC0D76-B15D-4F90-BE93-DF2575A159ED"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17595","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42128","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17595","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42128","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42129","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T02:15:11.590","lastModified":"2026-07-09T01:17:49.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Insecure direct object reference (IDOR) vulnerability in the Dynamic Data Mapping module in Liferay Portal 7.3.2 through 7.4.3.4, and Liferay DXP 7.3 before update 4, and 7.4 GA allows remote authenticated users to view and access form entries via the `formInstanceRecordId` parameter."},{"lang":"es","value":"Una vulnerabilidad de Insecure Direct Object Reference (IDOR) en el módulo Dynamic Data Mapping en Liferay Portal 7.3.2 hasta 7.4.3.4, y Liferay DXP 7.3 antes de la actualización 4, y 7.4 GA permite a usuarios remotos autenticados ver y acceder a entradas de formulario a través del parámetro `formInstanceRecordId`."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T18:27:45.755450Z","id":"CVE-2022-42129","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.2","versionEndExcluding":"7.4.3.5","matchCriteriaId":"C01C7D38-BC12-4921-ADE6-799945887D66"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17448","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42129","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17448","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42129","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42130","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T02:15:11.873","lastModified":"2026-07-09T01:17:49.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.4.3.4, and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 19, 7.3 before update 4, and 7.4 GA does not properly check permission of form entries, which allows remote authenticated users to view and access all form entries."},{"lang":"es","value":"El módulo Dynamic Data Mapping en Liferay Portal 7.1.0 a 7.4.3.4 y Liferay DXP 7.1 antes del fixpack 27, 7.2 antes del fixpack 19, 7.3 antes de la actualización 4 y 7.4 GA no comprueba correctamente el permiso de las entradas del formulario, lo que permite usuarios remotos autenticados para ver y acceder a todas las entradas del formulario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T18:26:36.604166Z","id":"CVE-2022-42130","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"B883C27E-3C14-4686-A0E8-8969B4246CDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.4.3.5","matchCriteriaId":"F52D52E3-9D1D-4CF7-84B8-6EFEF2F05434"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17447","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42130","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17447","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42130","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42131","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T02:15:12.087","lastModified":"2026-07-09T01:17:49.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain Liferay products are affected by: Missing SSL Certificate Validation in the Dynamic Data Mapping module's REST data providers. This affects Liferay Portal 7.1.0 through 7.4.2 and Liferay DXP 7.1 before fix pack 27, 7.2 before fix pack 17, and 7.3 before service pack 3."},{"lang":"es","value":"Ciertos productos de Liferay se ven afectados por: Falta de Validación de Certificado SSL en los proveedores de datos REST del módulo Dynamic Data Mapping. Esto afecta a Liferay Portal 7.1.0 a 7.4.2 y Liferay DXP 7.1 antes del fix pack 27, 7.2 antes del fix pack 17 y 7.3 antes del service pack 3."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:21:43.595376Z","id":"CVE-2022-42131","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"B883C27E-3C14-4686-A0E8-8969B4246CDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"324BB977-5AAC-4367-98FC-605FF4997B3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.4.3.4","matchCriteriaId":"71B2CB88-0B25-4CFC-A223-B740E2847FD3"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17377","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42131","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17377","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42131","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42132","sourceIdentifier":"cve@mitre.org","published":"2022-11-15T02:15:12.240","lastModified":"2026-07-09T01:17:50.080","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Test LDAP Users functionality in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay DXP 7.0 fix pack 102 and earlier, 7.1 before fix pack 27, 7.2 before fix pack 17, 7.3 before update 4, and DXP 7.4 GA includes the LDAP credential in the page URL when paginating through the list of users, which allows man-in-the-middle attackers or attackers with access to the request logs to see the LDAP credential."},{"lang":"es","value":"La funcionalidad Probar usuarios de LDAP en Liferay Portal 7.0.0 a 7.4.3.4, y Liferay DXP 7.0 fixpack 102 y anteriores, 7.1 antes del fixpack 27, 7.2 antes del fixpack 17, 7.3 antes de la actualización 4 y DXP 7.4 GA incluye LDAP credencial en la URL de la página al paginar a través de la lista de usuarios, lo que permite a los atacantes intermediarios o a los atacantes con acceso a los registros de solicitudes ver la credencial LDAP."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-30T14:17:39.915258Z","id":"CVE-2022-42132","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:-:*:*:*:*:*:*","matchCriteriaId":"4614C87F-F39C-4ADD-A7A2-4A498612AD38"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"6F20D93D-7FB2-4D5F-9249-4DECDE473C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"CF0821E5-B6E5-44E6-9CF7-77EAE982F677"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_100:*:*:*:*:*:*","matchCriteriaId":"8C9B7CF8-5553-47B6-BB57-0429D78AE301"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"1B24B6A1-8439-49D6-8E78-193144F3DCC3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"7E82A6CC-891C-4619-84EA-0DA96E4043C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"70E12054-0DEE-4B92-B8F6-7DC4B2461113"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"3B566A51-3EFC-4A08-8A4F-A9AA43FBE481"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"FE1A8781-6B16-4D37-B556-36B99CBCA9F9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"3EE11B43-1629-4A22-BE88-0AFB2DFC528C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"10FC6F33-C031-40A4-AFAF-B5CF30F79E52"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"99B99578-CACE-47D2-9C1E-A7BBD2B6F6EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"950D98A8-88EE-4C99-817B-C418071B2819"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"F86FF50F-B21A-4B6E-88B8-90D0C042E942"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"CE0E1891-6E76-4069-B412-43B5E5379E0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"404F5FFE-2758-452F-9297-40E0533C6FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"3F5B7E72-8D62-464A-AA82-CBE2625C7687"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"4FA67C68-3E8E-4383-967F-A1FA55AE4897"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"F220793A-FDAC-48C6-B299-39EB3BC077A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"F095A9E1-5FE1-46C4-B0E1-97F8767439D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"DFD748DD-6FDB-44CD-96BF-026D18CE4207"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_27:*:*:*:*:*:*","matchCriteriaId":"0A34F2EA-D0F7-4C9B-BFE6-DA334DFD0EDD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_28:*:*:*:*:*:*","matchCriteriaId":"4B3C2426-7617-4535-B86A-7F9BA45DFD0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_29:*:*:*:*:*:*","matchCriteriaId":"88A5CBCE-2BAE-44C7-A7BF-BC30C89839BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"CA6B2500-42E4-4F87-8B93-2F7399B4F611"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_30:*:*:*:*:*:*","matchCriteriaId":"28955834-8E02-4558-ABD3-4958DBB41423"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_31:*:*:*:*:*:*","matchCriteriaId":"89B4F926-5018-4C50-9569-A92BEA6364A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_32:*:*:*:*:*:*","matchCriteriaId":"863C4DBB-9BA2-4A13-8394-08AC500D552A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_33:*:*:*:*:*:*","matchCriteriaId":"C4206C84-C4BD-4363-A4CA-EE229CE06319"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_34:*:*:*:*:*:*","matchCriteriaId":"54CA9915-54C2-4E7F-85AF-781CA0A63A9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_35:*:*:*:*:*:*","matchCriteriaId":"4F644864-1056-4A0C-ADD7-A1992A0AC07D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_36:*:*:*:*:*:*","matchCriteriaId":"91E9BAE9-CD40-4353-95DB-7D9ADC338F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_37:*:*:*:*:*:*","matchCriteriaId":"C2A29CA0-66CB-4ED9-87B3-57A1C04F59F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_38:*:*:*:*:*:*","matchCriteriaId":"2BFC882E-25C2-46A3-A0DA-A779399A3A30"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_39:*:*:*:*:*:*","matchCriteriaId":"661E68A2-B365-4962-87CF-CE17A500889F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"D4094372-E950-4DE0-86D2-CE7F214FD3A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_40:*:*:*:*:*:*","matchCriteriaId":"A5D28279-002A-4BC7-9396-E47FC842D7AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_41:*:*:*:*:*:*","matchCriteriaId":"C700ED72-4626-48A0-B1BB-E0A7C12D454F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_42:*:*:*:*:*:*","matchCriteriaId":"8F473DF1-F70D-4EDB-A011-C8D1C6A21659"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_43:*:*:*:*:*:*","matchCriteriaId":"C2351EAC-F6AD-4611-B9BD-39C4DFE85B5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_44:*:*:*:*:*:*","matchCriteriaId":"357845C1-3834-465A-B9CA-F9C604AA8242"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_45:*:*:*:*:*:*","matchCriteriaId":"DD35964D-4156-45B8-A0AB-282DA9F4FA47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_46:*:*:*:*:*:*","matchCriteriaId":"35656567-EF24-4948-A72A-C754D6E419B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_47:*:*:*:*:*:*","matchCriteriaId":"E9A3D95D-4539-432D-B241-376F312534AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_48:*:*:*:*:*:*","matchCriteriaId":"81F329F1-5BB1-42A7-98CE-B0EB5819D60A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_49:*:*:*:*:*:*","matchCriteriaId":"5B7111FA-9FD7-4952-AFE1-07D3E14854F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"D35916F1-24AA-4BF3-8B1F-2361C5B815D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_50:*:*:*:*:*:*","matchCriteriaId":"2C7A080F-9C99-41A0-BC63-EBDDC0DF7B8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_51:*:*:*:*:*:*","matchCriteriaId":"0383C4C4-A7BB-418D-9A98-AC4233722961"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_52:*:*:*:*:*:*","matchCriteriaId":"AA281A20-7599-446B-9587-118E920403D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_53:*:*:*:*:*:*","matchCriteriaId":"9514E8F5-1D0B-4CDF-BD03-087326F6C252"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_54:*:*:*:*:*:*","matchCriteriaId":"78BC7D6C-2A10-4F78-9C41-EA97665C246E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_55:*:*:*:*:*:*","matchCriteriaId":"B2C29B11-D87B-4D78-9D42-AD528C811080"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_56:*:*:*:*:*:*","matchCriteriaId":"CA9BE427-78D7-4DEE-A174-F3E3675B44A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_57:*:*:*:*:*:*","matchCriteriaId":"6C10325C-8670-499B-B003-7D8634539C5D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_58:*:*:*:*:*:*","matchCriteriaId":"5F692BEB-5CB1-41EA-B715-64AB0036F6CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_59:*:*:*:*:*:*","matchCriteriaId":"427C4DF5-9039-4CB5-B600-5F965E20D945"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"EDEE4B40-889C-472E-AA91-7E1B4314EE64"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_60:*:*:*:*:*:*","matchCriteriaId":"44B7A2A2-5764-4EDB-AA44-25F8508CF128"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_61:*:*:*:*:*:*","matchCriteriaId":"55D94917-5360-4179-A017-1287C63A6E6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_62:*:*:*:*:*:*","matchCriteriaId":"52C5C76D-2572-4ADF-B7E4-7B3444935658"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_63:*:*:*:*:*:*","matchCriteriaId":"9ABFC91A-7A8D-4A08-9464-F534BAA69B4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_64:*:*:*:*:*:*","matchCriteriaId":"1D378A23-113D-47AC-9CB5-2658C357FFB4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_65:*:*:*:*:*:*","matchCriteriaId":"58FB119E-508C-45F7-8AD8-B67AAAEA53D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_66:*:*:*:*:*:*","matchCriteriaId":"8B3359A5-D39B-4322-8963-B138D791D232"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_67:*:*:*:*:*:*","matchCriteriaId":"E11E2FBD-7541-4CE3-8A78-52FB82571547"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_68:*:*:*:*:*:*","matchCriteriaId":"3883F470-8D8D-4CB3-BF4A-0C401BDABC83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_69:*:*:*:*:*:*","matchCriteriaId":"1BDCF010-04BF-4FA5-9E14-F6461FED3FFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"3867FDAA-354E-4D2F-A260-27F31CA44C8A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_70:*:*:*:*:*:*","matchCriteriaId":"7E8CEA39-4A7F-4827-91FA-31119201D174"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_71:*:*:*:*:*:*","matchCriteriaId":"D3768AC9-A245-4B81-8D1D-9D9C5354245C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_72:*:*:*:*:*:*","matchCriteriaId":"71CA65C9-C0FC-4CBD-A8B0-DD72604A46F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_73:*:*:*:*:*:*","matchCriteriaId":"9F06DECA-F45D-49DA-BB24-AA1F0306B0B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_74:*:*:*:*:*:*","matchCriteriaId":"3BA69ED9-28FA-40B5-84F9-0FFE40DFC675"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_75:*:*:*:*:*:*","matchCriteriaId":"6FF2D31F-8719-41A6-ADD5-15BE9409428E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_76:*:*:*:*:*:*","matchCriteriaId":"DE56F5E5-73CF-4636-9F98-86BDDA3F6A47"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_77:*:*:*:*:*:*","matchCriteriaId":"CE4885B1-F912-4D06-8179-830FC011F3F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_78:*:*:*:*:*:*","matchCriteriaId":"A1A0EFCE-4B74-4B4D-AB6E-5730F26B38FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_79:*:*:*:*:*:*","matchCriteriaId":"F02DCC86-C3F7-482C-9BFB-B7971FB10AEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"A89B7EE4-57FD-4B09-841A-ABC9990FF88F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_80:*:*:*:*:*:*","matchCriteriaId":"06835B0A-A2DF-44D3-A38F-59E5D5523FFA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_81:*:*:*:*:*:*","matchCriteriaId":"B746D0CF-76F6-42A1-9056-CA9622DCD806"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_82:*:*:*:*:*:*","matchCriteriaId":"FFC33A7E-B1CB-4E83-B75C-71F5E7E5E406"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_83:*:*:*:*:*:*","matchCriteriaId":"325CFFCF-1609-4D89-B6A8-1C6ACBFDD35B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_84:*:*:*:*:*:*","matchCriteriaId":"BD019A57-FC7A-4B1F-9946-FA15C90FC985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_85:*:*:*:*:*:*","matchCriteriaId":"A6B2CD3A-C39C-4F9A-8602-3EC75472181D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_86:*:*:*:*:*:*","matchCriteriaId":"1B8DCD85-0E47-44C1-B7DD-E1B4756CEC17"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_87:*:*:*:*:*:*","matchCriteriaId":"1790D974-2EE0-4405-8F26-BB6DB3BDA23B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_88:*:*:*:*:*:*","matchCriteriaId":"416B3F04-AD86-4F91-890E-56BA539AAB06"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_89:*:*:*:*:*:*","matchCriteriaId":"C12C0E4D-4E9A-4BD7-926E-74BCD42595B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"655A3A6A-A3EB-4864-B64D-2319E5CF7DA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_90:*:*:*:*:*:*","matchCriteriaId":"9A659FEF-1BC1-45E8-A01E-1F9A8F2AFAAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_91:*:*:*:*:*:*","matchCriteriaId":"3810319D-7DC4-47DD-B568-B0504DBC8209"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_92:*:*:*:*:*:*","matchCriteriaId":"D9BFFFC0-912A-4F95-A08E-1D264135D1E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_93:*:*:*:*:*:*","matchCriteriaId":"9EA924E7-DEF2-45BF-B435-C435AC20AF4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_94:*:*:*:*:*:*","matchCriteriaId":"E6809C30-9A81-45E6-92E9-01D54880EFEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_95:*:*:*:*:*:*","matchCriteriaId":"C194ACCD-CB7E-4DFC-ABB5-7CCEFD83E11B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_96:*:*:*:*:*:*","matchCriteriaId":"69856C3C-2ACB-4718-821C-793118094985"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_97:*:*:*:*:*:*","matchCriteriaId":"8693CC24-CEF6-4479-A3DA-8FD5C73E9548"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_98:*:*:*:*:*:*","matchCriteriaId":"B1A95A94-83C6-4DCC-8208-B76B53678B25"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.0:fix_pack_99:*:*:*:*:*:*","matchCriteriaId":"A1831C4F-7887-489E-91C1-3997114917DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:-:*:*:*:*:*:*","matchCriteriaId":"27DF695E-B890-42C2-8941-5BB53154755F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"072F6C59-3D86-48D1-A14E-477FFFA3B1D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"FE68B4A2-3459-4DBA-8BAC-E9AA9FA25264"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"680D7963-1393-4E86-A65F-D4463D532120"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"D81E73DD-FD21-4082-A883-34422AE6C024"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"E6DD0451-98EA-4140-8294-77A14F063E2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"CE94E76B-8CC2-4E91-B7A3-EEBCC1358FF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"408BD438-E15C-422F-9612-C62A7387FC63"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"A78C8B1C-39CB-4C27-B57C-0AF5E7EB50D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_17:*:*:*:*:*:*","matchCriteriaId":"0AB19E97-BACE-4FCC-A53F-078D61A7A9E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_18:*:*:*:*:*:*","matchCriteriaId":"D18ACD28-9182-435C-A30F-DF3BFE13C39A"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_19:*:*:*:*:*:*","matchCriteriaId":"CFE4CC72-C15A-40DE-AFF4-0B6B79BFB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"386F0E26-78DC-4D59-A20F-B41D0E59561B"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_20:*:*:*:*:*:*","matchCriteriaId":"43C11288-1C48-47A0-95DF-A48F3C0285F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_21:*:*:*:*:*:*","matchCriteriaId":"5ECF3B18-D0DB-4FB6-9F6F-B63A6CE45081"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_22:*:*:*:*:*:*","matchCriteriaId":"79AC7C0B-4135-4C24-8D37-A9431156E3E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_23:*:*:*:*:*:*","matchCriteriaId":"7289F71D-ECEB-4FB9-A53F-D3F4D1315ADD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_24:*:*:*:*:*:*","matchCriteriaId":"C18AE68F-6EF0-4132-A3D8-C2D77A842137"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_25:*:*:*:*:*:*","matchCriteriaId":"4C5F0729-7B44-4B9E-949F-6A66D8176E11"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_26:*:*:*:*:*:*","matchCriteriaId":"B883C27E-3C14-4686-A0E8-8969B4246CDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"54576481-2AE9-4133-9EFA-B7FBDCA4427D"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"E29CE810-76D5-4283-B102-70344B6C9506"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"DA869467-C560-4130-A180-86819F6A8673"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"CC0C94B7-31FB-4115-8EDE-62CC459B6663"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"07DEAA71-53DA-4508-B7E6-924ABED49E66"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"467323F6-5CA7-42A0-9810-C6FA694CEC93"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"32EFFD8A-1C0D-446B-AAD7-5D23D483D3D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.1:sp1:*:*:*:*:*:*","matchCriteriaId":"58CE2C64-BC5F-4281-AD98-B2C4B24A949C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:-:*:*:*:*:*:*","matchCriteriaId":"0DCF7F39-A198-4F7E-84B7-90C88C1BAA96"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"E7E68DF8-749B-4284-A7C9-929701A86B36"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_10:*:*:*:*:*:*","matchCriteriaId":"340DF1FE-5720-4516-BA51-F2197A654409"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_11:*:*:*:*:*:*","matchCriteriaId":"97E155DE-05C6-4559-94A8-0EFEB958D0C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_12:*:*:*:*:*:*","matchCriteriaId":"0635FB5F-9C90-49C7-A9EF-00C0396FCCAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_13:*:*:*:*:*:*","matchCriteriaId":"77523B76-FC26-41B1-A804-7372E13F4FB2"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_14:*:*:*:*:*:*","matchCriteriaId":"B15397B8-5087-4239-AE78-D3C37D59DE83"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_15:*:*:*:*:*:*","matchCriteriaId":"311EE92A-0EEF-4556-A52F-E6C9522FA2DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_16:*:*:*:*:*:*","matchCriteriaId":"49501C9E-D12A-45E0-92F3-8FD5FDC6D3CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"7CECAA19-8B7F-44C8-8059-6D4F2105E196"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_3:*:*:*:*:*:*","matchCriteriaId":"68CBCEEB-7C28-4769-813F-3F01E33D2E08"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_4:*:*:*:*:*:*","matchCriteriaId":"C0CB4927-A361-4DFA-BDB8-A454EA2894AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_5:*:*:*:*:*:*","matchCriteriaId":"B2B771B7-D5CB-4778-A3A8-1005E4EE134C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_6:*:*:*:*:*:*","matchCriteriaId":"3B9DB383-3791-4A43-BA4D-7695B203E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_7:*:*:*:*:*:*","matchCriteriaId":"13F02D77-20E9-4F32-9752-511EB71E6704"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_8:*:*:*:*:*:*","matchCriteriaId":"6353CC8F-A6D4-4A0C-8D68-290CD8DEB4F8"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.2:fix_pack_9:*:*:*:*:*:*","matchCriteriaId":"759DDB90-6A89-4E4F-BD04-F70EFA5343B0"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:-:*:*:*:*:*:*","matchCriteriaId":"6F6A98ED-E694-4F39-95D0-C152BD1EC115"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_1:*:*:*:*:*:*","matchCriteriaId":"2CD6861A-D546-462F-8B22-FA76A4AF8A9C"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.3:fix_pack_2:*:*:*:*:*:*","matchCriteriaId":"324BB977-5AAC-4367-98FC-605FF4997B3F"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:digital_experience_platform:7.4:-:*:*:*:*:*:*","matchCriteriaId":"96E84DBC-C740-4E23-8D1D-83C8AE49813E"},{"vulnerable":true,"criteria":"cpe:2.3:a:liferay:liferay_portal:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.4.3.5","matchCriteriaId":"C9B36899-E84E-498B-B99B-B6EB8F7ECE5C"}]}]}],"references":[{"url":"https://issues.liferay.com/browse/LPE-17438","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://issues.liferay.com/browse/LPE-17438","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://portal.liferay.dev/learn/security/known-vulnerabilities/-/asset_publisher/HbL5mxmVrnXW/content/cve-2022-42132","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-36179","sourceIdentifier":"cve@mitre.org","published":"2022-11-22T01:15:30.287","lastModified":"2026-07-09T01:17:35.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Fusiondirectory 1.3 suffers from Improper Session Handling."},{"lang":"es","value":"Fusiondirectory 1.3 sufre un manejo inadecuado de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T15:17:22.620458Z","id":"CVE-2022-36179","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-613"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fusiondirectory:fusiondirectory:1.3:*:*:*:*:*:*:*","matchCriteriaId":"E53A4E70-69D8-456C-A261-5C5B69CAA751"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00009.html","source":"cve@mitre.org"},{"url":"https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-36180","sourceIdentifier":"cve@mitre.org","published":"2022-11-22T01:15:31.377","lastModified":"2026-07-09T01:17:35.577","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Fusiondirectory 1.3 is vulnerable to Cross Site Scripting (XSS) via /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&plug={Injection], /fusiondirectory/index.php?signout=1&message=[injection]&plug=106."},{"lang":"es","value":"Fusiondirectory 1.3 es vulnerable a Cross Site Scripting (XSS) a través de /fusiondirectory/index.php?message=[injection], /fusiondirectory/index.php?message=invalidparameter&amp;plug={Injection], /fusiondirectory/index.php?signout=1&amp;message=[injection]&amp;plug=106."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T15:16:08.398583Z","id":"CVE-2022-36180","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fusiondirectory:fusiondirectory:1.3:*:*:*:*:*:*:*","matchCriteriaId":"E53A4E70-69D8-456C-A261-5C5B69CAA751"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00009.html","source":"cve@mitre.org"},{"url":"https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://yoroi.company/research/cve-advisory-full-disclosure-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40842","sourceIdentifier":"cve@mitre.org","published":"2022-11-22T01:15:32.507","lastModified":"2026-07-09T01:17:45.550","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php."},{"lang":"es","value":"ndk design NdkAdvancedCustomizationFields 3.5.0 es vulnerable a Server-Side Request Forgery (SSRF) a través de rotateimg.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T15:13:31.660280Z","id":"CVE-2022-40842","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ndk-design:ndkadvancedcustomizationfields:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"3.5.0","matchCriteriaId":"73B18D52-9A29-4789-879A-099001F3D206"}]}]}],"references":[{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40842/poc.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40842/poc.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42989","sourceIdentifier":"cve@mitre.org","published":"2022-11-22T14:15:12.423","lastModified":"2026-07-09T01:17:50.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Caixa de Entrada."},{"lang":"es","value":"Se descubrió que ERP Sankhya anterior a v4.11b81 contenía una vulnerabilidad de Cross-Site Scripting (XSS) a través del componente Caixa de Entrada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T04:19:52.407591Z","id":"CVE-2022-42989","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sankhya:sankhya_om:*:*:*:*:*:*:*:*","versionEndExcluding":"4.11b81","matchCriteriaId":"D0A8C8F7-6BF5-4D93-B721-B36AD7F237DF"}]}]}],"references":[{"url":"https://github.com/0xLUC4S/CVEs/blob/main/SankhyaERP_XSS_Account_Takeover.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/0xLUC4S/CVEs/blob/main/SankhyaERP_XSS_Account_Takeover.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44194","sourceIdentifier":"cve@mitre.org","published":"2022-11-22T14:15:13.627","lastModified":"2026-07-09T01:17:54.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec."},{"lang":"es","value":"Netgear R7000P V1.3.0.8 es vulnerable al desbordamiento del búfer mediante los parámetros apmode_dns1_pri y apmode_dns1_sec."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T04:00:47.572784Z","id":"CVE-2022-44194","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r7000p_firmware:1.3.0.8:*:*:*:*:*:*:*","matchCriteriaId":"EE63E144-5E2C-4992-B417-087BCFAA9613"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r7000p:-:*:*:*:*:*:*:*","matchCriteriaId":"DFE55F4D-E98B-46D3-B870-041141934CD1"}]}]}],"references":[{"url":"http://routerlogin.net/WLG_ap_dual_band.htm","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/RobinWang825/IoT_vuln/tree/main/Netgear/R7000P/11","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://routerlogin.net/WLG_ap_dual_band.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/RobinWang825/IoT_vuln/tree/main/Netgear/R7000P/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.netgear.com/about/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-37773","sourceIdentifier":"cve@mitre.org","published":"2022-11-23T00:15:10.827","lastModified":"2026-07-09T01:17:39.273","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL autenticada en la página de estadísticas (/statistics/retrieve) de Maarch RM 2.8, a través del parámetro de filtro, permite la divulgación completa de todas las bases de datos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T15:14:28.004398Z","id":"CVE-2022-37773","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:*:*:*:*:*:*:*:*","versionStartIncluding":"2.7","versionEndExcluding":"2.8.6","matchCriteriaId":"17870FA7-4A8E-4683-83C6-6B0F3B6EC7AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:2.9:*:*:*:*:*:*:*","matchCriteriaId":"C4C30EE5-5C2B-4501-92F9-7DA89B362B1D"}]}]}],"references":[{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37773/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37773/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37774","sourceIdentifier":"cve@mitre.org","published":"2022-11-23T00:15:10.887","lastModified":"2026-07-09T01:17:39.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document (pdf, email) from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash of the file accessed. The document's URL (https://{url}/tmp/{MD5 hash of the document}) is then accessible without authentication."},{"lang":"es","value":"Existe una vulnerabilidad de control de acceso rota en la solución Maarch RM 2.8.3. Al acceder a algún documento específico (pdf, correo electrónico) desde un archivo, la aplicación propone una vista previa. Esta vista previa genera una URL que incluye un hash md5 del archivo al que se accede. Luego se puede acceder a la URL del documento (https://{url}/tmp/{MD5 hash of the document}) sin autenticación."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T04:38:41.597669Z","id":"CVE-2022-37774","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:*:*:*:*:*:*:*:*","versionStartIncluding":"2.8","versionEndExcluding":"2.8.6","matchCriteriaId":"6ACE6E8F-5A5F-4B93-B0C9-3EBEAFC10EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:2.9:*:*:*:*:*:*:*","matchCriteriaId":"C4C30EE5-5C2B-4501-92F9-7DA89B362B1D"}]}]}],"references":[{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37774/README.md","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37774/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35500","sourceIdentifier":"cve@mitre.org","published":"2022-11-23T02:15:09.670","lastModified":"2026-07-09T01:17:34.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality."},{"lang":"es","value":"Amasty Blog 2.10.3 es vulnerable a Cross Site Scripting (XSS) mediante la funcionalidad de dejar comentarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-28T19:58:27.661434Z","id":"CVE-2022-35500","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:amasty:blog_pro:2.10.3:*:*:*:*:magento:*:*","matchCriteriaId":"46EA2F3E-BA5C-440D-A15F-BB859699D24C"}]}]}],"references":[{"url":"https://github.com/afine-com/CVE-2022-35500","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/afine-com/CVE-2022-35500","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37772","sourceIdentifier":"cve@mitre.org","published":"2022-11-23T02:15:09.817","lastModified":"2026-07-09T01:17:39.087","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts."},{"lang":"es","value":"La solución Maarch RM 2.8.3 contiene una restricción inadecuada de intentos de autenticación excesivos debido a respuestas excesivamente detalladas de la aplicación. Un atacante remoto no autenticado podría explotar esta vulnerabilidad y comprometer las cuentas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-25T20:29:27.190122Z","id":"CVE-2022-37772","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:*:*:*:*:*:*:*:*","versionStartIncluding":"2.8","versionEndExcluding":"2.8.6","matchCriteriaId":"6ACE6E8F-5A5F-4B93-B0C9-3EBEAFC10EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:maarch:maarch_rm:2.9:*:*:*:*:*:*:*","matchCriteriaId":"C4C30EE5-5C2B-4501-92F9-7DA89B362B1D"}]}]}],"references":[{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-35501","sourceIdentifier":"cve@mitre.org","published":"2022-11-23T17:15:10.047","lastModified":"2026-07-09T01:17:35.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function."},{"lang":"es","value":"El Cross Site Scripting (XSS) Almacenado existe en el complemento Amasty Blog Pro 2.10.3 y 2.10.4 para Magento 2 debido a la función de handshake duplicada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-28T19:55:47.105668Z","id":"CVE-2022-35501","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:amasty:blog_pro:2.10.3:*:*:*:*:magento:*:*","matchCriteriaId":"46EA2F3E-BA5C-440D-A15F-BB859699D24C"},{"vulnerable":true,"criteria":"cpe:2.3:a:amasty:blog_pro:2.10.4:*:*:*:*:magento:*:*","matchCriteriaId":"6F975E32-2C13-4B72-83BB-6625B0088A99"}]}]}],"references":[{"url":"https://github.com/afine-com/CVE-2022-35501","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/afine-com/CVE-2022-35501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37720","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T16:15:10.687","lastModified":"2026-07-09T01:17:38.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Orchardproject Orchard CMS 1.10.3 is vulnerable to Cross Site Scripting (XSS). When a low privileged user such as an author or publisher, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation when the malicious blog post is loaded in the victim's browser."},{"lang":"es","value":"Orchardproject Orchard CMS 1.10.3 es vulnerable a Cross Site Scripting (XSS). Cuando un usuario con pocos privilegios, como un autor o editor, inyecta un payload de HTML y JavaScript manipulado en una publicación de blog, lo que lleva a la toma total de la cuenta de administrador o a una escalada de privilegios cuando la publicación de blog maliciosa se carga en el navegador de la víctima."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-25T17:29:33.005610Z","id":"CVE-2022-37720","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:orchardcore:orchard_cms:1.10.3:*:*:*:*:*:*:*","matchCriteriaId":"F89ADDD6-E5D7-431C-9DD3-37FF6EE2B298"}]}]}],"references":[{"url":"https://labs.integrity.pt/advisories/cve-2022-37720/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://labs.integrity.pt/advisories/cve-2022-37720/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37721","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:10.707","lastModified":"2026-07-09T01:17:38.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation."},{"lang":"es","value":"PyroCMS 3.9 es vulnerable a un Cross Site Scripting (XSS_) almacenado cuando un usuario con pocos privilegios, como un autor, inyecta un payload de HTML y JavaScript manipulado en una publicación de blog, lo que lleva a la apropiación total de la cuenta de administrador o a una escalada de privilegios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-25T17:27:54.220570Z","id":"CVE-2022-37721","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pyrocms:pyrocms:3.9:*:*:*:*:*:*:*","matchCriteriaId":"B35341AA-997E-439F-B12D-31D9CB5219C5"}]}]}],"references":[{"url":"https://labs.integrity.pt/advisories/cve-2022-37721/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://labs.integrity.pt/advisories/cve-2022-37721/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45205","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:11.007","lastModified":"2026-07-09T01:17:58.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData."},{"lang":"es","value":"Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/dict/queryTableData."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T14:20:12.660830Z","id":"CVE-2022-45205","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jeecg:jeecg_boot:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"49DF84AE-6D1A-4065-AB0B-CB6926D6C5F3"}]}]}],"references":[{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4128","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4128","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45206","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:11.060","lastModified":"2026-07-09T01:17:59.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check."},{"lang":"es","value":"Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/duplicate/check."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T14:18:04.633730Z","id":"CVE-2022-45206","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jeecg:jeecg_boot:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"49DF84AE-6D1A-4065-AB0B-CB6926D6C5F3"}]}]}],"references":[{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4129","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4129","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45207","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:11.117","lastModified":"2026-07-09T01:17:59.307","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString."},{"lang":"es","value":"Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente updateNullByEmptyString."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T14:16:22.176314Z","id":"CVE-2022-45207","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jeecg:jeecg_boot:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"49DF84AE-6D1A-4065-AB0B-CB6926D6C5F3"}]}]}],"references":[{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4127","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4127","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45208","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:11.173","lastModified":"2026-07-09T01:17:59.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin."},{"lang":"es","value":"Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/user/putRecycleBin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T14:14:16.895583Z","id":"CVE-2022-45208","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jeecg:jeecg_boot:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"49DF84AE-6D1A-4065-AB0B-CB6926D6C5F3"}]}]}],"references":[{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4126","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4126","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45210","sourceIdentifier":"cve@mitre.org","published":"2022-11-25T17:15:11.230","lastModified":"2026-07-09T01:17:59.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin."},{"lang":"es","value":"Se descubrió que Jeecg-boot v3.4.3 contiene una vulnerabilidad de inyección SQL a través del componente /sys/user/deleteRecycleBin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-29T14:12:11.723019Z","id":"CVE-2022-45210","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jeecg:jeecg_boot:3.4.3:*:*:*:*:*:*:*","matchCriteriaId":"49DF84AE-6D1A-4065-AB0B-CB6926D6C5F3"}]}]}],"references":[{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4125","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/jeecgboot/jeecg-boot/issues/4125","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31877","sourceIdentifier":"cve@mitre.org","published":"2022-11-28T15:15:10.333","lastModified":"2026-07-09T01:17:30.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet."},{"lang":"es","value":"Un problema en el componente MSI.TerminalServer.exe de MSI Center v1.0.41.0 permite a los atacantes escalar privilegios a través de un paquete TCP manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-25T19:22:45.775235Z","id":"CVE-2022-31877","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-345"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:msi:center:1.0.41.0:*:*:*:*:*:*:*","matchCriteriaId":"D2E350D6-AF3F-43FD-8514-EE1C0AD0C039"}]}]}],"references":[{"url":"https://patsch.dev/2022/07/08/cve-2022-31877-privilege-escalation-in-msi-centers-msi-terminalserver-exe/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://patsch.dev/2022/07/08/cve-2022-31877-privilege-escalation-in-msi-centers-msi-terminalserver-exe/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44290","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:13.880","lastModified":"2026-07-09T01:17:55.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php."},{"lang":"es","value":"Se descubrió que webTareas 2.4p5 contenía una vulnerabilidad de inyección SQL a través del parámetro id en deleteapprovalstages.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T20:20:20.358369Z","id":"CVE-2022-44290","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/2","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44291","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:13.950","lastModified":"2026-07-09T01:17:55.527","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php."},{"lang":"es","value":"Se descubrió que webTareas 2.4p5 contenía una vulnerabilidad de inyección SQL a través del parámetro id en Phasesets.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T20:19:39.882110Z","id":"CVE-2022-44291","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/1","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44944","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.027","lastModified":"2026-07-09T01:17:56.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Agregar anuncio en /index.php?module=help_pages/pages&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Título."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:13:37.340909Z","id":"CVE-2022-44944","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/14","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/14","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44945","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.103","lastModified":"2026-07-09T01:17:56.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de inyección SQL a través del parámetro header_field_id."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:11:19.978437Z","id":"CVE-2022-44945","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/16","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44946","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.180","lastModified":"2026-07-09T01:17:56.343","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Agregar página en /index.php?module=help_pages/pages&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Título."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:09:02.556736Z","id":"CVE-2022-44946","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/15","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/15","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44947","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.257","lastModified":"2026-07-09T01:17:56.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking \"Add\"."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contenía una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Resaltar fila en /index.php?module=entities/listing_types&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios mediante un payload manipulado inyectado en el campo Nota después de hacer clic en \"Agregar\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:06:27.174894Z","id":"CVE-2022-44947","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/13","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/13","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44948","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.320","lastModified":"2026-07-09T01:17:56.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking \"Add\"."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Entities Group at/index.php?module=entities/entities_groups. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre después de hacer clic en \"Agregar\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:03:23.802940Z","id":"CVE-2022-44948","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/8","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44949","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.397","lastModified":"2026-07-09T01:17:56.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Agregar nuevo campo en /index.php?module=entities/fields&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre Corto."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T14:01:34.630021Z","id":"CVE-2022-44949","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/12","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44950","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.463","lastModified":"2026-07-09T01:17:57.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función Agregar nuevo campo en /index.php?module=entities/fields&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T13:59:22.091077Z","id":"CVE-2022-44950","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/10","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44951","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.523","lastModified":"2026-07-09T01:17:57.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contiene una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la función de la pestaña Agregar nuevo formulario en /index.php?module=entities/forms&amp;entities_id=24. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:32:37.710518Z","id":"CVE-2022-44951","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/11","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44952","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.583","lastModified":"2026-07-09T01:17:57.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking \"Add\"."},{"lang":"es","value":"Se descubrió que Rukovoditel v3.2.1 contenía una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en /index.php?module=configuration/application. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Texto de copyright después de hacer clic en \"Agregar\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:31:52.493042Z","id":"CVE-2022-44952","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AF93014A-D2CB-48B2-AB57-692E95E5702D"}]}]}],"references":[{"url":"https://github.com/anhdq201/rukovoditel/issues/9","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/rukovoditel/issues/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44953","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.647","lastModified":"2026-07-09T01:17:57.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking \"Add\"."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /linkedcontent/listfiles.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre después de hacer clic en \"Agregar\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:31:03.252806Z","id":"CVE-2022-44953","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/8","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44954","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.703","lastModified":"2026-07-09T01:17:57.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking \"Add\"."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /contacts/listcontacts.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Apellido después de hacer clic en \"Agregar\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:29:28.249367Z","id":"CVE-2022-44954","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/10","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44955","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.767","lastModified":"2026-07-09T01:17:57.787","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en la función de chat. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Mensajes."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:27:11.487249Z","id":"CVE-2022-44955","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/5","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44956","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.827","lastModified":"2026-07-09T01:17:57.963","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /projects/listprojects.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T20:18:06.624856Z","id":"CVE-2022-44956","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/3","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44957","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.897","lastModified":"2026-07-09T01:17:58.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /clients/listclients.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T20:17:29.913298Z","id":"CVE-2022-44957","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/11","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44959","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:14.967","lastModified":"2026-07-09T01:17:58.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /meetings/listmeetings.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T20:16:42.290689Z","id":"CVE-2022-44959","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/6","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44960","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:15.023","lastModified":"2026-07-09T01:17:58.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contiene una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /general/search.php?searchtype=simple. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo de búsqueda."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:25:44.391530Z","id":"CVE-2022-44960","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/4","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44961","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:15.077","lastModified":"2026-07-09T01:17:58.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /forums/editforum.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:26:21.189044Z","id":"CVE-2022-44961","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/7","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-44962","sourceIdentifier":"cve@mitre.org","published":"2022-12-02T20:15:15.133","lastModified":"2026-07-09T01:17:58.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Subject field."},{"lang":"es","value":"Se descubrió que webtareas 2.4p5 contenía una vulnerabilidad de Cross-Site Scripting (XSS) en el componente /calendar/viewcalendar.php. Esta vulnerabilidad permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Asunto."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-24T19:26:36.882527Z","id":"CVE-2022-44962","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:*","matchCriteriaId":"94C4D4FE-5B6C-48AA-AFCC-C0BEDF27E9D1"}]}]}],"references":[{"url":"https://github.com/anhdq201/webtareas/issues/12","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/anhdq201/webtareas/issues/12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-38599","sourceIdentifier":"cve@mitre.org","published":"2022-12-08T17:15:10.437","lastModified":"2026-07-09T01:17:41.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface."},{"lang":"es","value":"Se descubrió que Teleport v3.2.2, Teleport v3.5.6-rc6 y Teleport v3.6.3-b2 contenían una fuga de información a través de la interfaz web /user/get-role-list."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-23T15:51:29.330274Z","id":"CVE-2022-38599","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:goteleport:teleport:3.2.2:*:*:*:*:*:*:*","matchCriteriaId":"A1315AFD-6D86-426C-B643-3800BA443574"},{"vulnerable":true,"criteria":"cpe:2.3:a:goteleport:teleport:3.5.6:rc6:*:*:*:*:*:*","matchCriteriaId":"65ED6D6A-42C6-4B3D-AE88-4065C86F09E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:goteleport:teleport:3.6.3:beta2:*:*:*:*:*:*","matchCriteriaId":"C36170D1-26E4-479A-AA74-DCF90B8A2EA0"}]}]}],"references":[{"url":"https://gist.github.com/arleyna/20d858e11c48984d00926fa8cc0c2722","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/arleyna/20d858e11c48984d00926fa8cc0c2722","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-4311","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-12-12T18:15:13.300","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nAn insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This\ncould allow a user with access to the log files to discover connection strings of data sources configured for the\nDbConnect, which could include credentials. Successful exploitation of this vulnerability could allow other users\nunauthorized access to the underlying data sources.\n\n"},{"lang":"es","value":"Existe una vulnerabilidad de inserción de información confidencial en el archivo de registro en las versiones de PcVue 15 a 15.2.2. Esto podría permitir que un usuario con acceso a los archivos de registro descubra cadenas de conexión de fuentes de datos configuradas para DbConnect, que podrían incluir credenciales. La explotación exitosa de esta vulnerabilidad podría permitir que otros usuarios accedan no autorizados a las fuentes de datos subyacentes."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"ARC Informatique","product":"PcVue","defaultStatus":"unaffected","versions":[{"version":"15","lessThanOrEqual":"15.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T14:51:25.883186Z","id":"CVE-2022-4311","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"15.2.2","matchCriteriaId":"E9D949F2-C563-4FB4-A39E-D03024E82411"}]}]}],"references":[{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1165-security-bulletin-2022-6","source":"ics-cert@hq.dhs.gov","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1165-security-bulletin-2022-6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-4312","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-12-12T18:15:13.393","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"\nA cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could\nallow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files\nto discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code.\nSuccessful exploitation of this vulnerability could allow an unauthorized user access to the underlying email\naccount and SIM card.\n\n"},{"lang":"es","value":"Existe una vulnerabilidad de almacenamiento en texto plano de información confidencial en las versiones de PcVue 8.10 a 15.2.3. Esto podría permitir que un usuario no autorizado con acceso a los archivos de configuración de las cuentas de correo electrónico y servicio de mensajería corta (SMS) descubra las credenciales de la cuenta del protocolo simple de transferencia de correo (SMTP) asociadas y el código PIN de la tarjeta SIM. La explotación exitosa de esta vulnerabilidad podría permitir que un usuario no autorizado acceda a la cuenta de correo electrónico y a la tarjeta SIM subyacentes."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"ARC Informatique","product":"PcVue","defaultStatus":"unaffected","versions":[{"version":"8.10","lessThanOrEqual":"15.2.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-14T17:44:58.764003Z","id":"CVE-2022-4312","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"8.10","versionEndIncluding":"15.2.3","matchCriteriaId":"027DA82C-B1DC-4EAD-8D50-596394AF657A"}]}]}],"references":[{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7","source":"ics-cert@hq.dhs.gov","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1171-security-bulletin-2022-7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-32415","sourceIdentifier":"cve@mitre.org","published":"2022-12-13T15:15:10.563","lastModified":"2026-07-09T01:16:53.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates."},{"lang":"es","value":"Las versiones de EXEMSI MSI Wrapper anteriores a 10.0.50 y al menos desde la versión 6.0.91 introducirán una vulnerabilidad de escalada de privilegios local en los instaladores que cree."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-22T20:00:04.237138Z","id":"CVE-2021-32415","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:msi:wrapper:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.91","versionEndExcluding":"10.0.50","matchCriteriaId":"D33415D4-250E-4596-9FEA-F39281A3E421"}]}]}],"references":[{"url":"https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-ninjarmm","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://improsec.com/tech-blog/privilege-escalation-vulnerability-in-ninjarmm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2022-44303","sourceIdentifier":"cve@mitre.org","published":"2022-12-13T15:15:11.107","lastModified":"2026-07-09T01:17:55.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting (XSS). A remote attacker could inject javascript code to the \"{schedule_job}\" or \"args\" parameter in /resque/delayed/jobs/{schedule_job}?args={args_id} to execute javascript at client side."},{"lang":"es","value":"Resque Scheduler versión 1.27.4 es vulnerable a Cross-Site Scripting (XSS). Un atacante remoto podría inyectar código javascript en el parámetro \"{schedule_job}\" o \"args\" en /resque/delayed/jobs/{schedule_job}?args={args_id} para ejecutar javascript en el lado del cliente."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-22T15:06:26.408563Z","id":"CVE-2022-44303","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:resque-scheduler_project:resque-scheduler:-:*:*:*:*:ruby:*:*","matchCriteriaId":"F7B6FF21-771B-4EBF-BCD8-666CC335BC4B"}]}]}],"references":[{"url":"https://trungvm.gitbook.io/cves/resque/resque-1.27.4-multiple-reflected-xss-in-resque-schedule-job","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://trungvm.gitbook.io/cves/resque/resque-1.27.4-multiple-reflected-xss-in-resque-schedule-job","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31358","sourceIdentifier":"cve@mitre.org","published":"2022-12-14T15:15:10.173","lastModified":"2026-07-09T01:17:30.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/."},{"lang":"es","value":"Una vulnerabilidad de cross site scripting (XSS) reflejado en Proxmox Virtual Environment anterior a v7.2-3 permite a atacantes remotos ejecutar scripts web o HTML de su elección a través de endpoints inexistentes en la ruta /api2/html/."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-22T16:07:01.765758Z","id":"CVE-2022-31358","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:proxmox:virtual_environment:*:*:*:*:*:*:*:*","versionEndExcluding":"7.2-3","matchCriteriaId":"9D4F9210-FC5E-4C51-AF03-B8015EA2D95D"}]}]}],"references":[{"url":"https://git.proxmox.com/?p=pve-http-server.git;a=commitdiff;h=00661f1223b7c0afffa64e1d91f5e018b985f762","source":"cve@mitre.org"},{"url":"https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/","source":"cve@mitre.org","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://www.proxmox.com/en/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://git.proxmox.com/?p=pve-http-server.git%3Ba=commitdiff%3Bh=00661f1223b7c0afffa64e1d91f5e018b985f762","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://starlabs.sg/blog/2022/12-multiple-vulnerabilites-in-proxmox-ve--proxmox-mail-gateway/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Technical Description","Third Party Advisory"]},{"url":"https://www.proxmox.com/en/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-40435","sourceIdentifier":"cve@mitre.org","published":"2022-12-19T17:15:10.077","lastModified":"2026-07-09T01:17:44.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module."},{"lang":"es","value":"Se descubrió que Employee Performance Evaluation System v1.0 contenía una vulnerabilidad de Cross-Site Scripting (XSS) persistente al agregar nuevas entradas en el módulo Departamentos y Designaciones."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-17T15:04:13.647822Z","id":"CVE-2022-40435","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:employee_performance_evaluation_system_project:employee_performance_evaluation_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"A7B185E8-CBB4-42FA-A6F7-49DB639870A6"}]}]}],"references":[{"url":"https://isaghojaria.medium.com/employee-performance-evaluation-system-v1-0-fdf7eb5eaf92","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://isaghojaria.medium.com/employee-performance-evaluation-system-v1-0-fdf7eb5eaf92","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40434","sourceIdentifier":"cve@mitre.org","published":"2022-12-19T22:15:11.020","lastModified":"2026-07-09T01:17:44.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page."},{"lang":"es","value":"Se descubrió que Softr v2.0 era vulnerable a la inyección de HTML a través del campo Nombre de la página Cuenta."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-17T15:07:13.335748Z","id":"CVE-2022-40434","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softr:softr:2.0:*:*:*:*:*:*:*","matchCriteriaId":"1BB1FE94-CE8C-4312-B0C7-2525D1B0CD7E"}]}]}],"references":[{"url":"https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-be-vulnerable-to-html-injection-via-the-name-field-of-the-account-page-c6fbd3162254","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.softr.io/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-be-vulnerable-to-html-injection-via-the-name-field-of-the-account-page-c6fbd3162254","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.softr.io/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-40841","sourceIdentifier":"cve@mitre.org","published":"2022-12-21T18:15:08.957","lastModified":"2026-07-09T01:17:45.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the \"htmlNodes\" parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) en NdkAdvancedCustomizationFields v3.5.0 permite a los atacantes ejecutar scripts web o HTML arbitrario a través de payloads manipulados inyectados en el parámetro \"htmlNodes\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-16T17:37:06.505096Z","id":"CVE-2022-40841","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ndk-design:ndkadvancedcustomizationfields:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"3.5.0","matchCriteriaId":"73B18D52-9A29-4789-879A-099001F3D206"}]}]}],"references":[{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40841/poc.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40841/poc.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-40011","sourceIdentifier":"cve@mitre.org","published":"2022-12-23T23:15:08.917","lastModified":"2026-07-09T01:17:42.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Typora through 1.3.8 allows XSS if a document containing an SVG element with an attacker-controlled onload attribute is exported and then used at a victim's origin."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting (XSS) en typora hasta 1.38 permite a atacantes remotos ejecutar código arbitrario mediante exportación desde el editor."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-15T14:21:12.979685Z","id":"CVE-2022-40011","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:typora:typora:*:*:*:*:*:*:*:*","versionEndIncluding":"1.3.8","matchCriteriaId":"562E2A40-EE0E-4DE5-81B1-4D401C77B31C"}]}]}],"references":[{"url":"https://gist.github.com/wangking1/61bdd1967367301a950ffbb3d10386f3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://typora.io/releases/all","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://gist.github.com/wangking1/61bdd1967367301a950ffbb3d10386f3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36630","sourceIdentifier":"cve@mitre.org","published":"2023-01-18T13:15:12.167","lastModified":"2026-07-09T01:16:57.907","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request."},{"lang":"es","value":"Vulnerabilidad de amplificación de reflexión DDOS en el módulo eAut del controlador Ruckus Wireless SmartZone que permite a atacantes remotos realizar ataques DOS a través de una solicitud manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-04T15:49:59.971078Z","id":"CVE-2021-36630","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruckuswireless:sz-300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.6.2","matchCriteriaId":"1F05ACC6-8210-4548-A273-D36B75A3545C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruckuswireless:sz-300:-:*:*:*:*:*:*:*","matchCriteriaId":"4087D2FB-0853-40AE-A03F-803B5972A404"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruckuswireless:sz-144_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.6.2","matchCriteriaId":"FA118A08-EBFD-42CB-9966-EA42418C4B35"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruckuswireless:sz-144:-:*:*:*:*:*:*:*","matchCriteriaId":"0CA45AAC-D228-4F8B-AAD8-A41395C79DD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruckuswireless:sz-100_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.6.2","matchCriteriaId":"1DBBE479-EB83-4A09-9D7B-ED391E7B2F00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruckuswireless:sz-100:-:*:*:*:*:*:*:*","matchCriteriaId":"3B9F3E41-79CA-45B7-B799-B0A64E60BA16"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ruckuswireless:vsz_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.6.2","matchCriteriaId":"F904727C-775E-4C92-8F30-0DA8F8567BFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ruckuswireless:vsz:-:*:*:*:*:*:*:*","matchCriteriaId":"A1E9A46B-D8E4-489A-8648-28EDDF000E28"}]}]}],"references":[{"url":"https://anquan.baidu.com/article/1434","source":"cve@mitre.org","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://github.com/lixiang957/CVE-2021-36630","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.freebuf.com/articles/web/260338.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://anquan.baidu.com/article/1434","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Technical Description","Third Party Advisory"]},{"url":"https://github.com/lixiang957/CVE-2021-36630","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.commscope.com/globalassets/digizuite/921070-faq-security-advisory-id-20210719-v1-0.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.freebuf.com/articles/web/260338.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37498","sourceIdentifier":"cve@mitre.org","published":"2023-01-20T12:15:10.143","lastModified":"2026-07-09T01:16:59.573","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An SSRF issue was discovered in Reprise License Manager (RLM) web interface through 14.2BL4 that allows remote attackers to trigger outbound requests to intranet servers, conduct port scans via the actserver parameter in License Activation function."},{"lang":"es","value":"Se descubrió un problema SSRF en la interfaz web de Reprise License Manager (RLM) hasta 14.2BL4 que permite a atacantes remotos activar solicitudes salientes a servidores de intranet y realizar escaneos de puertos a través del parámetro acterver en la función Activación de licencia."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-02T20:00:36.307177Z","id":"CVE-2021-37498","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"17.0","matchCriteriaId":"3A5DB9CB-87D7-490C-8E7F-92D7681251E0"}]}]}],"references":[{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37499","sourceIdentifier":"cve@mitre.org","published":"2023-01-20T12:15:11.350","lastModified":"2026-07-09T01:16:59.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers."},{"lang":"es","value":"Vulnerabilidad CRLF en la interfaz web de Reprise License Manager (RLM) hasta 14.2BL4 en el parámetro de contraseña en la función View License Result , que permite a atacantes remotos inyectar encabezados HTTP arbitrarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-03T17:40:28.132609Z","id":"CVE-2021-37499","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"17.0","matchCriteriaId":"3A5DB9CB-87D7-490C-8E7F-92D7681251E0"}]}]}],"references":[{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-37500","sourceIdentifier":"cve@mitre.org","published":"2023-01-20T12:15:11.507","lastModified":"2026-07-09T01:16:59.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM users with sufficient privileges to overwrite any file the on the server."},{"lang":"es","value":"Vulnerabilidad de Directory Traversal en la interfaz web de Reprise License Manager (RLM) anterior a 14.2BL4 en la función de diagnóstico que permite a los usuarios de RLM con privilegios suficientes sobrescribir cualquier archivo en el servidor."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-03T16:01:55.042803Z","id":"CVE-2021-37500","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"16.0","matchCriteriaId":"FC072711-CB10-407F-9F36-C58F949C66BE"}]}]}],"references":[{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-41441","sourceIdentifier":"cve@mitre.org","published":"2023-01-20T15:15:13.553","lastModified":"2026-07-09T01:17:46.003","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple cross-site scripting (XSS) vulnerabilities in ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters."},{"lang":"es","value":"Múltiples vulnerabilidades de cross-site scripting (XSS) en ReQlogic v11.3 permiten a los atacantes ejecutar scripts web o HTML de su elección a través de un payload manipulado inyectado en los parámetros POBatch y WaitDuration."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-02T16:04:09.780031Z","id":"CVE-2022-41441","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:reqlogic:reqlogic:11.3:*:*:*:*:*:*:*","matchCriteriaId":"405A7A99-8397-4870-B520-9D967EBB22B0"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/171557/ReQlogic-11.3-Cross-Site-Scripting.html","source":"cve@mitre.org"},{"url":"https://okankurtulus.com.tr/2023/01/17/reqlogic-v11-3-unauthenticated-reflected-cross-site-scripting-xss/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://reqlogic.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"http://packetstormsecurity.com/files/171557/ReQlogic-11.3-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://okankurtulus.com.tr/2023/01/17/reqlogic-v11-3-unauthenticated-reflected-cross-site-scripting-xss/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://reqlogic.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2020-25502","sourceIdentifier":"cve@mitre.org","published":"2023-01-20T21:15:10.280","lastModified":"2026-07-09T00:17:02.357","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges."},{"lang":"es","value":"Cybereason EDR versión 19.1.282 y superior, 19.2.182 y superior, 20.1.343 y superior, y 20.2.X y superior tienen una vulnerabilidad de secuestro de DLL, que podría permitir a un atacante local ejecutar código con privilegios elevados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-03T17:47:13.445626Z","id":"CVE-2020-25502","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*","versionEndExcluding":"19.1.282","matchCriteriaId":"B428CD0D-D225-4101-9A92-1558EEE99C0A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*","versionStartIncluding":"19.2.0","versionEndExcluding":"19.2.182","matchCriteriaId":"521E2985-3597-4E4A-A06D-B6B6F9E5AF4F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*","versionStartIncluding":"20.1.0","versionEndExcluding":"20.1.343","matchCriteriaId":"E7B84804-F42A-42EA-AC03-DB0D6B192426"},{"vulnerable":true,"criteria":"cpe:2.3:a:cybereason:endpoint_detection_and_response:20.2.0:*:*:*:*:*:*:*","matchCriteriaId":"D11B8204-8361-4254-AF9D-82CC6F6123E3"}]}]}],"references":[{"url":"https://www.cybereason.com/cybereason-vulnerability-disclosure","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.cybereason.com/cybereason-vulnerability-disclosure","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-22452","sourceIdentifier":"cve@mitre.org","published":"2023-01-26T21:15:21.650","lastModified":"2026-07-09T00:16:57.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en la función getTableCreationQuery en CreateAddField.php en phpMyAdmin 5.x anterior a 5.2.0 a través de los parámetros tbl_storage_engine o tbl_collation en tbl_create.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-01T14:07:49.048836Z","id":"CVE-2020-22452","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.2.0","matchCriteriaId":"4A1F1DCF-9344-4F54-9266-D8BE32E89223"}]}]}],"references":[{"url":"https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/phpmyadmin/phpmyadmin/issues/15898","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/phpmyadmin/phpmyadmin/pull/16004","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/phpmyadmin/phpmyadmin/blob/master/ChangeLog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/phpmyadmin/phpmyadmin/issues/15898","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/phpmyadmin/phpmyadmin/pull/16004","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-23334","sourceIdentifier":"cve@mitre.org","published":"2023-01-30T16:15:08.797","lastModified":"2026-07-09T01:17:14.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Robot application in Ip-label Newtest before v8.5R0 was discovered to use weak signature checks on executed binaries, allowing attackers to have write access and escalate privileges via replacing NEWTESTREMOTEMANAGER.EXE."},{"lang":"es","value":"Se descubrió que la aplicación Robot en Ip-label Newtest anterior a v8.5R0 utiliza controles de firma débiles en archivos binarios ejecutados, lo que permite a los atacantes tener acceso de escritura y escalar privilegios reemplazando NEWTESTREMOTEMANAGER.EXE."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-28T15:41:45.276760Z","id":"CVE-2022-23334","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-347"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ip-label:newtest:*:*:*:*:*:*:*:*","versionEndExcluding":"8.5r0","matchCriteriaId":"A28C1DD1-723C-44C5-BC80-2FF9EB9D842B"}]}]}],"references":[{"url":"https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.on-x.com/wp-content/uploads/2023/01/ON-X-Security-Advisory-Ip-label-Ekara-Newtest-CVE-2022-23334.pdf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2022-44897","sourceIdentifier":"cve@mitre.org","published":"2023-01-31T01:15:12.013","lastModified":"2026-07-09T01:17:55.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the show_number parameter."},{"lang":"es","value":"Una vulnerabilidad de cross site scripting (XSS) en el componente ApolloTheme AP PageBuilder hasta la versión 2.4.4 permite a los atacantes ejecutar scripts web o HTML arbitrario a través de un payload manipulado inyectado en el parámetro show_number."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T15:10:30.466719Z","id":"CVE-2022-44897","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apollotheme:ap_pagebuilder:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"2.4.4","matchCriteriaId":"81E2246E-78E7-4798-8E26-B8B67DBD89ED"}]}]}],"references":[{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-44897/poc.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-44897/poc.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-31902","sourceIdentifier":"cve@mitre.org","published":"2023-02-01T02:15:07.747","lastModified":"2026-07-09T01:17:31.130","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T16:24:38.235290Z","id":"CVE-2022-31902","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:notepad-plus-plus:notepad\\+\\+:*:*:*:*:*:*:*:*","versionEndIncluding":"8.4.3","matchCriteriaId":"1D2EE7D9-1D00-4154-87F8-AD165E3033C7"}]}]}],"references":[{"url":"https://github.com/CDACesec/CVE-2022-31902","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/CDACesec/CVE-2022-31902","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47768","sourceIdentifier":"cve@mitre.org","published":"2023-02-01T02:15:07.810","lastModified":"2026-07-09T01:18:02.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Serenissima Informatica Fast Checkin 1.0 is vulnerable to Directory Traversal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T14:23:15.329067Z","id":"CVE-2022-47768","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:serinf:fast_checkin:1.0:*:*:*:*:*:*:*","matchCriteriaId":"043ABA12-227C-43FF-BF48-0E0C552FD10E"}]}]}],"references":[{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47769","sourceIdentifier":"cve@mitre.org","published":"2023-02-01T02:15:07.860","lastModified":"2026-07-09T01:18:02.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file write vulnerability in Serenissima Informatica Fast Checkin v1.0 allows unauthenticated attackers to upload malicious files in the web root of the application to gain access to the server via the web shell."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T16:09:04.281172Z","id":"CVE-2022-47769","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:serinf:fast_checkin:1.0:*:*:*:*:*:*:*","matchCriteriaId":"043ABA12-227C-43FF-BF48-0E0C552FD10E"}]}]}],"references":[{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47770","sourceIdentifier":"cve@mitre.org","published":"2023-02-01T02:15:07.917","lastModified":"2026-07-09T01:18:02.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Serenissima Informatica Fast Checkin version v1.0 is vulnerable to Unauthenticated SQL Injection."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T15:13:41.184224Z","id":"CVE-2022-47770","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:serinf:fast_checkin:1.0:*:*:*:*:*:*:*","matchCriteriaId":"043ABA12-227C-43FF-BF48-0E0C552FD10E"}]}]}],"references":[{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.swascan.com/it/security-advisory-serenissima-informatica-fastcheckin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47003","sourceIdentifier":"cve@mitre.org","published":"2023-02-01T14:15:08.927","lastModified":"2026-07-09T01:18:02.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T14:48:11.579974Z","id":"CVE-2022-47003","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:murasoftware:mura_cms:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.580","matchCriteriaId":"5A42BB27-5540-43F9-9E2A-A4DAB9912A9F"}]}]}],"references":[{"url":"https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html","source":"cve@mitre.org"},{"url":"https://www.masacms.com/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://www.murasoftware.com/mura-cms/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.masacms.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://www.murasoftware.com/mura-cms/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-46965","sourceIdentifier":"cve@mitre.org","published":"2023-02-02T12:15:09.133","lastModified":"2026-07-09T01:18:01.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PrestaShop module, totadministrativemandate before v1.7.1 was discovered to contain a SQL injection vulnerability."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-27T13:58:32.311366Z","id":"CVE-2022-46965","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:202-ecommerce:administrative_mandate:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"1.7.1","matchCriteriaId":"6D4A52C2-C822-4C3B-82D6-1D146D618223"}]}]}],"references":[{"url":"https://github.com/202ecommerce/security-advisories/security/advisories/GHSA-hg7m-23j3-rf56","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/202ecommerce/security-advisories/security/advisories/GHSA-hg7m-23j3-rf56","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36712","sourceIdentifier":"cve@mitre.org","published":"2023-02-03T18:15:11.520","lastModified":"2026-07-09T01:16:58.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-26T16:14:14.361156Z","id":"CVE-2021-36712","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yzmcms:yzmcms:6.1:*:*:*:*:*:*:*","matchCriteriaId":"1EF2293C-5A53-4F1D-B9FF-43A7E9ACE213"}]}]}],"references":[{"url":"https://github.com/linuka-deception/yzmcms6.1.git","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/linuka-deception/yzmcms6.1.git","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45588","sourceIdentifier":"cve@mitre.org","published":"2023-02-03T21:15:10.647","lastModified":"2026-07-09T01:18:00.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"All versions before R2022-09 of Talend's Remote Engine Gen 2 are potentially vulnerable to XML External Entity (XXE) type of attacks. Users should download the R2022-09 release or later and use it in place of the previous version. Talend Remote Engine Gen 1 and Talend Cloud Engine for Design are not impacted. This XXE vulnerability could only be exploited by someone with the appropriate rights to edit pipelines on the Talend platform. It could not be triggered remotely or by other user input."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-26T15:43:02.020729Z","id":"CVE-2022-45588","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:talend:remote_engine_gen_2:*:*:*:*:*:*:*:*","versionEndExcluding":"r2022-09","matchCriteriaId":"12BF8F8C-ED2C-4C2F-B3D3-1A5E8FD54A7C"}]}]}],"references":[{"url":"https://www.talend.com/security/incident-response/#CVE-2022-45588","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.talend.com/security/incident-response/#CVE-2022-45588","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-48085","sourceIdentifier":"cve@mitre.org","published":"2023-02-06T14:15:09.107","lastModified":"2026-07-09T01:18:03.280","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-26T19:29:06.268531Z","id":"CVE-2022-48085","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:softr:softr:2.0:*:*:*:*:*:*:*","matchCriteriaId":"1BB1FE94-CE8C-4312-B0C7-2525D1B0CD7E"}]}]}],"references":[{"url":"https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-contain-a-html-injection-vulnerability-via-the-work-space-name-d0152e1cff51","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://studio.softr.io/dashboard","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.softr.io/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://isaghojaria.medium.com/softr-v2-0-was-discovered-to-contain-a-html-injection-vulnerability-via-the-work-space-name-d0152e1cff51","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://studio.softr.io/dashboard","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.softr.io/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-45589","sourceIdentifier":"cve@mitre.org","published":"2023-02-06T21:15:09.530","lastModified":"2026-07-09T01:18:00.503","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version."},{"lang":"es","value":"Todas las versiones anteriores a 8.0.1-R2022-10-RT y 7.3.1-R2022-09-RT de Talend ESB Runtime son potencialmente vulnerables a ataques de inyección SQL únicamente en el servicio de aprovisionamiento. Los usuarios del servicio de aprovisionamiento deben actualizar a 8.0.1-R2022-10-RT o 7.3.1-R2022-09-RT o una versión posterior y utilizarla en lugar de la versión anterior."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-26T19:40:58.354416Z","id":"CVE-2022-45589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:talend:esb_runtime:*:*:*:*:*:*:*:*","versionEndExcluding":"7.3.1-r2022-09-rt","matchCriteriaId":"9065DA19-BC43-48B3-87E5-E5C074F4A29B"},{"vulnerable":true,"criteria":"cpe:2.3:a:talend:esb_runtime:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndExcluding":"8.0.1-r2022-10-rt","matchCriteriaId":"D99A0D68-6FF1-4299-9D06-2493636BC65F"}]}]}],"references":[{"url":"https://www.talend.com/security/incident-response/#CVE-2022-45588","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.talend.com/security/incident-response/#CVE-2022-45588","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2021-37491","sourceIdentifier":"cve@mitre.org","published":"2023-02-07T14:15:08.557","lastModified":"2026-07-09T01:16:59.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue discovered in src/wallet/wallet.cpp in Dogecoin Project Dogecoin Core 1.14.3 and earlier allows attackers to view sensitive information via CWallet::CreateTransaction() function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-25T17:42:01.638395Z","id":"CVE-2021-37491","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dogecoin:dogecoin:*:*:*:*:*:*:*:*","versionEndIncluding":"1.14.3","matchCriteriaId":"31BD7B9D-4B1F-4402-A7B2-C9121C00FDD1"}]}]}],"references":[{"url":"https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf","source":"cve@mitre.org","tags":["Exploit","Technical Description"]},{"url":"https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/dogecoin/dogecoin/issues/2279","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/VPRLab/BlkVulnReport/blob/main/NDSS23_BlockScope.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description"]},{"url":"https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/dogecoin/dogecoin/blob/master/src/wallet/wallet.cpp#L2628-L2640","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/dogecoin/dogecoin/issues/2279","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2021-37492","sourceIdentifier":"cve@mitre.org","published":"2023-02-07T21:15:09.117","lastModified":"2026-07-09T01:16:59.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue discovered in src/wallet/wallet.cpp in Ravencoin Core 4.3.2.1 and earlier allows attackers to view sensitive information via CWallet::CreateTransactionAll() function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-25T17:37:32.643342Z","id":"CVE-2021-37492","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ravencoin:ravencoin:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.2.1","matchCriteriaId":"A02DB346-9F84-4497-AC47-0B26D639AA00"}]}]}],"references":[{"url":"https://github.com/RavenProject/Ravencoin/blob/master/src/wallet/wallet.cpp#L3657-L3671","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/RavenProject/Ravencoin/issues/1086","source":"cve@mitre.org","tags":["Issue Tracking"]},{"url":"https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/RavenProject/Ravencoin/blob/master/src/wallet/wallet.cpp#L3657-L3671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/RavenProject/Ravencoin/issues/1086","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/bitcoin/bitcoin/commit/2fb9c1e6681370478e24a19172ed6d78d95d50d3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2022-45724","sourceIdentifier":"cve@mitre.org","published":"2023-02-13T14:15:10.237","lastModified":"2026-07-09T01:18:01.257","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSION_ID, and using this SESSION_ID an attacker can then perform authenticated requests."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-24T17:45:01.807770Z","id":"CVE-2022-45724","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:comfast:cf-wr610n_firmware:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"76BD8E72-6BEE-4182-BE5F-7B9E20788963"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:comfast:cf-wr610n:-:*:*:*:*:*:*:*","matchCriteriaId":"5D755A64-2312-49A5-9FED-6CD95E748910"}]}]}],"references":[{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45725","sourceIdentifier":"cve@mitre.org","published":"2023-02-13T14:15:10.670","lastModified":"2026-07-09T01:18:01.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to execute arbitrary code on the target via an HTTP POST request"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-24T17:38:57.926702Z","id":"CVE-2022-45725","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:comfast:cf-wr610n_firmware:2.3.1:*:*:*:*:*:*:*","matchCriteriaId":"76BD8E72-6BEE-4182-BE5F-7B9E20788963"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:comfast:cf-wr610n:-:*:*:*:*:*:*:*","matchCriteriaId":"5D755A64-2312-49A5-9FED-6CD95E748910"}]}]}],"references":[{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"http://sn0ox.com/research/2023/02/05/CVE-COMFAST-CF-WR610N.html","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24188","sourceIdentifier":"cve@mitre.org","published":"2023-02-13T20:15:10.897","lastModified":"2026-07-09T01:18:07.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted."},{"lang":"es","value":"Se descubrió que ureport v2.2.9 contiene una vulnerabilidad de Directory Traversal a través de la función de eliminación que permite eliminar archivos arbitrarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-21T18:07:10.874414Z","id":"CVE-2023-24188","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ureport_project:ureport:2.2.9:*:*:*:*:*:*:*","matchCriteriaId":"10CADB94-5E0B-48FD-8430-516DAF5FD34C"}]}]}],"references":[{"url":"https://github.com/Venus-WQLab/bug_report/blob/main/ureport/ureport-cve-2023-24188.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/youseries/ureport","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Venus-WQLab/bug_report/blob/main/ureport/ureport-cve-2023-24188.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/youseries/ureport","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-24187","sourceIdentifier":"cve@mitre.org","published":"2023-02-14T02:15:10.907","lastModified":"2026-07-09T01:18:07.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-20T19:15:13.047085Z","id":"CVE-2023-24187","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ureport_project:ureport:2.2.9:*:*:*:*:*:*:*","matchCriteriaId":"10CADB94-5E0B-48FD-8430-516DAF5FD34C"}]}]}],"references":[{"url":"https://github.com/Venus-WQLab/bug_report/blob/main/ureport/ureport-cve-2023-24187.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/cgddgc/vulns/blob/main/ureport2-vuln-des.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/youseries/ureport","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Venus-WQLab/bug_report/blob/main/ureport/ureport-cve-2023-24187.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/cgddgc/vulns/blob/main/ureport2-vuln-des.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/youseries/ureport","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-45701","sourceIdentifier":"cve@mitre.org","published":"2023-02-17T15:15:12.080","lastModified":"2026-07-09T01:18:01.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature."},{"lang":"es","value":"El firmware Arris TG2482A hasta 9.1.103GEM9 permite la ejecución remota de código (RCE) a través de la función de utilidad ping."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-18T16:06:12.541266Z","id":"CVE-2022-45701","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:commscope:arris_tg2482a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"9.1.103","matchCriteriaId":"58C9C258-9589-4BF9-80E8-6D183845AF85"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:commscope:arris_tg2482a:-:*:*:*:*:*:*:*","matchCriteriaId":"D0DA704D-2747-4D48-9B6A-579C461FF7AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:commscope:arris_tg2492_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"9.1.103","matchCriteriaId":"5A02B1F8-0CB4-4B30-9432-EE626C64BB3E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:commscope:arris_tg2492:-:*:*:*:*:*:*:*","matchCriteriaId":"41B98AA9-BBCE-4C31-8D63-9342DC7B5FFE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:commscope:arris_sbg10_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"9.1.103","matchCriteriaId":"12019A00-8468-4260-94CD-C38AAD30FF30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:commscope:arris_sbg10:-:*:*:*:*:*:*:*","matchCriteriaId":"FB95066F-1DFD-4ACA-9D18-4A5AD9155142"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/171001/Arris-Router-Firmware-9.1.103-Remote-Code-Execution.htmlhttps://github.com/yerodin/CVE-2022-45701","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/171001/Arris-Router-Firmware-9.1.103-Remote-Code-Execution.htmlhttps://github.com/yerodin/CVE-2022-45701","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-24080","sourceIdentifier":"cve@mitre.org","published":"2023-02-21T23:15:11.543","lastModified":"2026-07-09T01:18:04.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS) allows attackers to compromise user accounts via a bruteforce attack."},{"lang":"es","value":"La falta de rate limiting en el endpoint de restablecimiento de contraseña de Chamberlain myQ v5.222.0.32277 (en iOS) permite a los atacantes comprometer las cuentas de los usuarios mediante un ataque de fuerza bruta."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-14T18:39:45.686717Z","id":"CVE-2023-24080","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-307"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-307"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamberlain:myq:5.222.0.32277:*:*:*:*:iphone_os:*:*","matchCriteriaId":"E7B46EF7-6DFC-4DF7-BC1E-52D5882717D1"}]}]}],"references":[{"url":"http://web.archive.org/web/20230122144550/https://brackish.io/chamberlain-myq-account-takeover/","source":"cve@mitre.org"},{"url":"https://archive.ph/NH0Bk","source":"cve@mitre.org"},{"url":"http://web.archive.org/web/20230122144550/https://brackish.io/chamberlain-myq-account-takeover/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://archive.ph/NH0Bk","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-24317","sourceIdentifier":"cve@mitre.org","published":"2023-02-23T20:15:14.117","lastModified":"2026-07-09T01:18:08.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Judging Management System 1.0 was discovered to contain an arbitrary file upload vulnerability via the component edit_organizer.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-12T14:25:57.207651Z","id":"CVE-2023-24317","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:judging_management_system_project:judging_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"FAE693B0-3497-406C-AD53-36AC05735004"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/170205/Judging-Management-System-1.0-Shell-Upload.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/170205/Judging-Management-System-1.0-Shell-Upload.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2021-33224","sourceIdentifier":"cve@mitre.org","published":"2023-02-24T16:15:11.367","lastModified":"2026-07-09T01:16:54.173","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File upload vulnerability in Umbraco Forms v.8.7.0 allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file."},{"lang":"es","value":"Vulnerabilidad de carga de archivos en Umbraco Forms v.8.7.0 permite a atacantes no autenticados ejecutar código arbitrario a través de un archivo web.config y asp manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-12T13:55:39.606719Z","id":"CVE-2021-33224","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:umbraco:umbraco_forms:8.7.0:*:*:*:*:*:*:*","matchCriteriaId":"605EDEDF-3181-4666-9175-24881AA562F5"}]}]}],"references":[{"url":"https://our.umbraco.com/packages/developer-tools/umbraco-forms","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://our.umbraco.com/packages/developer-tools/umbraco-forms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2021-32302","sourceIdentifier":"cve@mitre.org","published":"2023-02-27T14:15:10.320","lastModified":"2026-07-09T01:16:53.827","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-11T17:34:44.811832Z","id":"CVE-2021-32302","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:irz:ruh2_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"826EF8C7-FD3B-419E-BFB9-F5845337C4D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:irz:ruh2:-:*:*:*:*:*:*:*","matchCriteriaId":"52977653-3BAC-4D90-B600-339B99B70252"}]}]}],"references":[{"url":"https://s4nsec.github.io/2023/02/20/RUH2-GSM-Router-XSS-vulnerabilities.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://s4nsec.github.io/2023/02/20/RUH2-GSM-Router-XSS-vulnerabilities.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45697","sourceIdentifier":"cve@mitre.org","published":"2023-02-27T15:15:11.593","lastModified":"2026-07-09T01:18:00.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-11T14:33:46.627211Z","id":"CVE-2022-45697","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:razer:razer_central:*:*:*:*:*:*:*:*","versionEndExcluding":"7.8.0.381","matchCriteriaId":"F4286E28-0726-4C1B-BEDB-8E6D98BE7343"}]}]}],"references":[{"url":"https://github.com/Wh04m1001/CVE","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Wh04m1001/CVE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45608","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T16:15:09.580","lastModified":"2026-07-09T01:18:00.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:50:25.692932Z","id":"CVE-2022-45608","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:thingsboard:thingsboard:3.4.1:*:*:*:*:*:*:*","matchCriteriaId":"7C2506E1-4D37-4556-8C9E-AE588E8BC72D"}]}]}],"references":[{"url":"https://wiki.wizard32.net/en/blog/access-control-vulnerability-ThingsBoard","source":"cve@mitre.org"},{"url":"https://wiki.wizard32.net/en/blog/access-control-vulnerability-ThingsBoard","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-24128","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:15.933","lastModified":"2026-07-09T01:18:06.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2 parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:45:50.721879Z","id":"CVE-2023-24128","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey2_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey2_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24129","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:16.370","lastModified":"2026-07-09T01:18:06.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4 parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:44:44.383514Z","id":"CVE-2023-24129","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey4_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey4_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24130","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:16.800","lastModified":"2026-07-09T01:18:06.993","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:43:54.623693Z","id":"CVE-2023-24130","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24131","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:17.253","lastModified":"2026-07-09T01:18:07.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:42:34.254767Z","id":"CVE-2023-24131","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey1_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey1_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24132","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:17.680","lastModified":"2026-07-09T01:18:07.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:41:14.824798Z","id":"CVE-2023-24132","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey3_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey3_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24133","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:18.113","lastModified":"2026-07-09T01:18:07.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:40:12.660373Z","id":"CVE-2023-24133","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24134","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T20:15:18.553","lastModified":"2026-07-09T01:18:07.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:39:09.651973Z","id":"CVE-2023-24134","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey3_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey3_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24117","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:10.723","lastModified":"2026-07-09T01:18:05.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T16:50:39.674062Z","id":"CVE-2023-24117","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepauth_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepauth_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24118","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:10.797","lastModified":"2026-07-09T01:18:05.210","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-10T16:29:11.694488Z","id":"CVE-2023-24118","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_security_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_security_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24119","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:10.863","lastModified":"2026-07-09T01:18:05.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T20:40:37.190727Z","id":"CVE-2023-24119","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24120","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:10.933","lastModified":"2026-07-09T01:18:05.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T20:40:04.632178Z","id":"CVE-2023-24120","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24121","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:10.997","lastModified":"2026-07-09T01:18:05.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T20:39:23.632492Z","id":"CVE-2023-24121","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_security_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_security_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24122","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.057","lastModified":"2026-07-09T01:18:05.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the ssid_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-10T15:42:05.106319Z","id":"CVE-2023-24122","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_ssid_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_ssid_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24123","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.117","lastModified":"2026-07-09T01:18:06.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-10T15:36:12.283121Z","id":"CVE-2023-24123","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepauth_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepauth_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24124","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.177","lastModified":"2026-07-09T01:18:06.160","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-10T15:34:24.941925Z","id":"CVE-2023-24124","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wrlEn_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24125","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.237","lastModified":"2026-07-09T01:18:06.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey2_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T20:38:36.460834Z","id":"CVE-2023-24125","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey2_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey2_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24126","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.290","lastModified":"2026-07-09T01:18:06.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T20:37:45.511689Z","id":"CVE-2023-24126","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey4_5g_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey4_5g_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24127","sourceIdentifier":"cve@mitre.org","published":"2023-03-01T21:15:11.347","lastModified":"2026-07-09T01:18:06.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:47:32.530000Z","id":"CVE-2023-24127","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:heimgardtechnologies:eagle_1200ac_firmware:15.03.06.33:*:*:*:*:*:*:*","matchCriteriaId":"07EC483C-D7CC-4A62-B2CC-FE8C3C5B0E00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:heimgardtechnologies:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"126ACF7C-A6C5-4A51-A87A-278B7036F5FD"}]}]}],"references":[{"url":"https://oxnan.com/posts/WifiBasic_wepkey1_DoS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/posts/WifiBasic_wepkey1_DoS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-46501","sourceIdentifier":"cve@mitre.org","published":"2023-03-02T21:15:10.337","lastModified":"2026-07-09T01:18:01.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Order function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:29:21.336144Z","id":"CVE-2022-46501","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:accruent:maintenance_connection:2021:*:*:*:*:*:*:*","matchCriteriaId":"A2AD18F8-9D92-44AC-B374-45CAE6ACA28A"},{"vulnerable":true,"criteria":"cpe:2.3:a:accruent:maintenance_connection:2022.2:*:*:*:*:*:*:*","matchCriteriaId":"677ED27E-219C-4146-AF06-87A38BFC0AEF"}]}]}],"references":[{"url":"https://maintenanceconnection.ca/zero-day-flaw-in-accruent-software/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://maintenanceconnection.ca/zero-day-flaw-in-accruent-software/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45551","sourceIdentifier":"cve@mitre.org","published":"2023-03-03T13:15:10.710","lastModified":"2026-07-09T01:17:59.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-18T15:56:19.180359Z","id":"CVE-2022-45551","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zbt:we1626_firmware:21.06.18:*:*:*:*:*:*:*","matchCriteriaId":"3A6DE712-828E-45E0-9173-E82C2E2A6BD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zbt:we1626:-:*:*:*:*:*:*:*","matchCriteriaId":"E06E113F-1380-485B-8739-2BDA9AF871ED"}]}]}],"references":[{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45552","sourceIdentifier":"cve@mitre.org","published":"2023-03-03T13:15:10.803","lastModified":"2026-07-09T01:18:00.097","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Insecure Permissions vulnerability in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to obtain sensitive information via SPI bus interface connected to pinout of the NAND flash memory."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:18:52.583881Z","id":"CVE-2022-45552","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zbt:we1626_firmware:21.06.18:*:*:*:*:*:*:*","matchCriteriaId":"3A6DE712-828E-45E0-9173-E82C2E2A6BD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zbt:we1626:-:*:*:*:*:*:*:*","matchCriteriaId":"E06E113F-1380-485B-8739-2BDA9AF871ED"}]}]}],"references":[{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45553","sourceIdentifier":"cve@mitre.org","published":"2023-03-03T13:15:10.867","lastModified":"2026-07-09T01:18:00.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue discovered in Shenzhen Zhibotong Electronics WBT WE1626 Router v 21.06.18 allows attacker to execute arbitrary commands via serial connection to the UART port."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-07T17:16:36.318079Z","id":"CVE-2022-45553","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zbt:we1626_firmware:21.06.18:*:*:*:*:*:*:*","matchCriteriaId":"3A6DE712-828E-45E0-9173-E82C2E2A6BD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zbt:we1626:-:*:*:*:*:*:*:*","matchCriteriaId":"E06E113F-1380-485B-8739-2BDA9AF871ED"}]}]}],"references":[{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-35377","sourceIdentifier":"cve@mitre.org","published":"2023-03-06T20:15:09.497","lastModified":"2026-07-09T01:16:56.353","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in VICIdial v2.14-610c and v.2.10-415c allows attackers execute arbitrary code via the /agc/vicidial.php, agc/vicidial-greay.php, and /vicidial/KHOMP_admin.php parameters."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-06T15:47:25.563990Z","id":"CVE-2021-35377","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vicidial:vicidial:2.9-401c:140612-1626:*:*:*:*:*:*","matchCriteriaId":"6BC258B2-56BC-4695-8014-D520DF82439B"},{"vulnerable":true,"criteria":"cpe:2.3:a:vicidial:vicidial:2.10-415c:140918-1606:*:*:*:*:*:*","matchCriteriaId":"4EDDE441-9864-4C0A-A342-8CBA5655C3D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:vicidial:vicidial:2.14-597c:191114-0949:*:*:*:*:*:*","matchCriteriaId":"F042CF37-57C4-44B8-8D0E-CDE3430F0CD4"},{"vulnerable":true,"criteria":"cpe:2.3:a:vicidial:vicidial:2.14-610c:200528-2239:*:*:*:*:*:*","matchCriteriaId":"0801E19A-9EB7-4CF5-9C0C-6012192353DE"}]}]}],"references":[{"url":"https://www.vicidial.org/VICIDIALforum/viewtopic.php?f=2&t=41634","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.vicidial.org/VICIDIALforum/viewtopic.php?f=2&t=41634","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-42248","sourceIdentifier":"cve@mitre.org","published":"2023-03-06T22:15:09.763","lastModified":"2026-07-09T01:17:50.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-06T17:05:10.108309Z","id":"CVE-2022-42248","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:qlik:qlikview:*:*:*:*:*:*:*:*","versionEndIncluding":"12.60","matchCriteriaId":"76AB73D5-12ED-4DB3-BD8A-096204B72C07"}]}]}],"references":[{"url":"https://github.com/Ozozuz/Qlik-View-Stored-XSS","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Ozozuz/Qlik-View-Stored-XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24282","sourceIdentifier":"cve@mitre.org","published":"2023-03-08T21:15:10.880","lastModified":"2026-07-09T01:18:08.087","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Poly Trio 8800 7.2.2.1094 allows attackers to execute arbitrary code via a crafted ringtone file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-05T19:01:37.929519Z","id":"CVE-2023-24282","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:poly:trio_8800_firmware:7.2.2.1094:*:*:*:*:*:*:*","matchCriteriaId":"09BAFCDB-6B03-4E0B-96BD-3F38589D7650"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:poly:trio_8800:-:*:*:*:*:*:*:*","matchCriteriaId":"39862A32-5AF6-41F9-9C25-9D68EB3784DC"}]}]}],"references":[{"url":"https://www.cryptnetix.com/blog/2023/01/19/Polycom-Trio-Vulnerability-Disclosure.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cryptnetix.com/blog/2023/01/19/Polycom-Trio-Vulnerability-Disclosure.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-48111","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T15:15:10.217","lastModified":"2026-07-09T01:18:03.457","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-27T19:09:13.253899Z","id":"CVE-2022-48111","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:siri-informatica:wi400:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0","versionEndIncluding":"11.0","matchCriteriaId":"68DFEBA0-F457-4E15-949E-79342C44ADF9"}]}]}],"references":[{"url":"https://devisions.github.io/blog/cve-2022-48111","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://labs.yarix.com/2023/02/siri-wi400-xss-on-login-page-cve-2022-48111/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://labs.yarix.com/advisories/CVE-2022-48111/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://devisions.github.io/blog/cve-2022-48111","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://labs.yarix.com/2023/02/siri-wi400-xss-on-login-page-cve-2022-48111/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://labs.yarix.com/advisories/CVE-2022-48111/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27161","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T16:15:11.277","lastModified":"2026-07-09T01:18:12.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-28T21:39:54.264536Z","id":"CVE-2023-27161","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:*","versionEndIncluding":"10.7.7","matchCriteriaId":"185BA153-EC02-4114-BE54-12D425BB6F75"}]}]}],"references":[{"url":"https://gist.github.com/b33t1e/5c067e0538a0b712dc3d59bd4b9a5952","source":"cve@mitre.org"},{"url":"https://github.com/jellyfin/jellyfin","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/yJ9lPk09a","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/5c067e0538a0b712dc3d59bd4b9a5952","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/jellyfin/jellyfin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/yJ9lPk09a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27164","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T16:15:11.343","lastModified":"2026-07-09T01:18:12.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Halo up to v1.6.1 allows attackers to execute arbitrary code via a crafted .md file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-28T16:49:15.148366Z","id":"CVE-2023-27164","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:halo:halo:*:*:*:*:*:*:*:*","versionEndIncluding":"1.6.1","matchCriteriaId":"E45B38FE-B839-42E1-A02A-635E6AC8F1D9"}]}]}],"references":[{"url":"https://gist.github.com/b33t1e/a1a0d81b1173d0d00de8f4e7958dd867","source":"cve@mitre.org"},{"url":"https://github.com/halo-dev/halo","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/s5oEvs-p5","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/a1a0d81b1173d0d00de8f4e7958dd867","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/halo-dev/halo","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/s5oEvs-p5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23326","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T22:15:10.277","lastModified":"2026-07-09T01:18:04.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Stored Cross-Site Scripting (XSS) vulnerability exists in AvantFAX 3.3.7. An authenticated low privilege user can inject arbitrary Javascript into their e-mail address which is executed when an administrator logs into AvantFAX to view the admin dashboard. This may result in stealing an administrator's session cookie and hijacking their session."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-27T18:52:10.704525Z","id":"CVE-2023-23326","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avantfax:avantfax:3.3.7:*:*:*:*:*:*:*","matchCriteriaId":"A93D621B-999D-4942-96F8-686531501233"}]}]}],"references":[{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23327","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T22:15:10.327","lastModified":"2026-07-09T01:18:04.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Information Disclosure vulnerability exists in AvantFAX 3.3.7. Backups of the AvantFAX sent/received faxes, and database backups are stored using the current date as the filename and hosted on the web server without access controls."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-05T16:49:21.262819Z","id":"CVE-2023-23327","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avantfax:avantfax:3.3.7:*:*:*:*:*:*:*","matchCriteriaId":"A93D621B-999D-4942-96F8-686531501233"}]}]}],"references":[{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23328","sourceIdentifier":"cve@mitre.org","published":"2023-03-10T22:15:10.377","lastModified":"2026-07-09T01:18:04.553","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A File Upload vulnerability exists in AvantFAX 3.3.7. An authenticated user can bypass PHP file type validation in FileUpload.php by uploading a specially crafted PHP file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-04T21:24:04.501643Z","id":"CVE-2023-23328","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avantfax:avantfax:3.3.7:*:*:*:*:*:*:*","matchCriteriaId":"A93D621B-999D-4942-96F8-686531501233"}]}]}],"references":[{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/superkojiman/vulnerabilities/blob/master/AvantFAX-3.3.7/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-26769","sourceIdentifier":"cve@mitre.org","published":"2023-03-16T15:15:10.343","lastModified":"2026-07-09T01:18:10.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-26T16:31:04.883408Z","id":"CVE-2023-26769","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liblouis:liblouis:3.24.0:*:*:*:*:*:*:*","matchCriteriaId":"6125AA43-2A33-4526-B355-32D42F306CD3"}]}]}],"references":[{"url":"https://github.com/liblouis/liblouis","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/liblouis/liblouis/pull/1300","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/liblouis/liblouis","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/liblouis/liblouis/pull/1300","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2023-27249","sourceIdentifier":"cve@mitre.org","published":"2023-03-23T02:15:12.733","lastModified":"2026-07-09T01:18:13.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"swfdump v0.9.2 was discovered to contain a heap buffer overflow in the function swf_GetPlaceObject at swfobject.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-25T20:22:48.907277Z","id":"CVE-2023-27249","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:swftools:swftools:0.9.2:*:*:*:*:*:*:*","matchCriteriaId":"B6149BA0-2082-45B7-9B43-CAC2F1768770"}]}]}],"references":[{"url":"https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/keepinggg/poc/tree/main/poc_of_swfdump","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/matthiaskramm/swftools","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/matthiaskramm/swftools/issues/197","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/keepinggg/poc/blob/main/poc_of_swfdump/poc","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/keepinggg/poc/tree/main/poc_of_swfdump","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/matthiaskramm/swftools","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/matthiaskramm/swftools/issues/197","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-45597","sourceIdentifier":"cve@mitre.org","published":"2023-03-24T23:15:06.710","lastModified":"2026-07-09T01:18:00.667","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"ComponentSpace.Saml2 4.4.0 Missing SSL Certificate Validation. NOTE: the vendor does not consider this a vulnerability because the report is only about use of certificates at the application layer (not the transport layer) and \"Certificates are exchanged in a controlled fashion between entities within a trust relationship. This is why self-signed certificates may be used and why validating certificates isn’t as important as doing so for the transport layer certificates.\""}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:componentspace:saml:4.4.0:*:*:*:*:asp.net:*:*","matchCriteriaId":"5C11A9C5-C71F-4856-9976-C68320B7D354"}]}]}],"references":[{"url":"https://www.componentspace.com/documentation/saml-for-asp-net-core/ComponentSpace%20SAML%20for%20ASP.NET%20Core%20Release%20Notes.pdf","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.componentspace.com/documentation/saml-for-asp-net-core/ComponentSpace%20SAML%20for%20ASP.NET%20Core%20Release%20Notes.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2022-41354","sourceIdentifier":"cve@mitre.org","published":"2023-03-27T14:15:07.557","lastModified":"2026-07-09T01:17:45.707","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in Argo CD v2.4.12 and below allows unauthenticated attackers to enumerate existing applications."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T18:46:13.512199Z","id":"CVE-2022-41354","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-203"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*","versionStartIncluding":"0.5.0","versionEndExcluding":"2.4.28","matchCriteriaId":"21D5448A-EB02-4357-9723-20F8EF1962E9"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*","versionStartIncluding":"2.5.0","versionEndExcluding":"2.5.16","matchCriteriaId":"9A532628-AB91-4EC1-9FCB-9172F5CECC0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.0","versionEndExcluding":"2.6.7","matchCriteriaId":"8B951D1A-7B21-43E5-B715-138F9F4DCA37"}]}]}],"references":[{"url":"https://github.com/argoproj/argo-cd/security/advisories/GHSA-2q5c-qw9c-fmvq","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/chunklhit/cve/blob/master/argo/argo-cd/application_enumeration.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/argoproj/argo-cd/security/advisories/GHSA-2q5c-qw9c-fmvq","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://github.com/chunklhit/cve/blob/master/argo/argo-cd/application_enumeration.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-24094","sourceIdentifier":"cve@mitre.org","published":"2023-03-27T14:15:07.897","lastModified":"2026-07-09T01:18:04.883","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the bridge2 component of MikroTik RouterOS v6.40.5 allows attackers to cause a Denial of Service (DoS) via crafted packets."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T18:46:48.826858Z","id":"CVE-2023-24094","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mikrotik:routeros:6.40.5:*:*:*:*:*:*:*","matchCriteriaId":"29AFF54C-9291-4ADF-9DD4-1F1FF4CD2166"}]}]}],"references":[{"url":"https://github.com/ZYen12138/RouterOS/blob/main/CVE-2023-24094.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ZYen12138/RouterOS/blob/main/CVE-2023-24094.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-25261","sourceIdentifier":"cve@mitre.org","published":"2023-03-27T21:15:11.053","lastModified":"2026-07-09T01:18:09.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Certain Stimulsoft GmbH products are affected by: Remote Code Execution. This affects Stimulsoft Designer (Desktop) 2023.1.4 and Stimulsoft Designer (Web) 2023.1.3 and Stimulsoft Viewer (Web) 2023.1.3. Access to the local file system is not prohibited in any way. Therefore, an attacker may include source code which reads or writes local directories and files. It is also possible for the attacker to prepare a report which has a variable that holds the gathered data and render it in the report."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T15:48:49.281579Z","id":"CVE-2023-25261","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1:*:*:*:desktop:*:*:*","matchCriteriaId":"58FBAE53-015C-46BB-AE66-7C02F71896E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.3:*:*:*:web:*:*:*","matchCriteriaId":"ED354002-625C-4A34-8D5B-B296E1E4C677"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.4:*:*:*:web:*:*:*","matchCriteriaId":"4481FACF-9808-45D8-A888-4625AE2CCB4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:viewer:2023.1.3:*:*:*:web:*:*:*","matchCriteriaId":"B02D0EFB-A5B6-4E46-9C6B-DBE13F75FA46"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:viewer:2023.1.4:*:*:*:web:*:*:*","matchCriteriaId":"CBE99606-BB02-418E-86B6-AD04AFC4DE67"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/Rskwb3jKXQQsJy2","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25261/writeup/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/Rskwb3jKXQQsJy2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25261/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-25263","sourceIdentifier":"cve@mitre.org","published":"2023-03-27T21:15:11.093","lastModified":"2026-07-09T01:18:09.720","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Stimulsoft Designer (Desktop) 2023.1.5, and 2023.1.4, once an attacker decompiles the Stimulsoft.report.dll the attacker is able to decrypt any connectionstring stored in .mrt files since a static secret is used. The secret does not differ between the tested versions and different operating systems."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T15:47:33.456572Z","id":"CVE-2023-25263","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.4:*:*:*:desktop:*:*:*","matchCriteriaId":"F9E87AC3-EDEA-405B-9837-E72E152AAD22"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.4:*:*:*:web:*:*:*","matchCriteriaId":"4481FACF-9808-45D8-A888-4625AE2CCB4E"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.5:*:*:*:desktop:*:*:*","matchCriteriaId":"51B83B01-2BE1-46B9-AE72-80A09FADD589"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.5:*:*:*:web:*:*:*","matchCriteriaId":"3171A392-E37D-4800-A358-56291DF7590B"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/Db8ZfNq2WYiNCHa","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25263/writeup/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/Db8ZfNq2WYiNCHa","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25263/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-25262","sourceIdentifier":"cve@mitre.org","published":"2023-03-28T01:15:10.523","lastModified":"2026-07-09T01:18:09.537","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stimulsoft GmbH Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Server Side Request Forgery (SSRF). TThe Reporting Designer (Web) offers the possibility to embed sources from external locations. If the user chooses an external location, the request to that resource is performed by the server rather than the client. Therefore, the server causes outbound traffic and potentially imports data. An attacker may also leverage this behaviour to exfiltrate data of machines on the internal network of the server hosting the Stimulsoft Reporting Designer (Web)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T18:34:39.165856Z","id":"CVE-2023-25262","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.3:*:*:*:web:*:*:*","matchCriteriaId":"ED354002-625C-4A34-8D5B-B296E1E4C677"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.4:*:*:*:web:*:*:*","matchCriteriaId":"4481FACF-9808-45D8-A888-4625AE2CCB4E"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/HjEksN86SfsMaJM","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25262/writeup/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/HjEksN86SfsMaJM","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25262/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-25260","sourceIdentifier":"cve@mitre.org","published":"2023-03-28T14:15:07.393","lastModified":"2026-07-09T01:18:08.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-19T18:35:52.759994Z","id":"CVE-2023-25260","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.3:*:*:*:web:*:*:*","matchCriteriaId":"ED354002-625C-4A34-8D5B-B296E1E4C677"},{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:designer:2023.1.4:*:*:*:web:*:*:*","matchCriteriaId":"4481FACF-9808-45D8-A888-4625AE2CCB4E"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/K9ZXWzEmftaxa3C","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25260/writeup/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/K9ZXWzEmftaxa3C","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://cves.at/posts/cve-2023-25260/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27167","sourceIdentifier":"cve@mitre.org","published":"2023-03-29T17:15:07.427","lastModified":"2026-07-09T01:18:13.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-23T13:30:20.750668Z","id":"CVE-2023-27167","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:supremainc:biostar_2:*:*:*:*:*:*:*:*","versionEndIncluding":"2.8.16","matchCriteriaId":"D463FA95-A29F-4EF2-9487-90BFC1C997D2"}]}]}],"references":[{"url":"https://biostar2.ciklum.net/api/users/absence?search_month=1","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://packetstormsecurity.com/files/171523/Suprema-BioStar-2-2.8.16-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://protey.net/threads/cve-2023-27167-suprema-biostar-2-v2-8-16-sql-injection.995/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/","source":"cve@mitre.org","tags":["Permissions Required"]},{"url":"https://biostar2.ciklum.net/api/users/absence?search_month=1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://packetstormsecurity.com/files/171523/Suprema-BioStar-2-2.8.16-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://protey.net/threads/cve-2023-27167-suprema-biostar-2-v2-8-16-sql-injection.995/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.linkedin.com/in/yuriy-tsarenko-a1453aa4/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2023-27159","sourceIdentifier":"cve@mitre.org","published":"2023-03-31T19:15:07.273","lastModified":"2026-07-09T01:18:12.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-18T15:08:46.423908Z","id":"CVE-2023-27159","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:appwrite:appwrite:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.1","matchCriteriaId":"30129B88-F271-4DED-8468-630A00F9EE3F"}]}]}],"references":[{"url":"https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/e9e8192317c111e7897e04d2f9bf5fdb","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/appwrite/appwrite","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/e9e8192317c111e7897e04d2f9bf5fdb","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/appwrite/appwrite","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27160","sourceIdentifier":"cve@mitre.org","published":"2023-03-31T19:15:07.320","lastModified":"2026-07-09T01:18:12.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"forem up to v2022.11.11 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /articles/{id}. This vulnerability allows attackers to access network resources and sensitive information via a crafted POST request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-18T16:10:36.298828Z","id":"CVE-2023-27160","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:forem:forem:*:*:*:*:*:*:*:*","versionEndIncluding":"2022.11.11","matchCriteriaId":"EA46A77A-A76F-42D8-B090-8EB1DD71B307"}]}]}],"references":[{"url":"https://gist.github.com/b33t1e/6172286862a4486b5888f3cbbdc6316d","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/forem/forem","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/MUUhEymt7","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/6172286862a4486b5888f3cbbdc6316d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/forem/forem","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/MUUhEymt7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/6172286862a4486b5888f3cbbdc6316d","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27162","sourceIdentifier":"cve@mitre.org","published":"2023-03-31T20:15:07.437","lastModified":"2026-07-09T01:18:12.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-18T16:08:27.683896Z","id":"CVE-2023-27162","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:*","versionEndIncluding":"6.4.0","matchCriteriaId":"772A8BE0-7521-4332-8624-D713FD9FA00F"}]}]}],"references":[{"url":"https://gist.github.com/b33t1e/6121210ebd9efd4f693c73b830d8ab08","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/OpenAPITools/openapi-generator","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/2_yki_2Xq","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/6121210ebd9efd4f693c73b830d8ab08","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/OpenAPITools/openapi-generator","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/2_yki_2Xq","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/b33t1e/6121210ebd9efd4f693c73b830d8ab08","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27163","sourceIdentifier":"cve@mitre.org","published":"2023-03-31T20:15:07.477","lastModified":"2026-07-09T01:18:12.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-18T16:06:01.149376Z","id":"CVE-2023-27163","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rbaskets:request_baskets:*:*:*:*:*:*:*:*","versionEndIncluding":"1.2.1","matchCriteriaId":"6F9A0E07-A103-4F6C-B7DF-DD0AF9049337"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/174128/Request-Baskets-1.2.1-Server-Side-Request-Forgery.html","source":"cve@mitre.org"},{"url":"http://packetstormsecurity.com/files/174129/Maltrail-0.53-Remote-Code-Execution.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/b33t1e/3079c10c88cad379fb166c389ce3b7b3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/darklynx/request-baskets","source":"cve@mitre.org","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/MUUhEymt7","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/174128/Request-Baskets-1.2.1-Server-Side-Request-Forgery.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://packetstormsecurity.com/files/174129/Maltrail-0.53-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://gist.github.com/b33t1e/3079c10c88cad379fb166c389ce3b7b3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/darklynx/request-baskets","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://notes.sjtu.edu.cn/s/MUUhEymt7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-29312","sourceIdentifier":"cve@mitre.org","published":"2023-04-04T15:15:08.457","lastModified":"2026-07-09T01:16:44.900","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"An issue found in Zend Framework v.3.1.3 and before allow a remote attacker to execute arbitrary code via the unserialize function. Note: This has been disputed by third parties as incomplete and incorrect. The framework does not have a version that surpasses 2.x.x and was deprecated in early 2020."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-14T17:26:52.717518Z","id":"CVE-2020-29312","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zend:zend_framework:*:*:*:*:*:*:*:*","versionEndIncluding":"3.1.3","matchCriteriaId":"EE98955F-D65E-4675-A060-942DD2CC6CC5"}]}]}],"references":[{"url":"https://cowtransfer.com/s/f9684f004d7149","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/zendframework/zendframework","source":"cve@mitre.org","tags":["Product"]},{"url":"https://cowtransfer.com/s/f9684f004d7149","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/zendframework/zendframework","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2021-28235","sourceIdentifier":"cve@mitre.org","published":"2023-04-04T15:15:08.507","lastModified":"2026-07-09T01:16:49.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-14T17:24:41.838121Z","id":"CVE-2021-28235","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:etcd:etcd:3.4.10:*:*:*:*:*:*:*","matchCriteriaId":"423FB650-0346-4036-B0CE-D07170756FA4"}]}]}],"references":[{"url":"https://github.com/etcd-io/etcd","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/etcd-io/etcd/pull/15648","source":"cve@mitre.org"},{"url":"https://github.com/lucyxss/etcd-3.4.10-test/blob/master/temp4cj.png","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/lucyxss/etcd-3.4.10-test/blob/master/temp4cj_2.png","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/etcd-io/etcd","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/etcd-io/etcd/pull/15648","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/lucyxss/etcd-3.4.10-test/blob/master/temp4cj.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/lucyxss/etcd-3.4.10-test/blob/master/temp4cj_2.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-22985","sourceIdentifier":"cve@mitre.org","published":"2023-04-06T15:15:08.960","lastModified":"2026-07-09T01:18:03.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcecodester Simple Guestbook Management System version 1 is vulnerable to Cross Site Scripting (XSS) via Name, Referrer, Location, and Comments."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-13T21:01:04.150170Z","id":"CVE-2023-22985","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:simple_guestbook_management_system_project:simple_guestbook_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"74D5405E-4BBD-44BF-887D-5C219D95194E"}]}]}],"references":[{"url":"https://medium.com/@ivirajjadhav/cve-2023-22985-8869852685b","source":"cve@mitre.org"},{"url":"https://medium.com/%40ivirajjadhav/cve-2023-22985-8869852685b","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-43309","sourceIdentifier":"cve@mitre.org","published":"2023-04-07T21:15:06.827","lastModified":"2026-07-09T01:17:51.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-11T20:07:47.456527Z","id":"CVE-2022-43309","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-cf_firmware:1.63:*:*:*:*:*:*:*","matchCriteriaId":"92FAD787-F684-4E78-81C8-A875781CDED9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-cf:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA01B7B-0A5F-48AC-811C-BB6EB4C78719"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dac_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E407BB0C-1905-4BEC-A850-CEC8BB4E845E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dac:-:*:*:*:*:*:*:*","matchCriteriaId":"D3600406-96B2-4E52-B5F9-9ABCED307EEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dai-n_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"076442C2-250C-42C7-BD1B-394B6029BDAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dai-n:-:*:*:*:*:*:*:*","matchCriteriaId":"0C5967E7-B9A7-4F23-B966-51F5C82B2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2B0E5DD2-F2BB-4C7E-945D-81A5F13019BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-l:-:*:*:*:*:*:*:*","matchCriteriaId":"94B75335-6871-4FA6-AC30-1C121C91195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-nt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1AC630DA-6D97-4C20-8397-23E1F1459F49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"3EFD3B3C-F46E-4B27-A16B-154DB9740ED4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgo-t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6F72C2F0-4F0A-4964-9C81-274CC87008E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgo-t:-:*:*:*:*:*:*:*","matchCriteriaId":"0093BCEF-E0F0-415B-8267-01B5D71F2E61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AE34E2B5-37BC-4EFD-BD16-CCB11909D215"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgq:-:*:*:*:*:*:*:*","matchCriteriaId":"D77FE66F-DB11-4B35-8A60-943FA5803F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-sn_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D5051FBA-73CB-4447-8D0C-4A5A94BDE00B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"05703141-3375-468F-8F03-AFF548E95A39"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-s_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2ACD3B12-681C-43F9-A5CD-86940B5237A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-s:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD78F27-1418-46B2-95D7-7A2DA82FFD88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-sn_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E311321E-C46F-458E-8684-92EA6E4E4C76"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"21FB236D-9777-4318-AE9D-3D565992E6BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-ot-cpu_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0DB159C1-AFFD-4E35-BD72-8947B56FDE03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-ot-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"1EFF8666-E52F-47ED-9330-11E36A75495C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-qt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A12CE603-052D-4F55-8ED3-8D34BB3F6B0B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"8E309A80-F6FE-434D-B3EB-4593F18367A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-sn_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EB89E88A-7138-4AA9-AEA3-DCCAB0301EDD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"2C31C72A-AEF5-4F28-9EF8-00A19A39E7AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"10CCD622-C392-436D-B33C-B10CBC8A8F8F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-i:-:*:*:*:*:*:*:*","matchCriteriaId":"F149C888-F3AF-49D4-BBBF-99ABC8E8CEDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B37968C2-9721-4757-9AB4-B70B25072C6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-t:-:*:*:*:*:*:*:*","matchCriteriaId":"9780452F-4264-4069-9378-FE7F01D7ED1E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-tq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EDDA7039-26CE-486B-BFF9-9D0A208E8059"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-tq:-:*:*:*:*:*:*:*","matchCriteriaId":"03E3CB77-7874-4B9B-B6D9-69D42304D6BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-n_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"29F82D26-88D7-46ED-815A-85F1C40D5273"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-n:-:*:*:*:*:*:*:*","matchCriteriaId":"8CEB1846-2BD2-4326-BD22-14DDD05BB7BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-nt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"763C69D9-387D-4A3F-8694-EC33FEF23EBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F5553A6E-4BCB-4EC1-B002-EDDDD313F4E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpl-i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3BD14BB0-69E6-4451-8DE6-56F692032DC6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF59606-20D1-4E68-AE55-DA3F7101654F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dps-re_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82E64017-EC96-4A56-8AEA-2FF644B8B751"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dps-re:-:*:*:*:*:*:*:*","matchCriteriaId":"ED8E7045-1721-4629-B92C-F35C0B074245"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"85ECADB4-C2D6-4928-B983-BABB0CD08DE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-b:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF7F546-1D85-4F99-9CFE-6F997402028D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-bh_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"266B61F9-725E-4946-BA4C-EF06D9D0E711"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-bh:-:*:*:*:*:*:*:*","matchCriteriaId":"5F00FAD5-FBDF-4239-9B1C-C012B5AC546A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E09487FF-EAD1-46C0-A626-C93D716BD0F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-l:-:*:*:*:*:*:*:*","matchCriteriaId":"4F14E33F-DCD7-49D4-B0F5-AF924A87CC53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-ps_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"04CBDE7C-7D37-4424-9EE1-B0E6EB6FE117"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"749EF1B5-F6A3-493F-B920-8033847BF037"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3E6E0194-12BE-4F30-8A7D-07AD210006B7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu:-:*:*:*:*:*:*:*","matchCriteriaId":"609DE3AA-044C-4B20-8A27-A507F4A11279"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-v_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D22927CA-014A-4EEA-83B1-4786BC71C111"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-v:-:*:*:*:*:*:*:*","matchCriteriaId":"E125C5B7-7BB6-47EB-93A5-CA15FC082198"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-x_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8A91F4AF-B850-4DAE-B711-3498496B7E7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-x:-:*:*:*:*:*:*:*","matchCriteriaId":"63DD44AF-8357-45F0-BA56-1A26130041F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-xll_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"820C834B-AD7F-47EF-9717-719A49A2472C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-xll:-:*:*:*:*:*:*:*","matchCriteriaId":"B3CB5CAA-C9D1-4508-BBE6-2546F6017715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-z\\+_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3E13A9D3-47DC-478F-9DF8-FF02DEBC9EC2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-z\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"4ED5B015-0DB1-4E55-8C22-6DCE0BCC00FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-ze\\+_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"618FA396-E4F6-4861-B69E-DB776485C26C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-ze\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"01852618-551E-4051-90E7-7A3386804A76"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpx-t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4334E22-9EA0-4727-BB5A-BD7D63328453"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpx-t:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB9F79B-70D5-4084-8DBF-E13CF76B77B7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc\\+_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2A8A19C1-2BAD-4693-BA94-A0E9ED4EAC83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6442E1D1-53D8-49F4-8D51-08CE45850A77"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsf-e_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EADA9C06-34F6-4F19-BEE7-533C34597864"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsf-e:-:*:*:*:*:*:*:*","matchCriteriaId":"BBDD9667-CE5C-487D-BC40-506D3722AD4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-ts_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D959BDC1-3E93-455C-927F-F1B0DE46E9D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-ts:-:*:*:*:*:*:*:*","matchCriteriaId":"EA8F01F8-FA29-4E46-858F-149F94C8DBD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-tsq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7FB6CFFD-D7CD-4208-A750-035DA22A8F0C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-tsq:-:*:*:*:*:*:*:*","matchCriteriaId":"DECCF4B6-A0FD-419E-A61B-7BC023555E7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2C14F1D8-94BA-46B7-AA86-657DE1F67BE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"27164AC7-6D07-4D0D-AE90-8FB4C2498E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qph\\+_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"20A40C83-A278-47C1-8AE2-5E772C08DC42"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qph\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"E534D7BB-B73D-45F8-AB1A-CDC55B05D237"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D8E6068C-E47A-41B5-B978-A84DD95EE312"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae:-:*:*:*:*:*:*:*","matchCriteriaId":"450DA6E7-7E1B-4E3F-916D-A04E8A64C9E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae_m_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C60E22BF-4E5C-4C05-863D-111AE5B6623E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae_m:-:*:*:*:*:*:*:*","matchCriteriaId":"53EE220D-2D20-4CE8-A1BE-5DB2DA5573EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B53B1B53-E3E2-4984-B9ED-63A759A0F74D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat:-:*:*:*:*:*:*:*","matchCriteriaId":"F3F363C3-ACFB-4A15-9076-1C03E92DB138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"67F06F62-6B10-4EB6-AB0A-880ED22DCAEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba:-:*:*:*:*:*:*:*","matchCriteriaId":"3193A03D-681C-4E22-8B48-D0DAF9DAECDC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"82955523-DA26-43B9-B34D-06DD00BF891B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca:-:*:*:*:*:*:*:*","matchCriteriaId":"C2521B38-3BB4-4B96-AF7C-6BF429F0FC9C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"973E0ECB-DC52-4998-B81C-E6CC248A6EEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"577067B9-0F45-4A40-A75F-C7FE9B2B8855"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5FD67236-0866-4DBA-BBAC-9E0607DEAAE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-w:-:*:*:*:*:*:*:*","matchCriteriaId":"683EB125-0F49-4199-9244-F17ECA6F6C4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scd-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C521AEA4-B414-4968-B269-D57812C03E36"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"C89CC49B-01DE-4888-B0E4-B311C0F3F789"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"17455FD7-004D-496A-A961-6A5C8E7EBA49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6E9B23E2-2E68-4E1D-A8B5-BAFB00DFB4BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D0D9766E-5971-4371-89FF-224C062C6EF7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"071A5B7E-6525-44DF-A612-DB63312AA3A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DAB1D4CD-A362-4EB3-A4D5-058C098E2127"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"D1528A2C-3983-4CF9-B365-7F307B93E466"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-if_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DF3F358B-6C7D-4C2A-922D-53160A7B1292"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"98595EB1-0B54-4E09-BAB1-4A37BCBB941A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5F9F8932-0D88-4C44-BC85-0E7400C7D2B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"586D8457-A684-4410-A48A-C5545F5B2003"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F9F4EE32-E05B-4117-BA19-B532F0ADB5A4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3B7B927B-1B10-41CC-8C8E-0DA456082C63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-ln8f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"AAD60C83-0539-4621-92FF-9A0F326978F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-ln8f:-:*:*:*:*:*:*:*","matchCriteriaId":"D0176160-C4E3-435E-8DDD-E992044C500B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scw-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BBC08CA3-E8F9-41D6-BF81-496E0C18D07A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8FB564A1-E87A-4CAD-A8E8-5A22B0165B61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-18c-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"33F9094B-A035-4ECF-B392-69C5A181F58D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-18c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E70CB-BF44-4DE8-BA2F-47283586FA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-8c-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5B221E2F-74A1-4A79-9FC4-69CA3A85D79E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-8c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"39BD8B01-9630-463C-870C-76EC7FE2D325"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-12c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F388865C-B598-4D4F-9E20-A5D91644C3E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-12c:-:*:*:*:*:*:*:*","matchCriteriaId":"B9B43F7A-EF17-498A-8AEA-F4E98547DCDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-16c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9605C4DE-AFF1-46AC-BD16-3D2D36DA890C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"83B921DB-EF3B-4E6C-B67A-6E57EF2CCB1C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-8c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0D2D5302-9976-4CC3-8631-5977E51AC172"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"25EA425D-7D25-44BA-A6E1-210349DC4AC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-t_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"EE60DED0-ED1D-43CD-88A4-E4C85E896F42"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-t:-:*:*:*:*:*:*:*","matchCriteriaId":"93841CE8-D876-44A3-A530-959CDB90FA7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9C62A158-58DC-4164-A5FB-2FEA73DCFEEB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"D6440101-3C85-427B-A930-014CCDA79CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spg-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0A906A40-E01B-4487-990E-1CABF9D549D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spg-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0D4C8250-1682-4360-828F-8E7EE072CE6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3352D78A-586D-4E36-918F-E17DF6EDD85A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctf:-:*:*:*:*:*:*:*","matchCriteriaId":"0DABCA06-C8F1-4A20-9F85-69B49B3C5095"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctpf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8531914A-4DFD-4003-8648-22666821E16A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctpf:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF784B2-347A-4A62-9CC3-6A01624D0F07"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spi-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CC2AB58A-F3B2-42A6-B357-A3C3573E4432"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"069F2E47-05DA-4676-9A11-B5059130720A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spl-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2DF12237-6F11-4AC5-8B7A-13A70BB2F143"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"372B1F73-010B-4E12-A643-336741265B23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2D8B2118-1ED3-4552-BCDC-01853EDB0439"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1023FE03-0D76-4F33-ADC3-4502BD8AAE79"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"1E454025-CFF8-41F7-8DD2-3538091777F7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"09E13FF0-04D4-41CD-97B8-1860028F8F8F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tpf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"91ED3551-35E2-47BF-870E-998EBF2DA159"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tpf:-:*:*:*:*:*:*:*","matchCriteriaId":"6D4232C6-8C0B-41B1-AF69-A4E584756777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-ctf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"FD1AABD8-F7F5-47D4-B2DA-E9F3624C7927"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"F0BEF4BD-0962-4DC0-9329-5C28DAE78B93"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"518D48AD-6152-4042-A7BF-5E686D019653"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0998B7F1-CD28-4E07-8BA0-53EEEE9A25CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E39203A1-A9AB-424D-84D3-0944B2A73A21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra:-:*:*:*:*:*:*:*","matchCriteriaId":"FD640185-AC03-4235-A8BF-F71473A3D21B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sri-if_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DE88660B-787A-4FD4-92E5-94C60E72C094"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sri-if:-:*:*:*:*:*:*:*","matchCriteriaId":"92C0DDA9-ED3B-4DC8-B19E-19B9283A2C12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srl-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BD05A35C-2775-485F-82D0-8E45141BC638"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"900E0C75-C843-4327-BAF2-F8077281D87E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F7158E54-6309-4193-988E-9820E3AA30AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm:-:*:*:*:*:*:*:*","matchCriteriaId":"990A3777-CC78-4E38-8319-6DA6FC52E9B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BDD44422-977F-41BC-8C0B-A4B7678BBADA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"161177BA-5C2B-47DF-B900-568D0665020A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-vf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"F21283C9-1820-410C-ABE5-FABF0C4AFC1E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-vf:-:*:*:*:*:*:*:*","matchCriteriaId":"FB7EC704-0887-4743-AD5B-F9CF6EEE4B29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssd-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0E246A45-5D10-4740-8672-68429A8DC1DC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7B72F70A-B33E-4382-81DA-3864C2E14D41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sse-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"29F5156E-62A8-45DE-8605-B12E133E742D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sse-f:-:*:*:*:*:*:*:*","matchCriteriaId":"FC57F4A1-10F8-4926-A446-D2B8F05B8008"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ctf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"36B2107F-B5B8-40BA-9994-1CB1732AA04B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"95CD6DEE-E000-42C2-825B-C29E3F7D725C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E3C4451E-3B66-4B05-88AC-04740FB2606B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E7BE07CB-DED5-4810-9D04-884478CA1532"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6A474EEE-93F0-4F26-A712-B256D1E8C0AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D6430B42-E04A-4CEF-8318-074536119201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"42EE0279-0AB5-449C-8E26-B0FD609EE2EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"184762F2-E3A2-46F7-AC09-00DED69C7A4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"71E391B2-22D1-47F6-BC51-025A5BAD9DD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D07E7DBE-010F-4F21-8B4D-18DE8BF59D9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585l_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A039B9F5-1E11-4196-A770-6B3419DD727A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"54CCEFD5-FE80-42A5-8ED1-BEE9BCAA21AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"59334027-FE3D-4938-AA9C-52F18E37FB5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"063C19C8-9A26-4457-A969-0172FA2E2BE4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"042A43D7-1EBB-4670-AF00-6EFA2A6C42CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FDF932E7-ABDF-4541-B032-D013D881A25D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssi-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0904FEB0-9628-44C9-934A-6E0F72857931"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssi-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"00A6A4DB-ED52-4DF1-809D-ADCA9F8324A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2809124C-7AC0-42C4-B864-5C6835F272A6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl:-:*:*:*:*:*:*:*","matchCriteriaId":"0DA4B4D9-59CF-43D3-ACBE-8091C257C8FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-cf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9CD969F5-C00F-4DF4-A996-2177D39D87BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-cf:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA01B7B-0A5F-48AC-811C-BB6EB4C78719"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D77715EA-9E60-4C71-94DC-35A84DA8464A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F59AC9E2-69C0-42EF-82D3-F304D4918E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-nf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6FA61F80-D065-4731-9430-AAB14039C7CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"84671D8E-00A2-4AC1-9B7E-9B7BB5188B3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A65A113C-DA3E-4337-B52D-EFDD904F97CD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm:-:*:*:*:*:*:*:*","matchCriteriaId":"E28641A6-F24E-493D-B57B-954DA91F47B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"8F994463-3ECD-476C-8075-7DD0DFBEB735"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1EC19D26-080D-4B5A-A41C-253D00036608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"072220C7-8F37-4350-BD72-0A193496BEDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn:-:*:*:*:*:*:*:*","matchCriteriaId":"826C77E1-C930-477F-8694-2677DA99EF82"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"45C73722-03FD-4CC9-A725-0483DB226A7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq:-:*:*:*:*:*:*:*","matchCriteriaId":"8573A582-A52A-4006-99F0-D42C3AE5B722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssql_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE6D073-D1B2-4D53-A1CB-4802D487A5AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssql:-:*:*:*:*:*:*:*","matchCriteriaId":"937610BE-A3FC-4BAD-A14A-44137929A404"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-lvds_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"BD90FCD6-CAE9-4B9F-A7A0-9703C88CA292"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7A7D90D9-531C-4904-BEB5-35CED4F4670A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-q_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"72D60D4D-83A0-47FD-B932-B4E0ABCF8E54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"90CB1E05-C42D-43F9-95F5-258C87A9A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-4tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"504996A6-A9B9-4A9B-9BFB-D3E270226B2D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-4tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6089DFBF-A190-4A4C-9DD8-1DA4D539A5F1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B66DA774-0A68-4708-BC59-D1944F239D8D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6CDDDC18-753F-496F-9953-5B91ED1CC0F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B6EBE4A3-B596-443B-B42B-924EE4F4B397"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"3A180D6C-1A5B-41E0-A4CA-99CD49CBF585"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"37DC46C1-EE6A-46FE-ABB7-0986EF376698"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"25DA80D6-C893-4B91-94ED-9FE4403DC6E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-tln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"53B1D7EE-A35E-4FF8-AC48-D9609B87531E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5C338781-88C1-476A-A3C9-2018016BF2EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dai-n6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"18792B7D-6443-4439-B45E-6F1AD591EC43"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dai-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"7CC667F4-B046-40FD-8F10-0BAD14B41430"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ddw-a6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0863279D-950B-433D-BD0F-DADA1712C77E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ddw-a6:-:*:*:*:*:*:*:*","matchCriteriaId":"2D56F5ED-B7B3-4B8D-83BC-0CB19BD8F66F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qt6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"655D9103-4791-4B00-9DFD-ADF711ACDCBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C83564AB-8D23-4352-AF0D-30B408F54DD8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-n6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"976F33B8-616D-45C9-AB82-9D5F5E0E657B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9FA07B5C-1194-42A4-AF6C-3C3B7F880477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-nt6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3B844CD6-3932-4C37-AE2A-DC1E6F45267E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9BDD13D-5287-4536-83C7-1ED806E8AD45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-i6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"88DA84FC-5C05-4D7F-9CBA-B6381A2CCAE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-i6:-:*:*:*:*:*:*:*","matchCriteriaId":"6606E793-BF7E-4148-83E3-2A6DF823AC50"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-nt6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF548D8-50F1-4962-9456-5834F515F70D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"80675EA0-674B-4BDF-B502-FAA90B4E07B1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spa-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"CD26763B-A200-4A0D-BBEA-6459CBC0366D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C4ECEAB2-4D8A-447B-A622-E8E3282C1651"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spi-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D2F880DA-6980-45F9-9864-7F4495F4E34D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"CA46A96E-0E1C-4AD0-A7BE-06A65C4DD75E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"B2097393-D8F8-4662-9B42-39D71733EEBA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"15FE00C9-77B3-43B4-A548-9C4F0FA83ABD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E5B3A495-8897-498F-AFD3-850E2269041C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"D01A53FA-F307-4B49-B803-DD7E3498BD00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"96E73554-3177-4FAB-BE38-45CEA97ED3A2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DEB567A1-A336-4B2E-8B35-0EE3F5B37ECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln6tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"47BA0F08-3BE7-4251-B66A-F822E31B9F9B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln6tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9766735D-CC06-446C-A6C9-C4A5671EA356"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"A6F4357C-B0F8-4276-B828-3493B24AA416"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"AF8F8046-D474-4A41-AC0C-93C43BAFDCA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"693008B2-2D84-41A9-BD69-BAD0F7A65D94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-f:-:*:*:*:*:*:*:*","matchCriteriaId":"9D374750-F0F1-4F04-B127-7497DE767B19"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-ntf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"50BE6C80-12FB-411C-ADA8-06DE38EAF36E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-ntf:-:*:*:*:*:*:*:*","matchCriteriaId":"77BFF598-DB0F-4696-9787-2216817F9DC5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C5D242E6-0AB6-4A0C-9B9D-EAF3578236AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"53FA6DCE-6515-46FF-A347-B6C429003DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-tf_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"93BF9360-4926-4C1E-BFAE-E64994697814"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"887FC02D-8065-44C9-A3B2-1FEEAF3EF56C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-ln4f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E305B992-9B2D-4EA4-B61C-CC66FF876E2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C067EC2-DA00-4D87-8903-C99E7058710D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-spln6f_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"252E0CF6-B9B4-4B87-8A29-5BA66E2D4C7A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-spln6f:-:*:*:*:*:*:*:*","matchCriteriaId":"A450B280-D321-41D7-8B9D-B8F3C8B3B786"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-anp6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7E0554EE-CF4B-4296-883A-4D42FB94AAFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-anp6:-:*:*:*:*:*:*:*","matchCriteriaId":"1558880B-8A49-4212-AEA9-A525FB454E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-in_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"DB79918C-D8D7-450A-8CB0-D4FDCF5D9328"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-in:-:*:*:*:*:*:*:*","matchCriteriaId":"FED457FD-AB0F-4829-9C4F-C00F9127E293"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-nt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7DDFB1EB-4245-4ABA-ABF8-A38F26B2F198"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"A63737C8-F51D-48B9-A926-161175424379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inl_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"2749046A-9FF5-43CC-B743-8D2896BF6CD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inl:-:*:*:*:*:*:*:*","matchCriteriaId":"30940045-B6F5-4AB8-A761-234A9049D48D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntl_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6D2D4D52-1107-47D4-A8D7-859F6FD680B2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntl:-:*:*:*:*:*:*:*","matchCriteriaId":"7B3555A1-5FFB-416D-ACDE-1458E655EE5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12sst-ps_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3AEEC5BE-5B6B-4503-A429-560256F85629"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12sst-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AF330665-9B9B-4B0C-92C8-427D4B7A77AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-i_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"75131D3F-82E3-4499-A034-1D0D8466B49B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0B9CEA83-ADAF-4659-88E9-D0056EB699BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-c_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7974195D-DE5A-4938-B52A-8DEF7649BAA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-c:-:*:*:*:*:*:*:*","matchCriteriaId":"5C78D0B4-958A-4874-8540-9C622BEC5444"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-ct_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4FF7C4F-0A26-474C-AA94-DFE1F42E4A17"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-ct:-:*:*:*:*:*:*:*","matchCriteriaId":"50943BA5-0DAC-4246-9287-CA9DD9D05F9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-nt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"3013455C-433E-46E6-BC81-66D73198C79A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"7D1F99BB-1F02-4CA1-8C5A-A69F4674D4B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inr_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"50CA0606-D48A-46F4-B36A-57FD84C7AEB3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C80067D5-61BA-48ED-B17C-5EAB04AB0CB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntr_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"688C2DAF-9769-4C77-ADF8-B4C0EA20B68E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntr:-:*:*:*:*:*:*:*","matchCriteriaId":"34E1FE8C-4916-4BCB-BE13-FFFFD1EFC611"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssff-an6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"02516AB3-06C4-48E6-88B4-8BDA776EA2FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssff-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"8CDF0E3C-8205-4179-B0BC-CDC00BE5C3D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-in_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"5A80E297-F7CC-4ABF-BE90-C87BCA2F5770"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-in:-:*:*:*:*:*:*:*","matchCriteriaId":"F019FB2C-63BC-417A-81E1-E852C052007C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dst-b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D2DC040F-0C97-45BC-B305-943708189A00"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dst-b:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF3E668-0CF8-404E-8A08-EB2CCB1D2489"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-inr_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"232738E3-4EA9-429A-B850-FCF9D0ED0BAC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C2DB5BC9-8633-4148-9EF9-D9564B184722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgo-6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"C4E07BF7-F09B-4F63-9A79-B7099A18B40B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"6BE72168-E2BE-4E5D-99A3-E5874FB027E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-o-cpu_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7A6FB3FC-1919-4809-A5BD-93243A3DC4C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"55A8A11C-8FE3-4789-A517-F1E14FC2710B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-n6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"22635F92-BBD8-434F-8F10-B28DB044D2F7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9892D863-F361-4511-BB61-61398CB8360F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-nt6_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"D96E559C-2961-4116-A630-A92EAFFEE169"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9E11E3D-B003-489B-BCF2-76CEB30EB6E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h11dsi_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"ABAA174D-C9DC-4D78-A675-12D2DCE710BF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h11dsi:-:*:*:*:*:*:*:*","matchCriteriaId":"6D354727-0DAD-44A2-BD94-22497AA3E5AF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h11dsi-nt_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"6988C2ED-633D-485E-AC9D-7B03C8898D34"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h11dsi-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"57D3378C-1A25-4CF6-84C3-3563610E20C7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h11dst-b_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"9E1602EC-6574-4B55-83C7-5658A51269F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h11dst-b:-:*:*:*:*:*:*:*","matchCriteriaId":"6421550C-56C4-4B8E-9C7B-B2FD9CCF1D41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h11dsu-in_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"01158A08-A966-4126-9E87-E1E570BA8146"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h11dsu-in:-:*:*:*:*:*:*:*","matchCriteriaId":"1782340A-9E27-4356-B41D-F1379AB33C42"}]}]}],"references":[{"url":"https://www.supermicro.com/en/support/security_VRM_Jan_2023","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.supermicro.com/en/support/security_VRM_Jan_2023","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-24721","sourceIdentifier":"cve@mitre.org","published":"2023-04-10T22:15:09.283","lastModified":"2026-07-09T01:18:08.650","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary web scripts or HTML."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-11T15:52:03.439336Z","id":"CVE-2023-24721","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liveaction:livesp:21.1.2:*:*:*:*:*:*:*","matchCriteriaId":"B57F8965-C04C-4C43-A7E9-BD77911CEF3C"}]}]}],"references":[{"url":"https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-24721/CVE-2023-24721.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-24721/CVE-2023-24721.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27775","sourceIdentifier":"cve@mitre.org","published":"2023-04-12T14:15:07.903","lastModified":"2026-07-09T01:18:14.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored HTML injection vulnerability in LiveAction LiveSP v21.1.2 allows attackers to execute arbitrary code via a crafted payload."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-08T02:43:42.303085Z","id":"CVE-2023-27775","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:liveaction:livesp:*:*:*:*:*:*:*:*","versionEndIncluding":"21.1.2","matchCriteriaId":"2BDE547B-9124-40C2-8E60-2B186FB98047"}]}]}],"references":[{"url":"https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-27775/CVE-2023-27775.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/marcovntr/CVE/blob/main/2023/CVE-2023-27775/CVE-2023-27775.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27216","sourceIdentifier":"cve@mitre.org","published":"2023-04-12T17:15:07.607","lastModified":"2026-07-09T01:18:13.257","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in D-Link DSL-3782 v.1.03 allows remote authenticated users to execute arbitrary code as root via the network settings page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-10T16:00:49.203130Z","id":"CVE-2023-27216","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dsl-3782_firmware:1.03:*:*:*:*:*:*:*","matchCriteriaId":"E9622A9C-030F-4F56-B6BF-3DE54EE0E33C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dsl-3782:-:*:*:*:*:*:*:*","matchCriteriaId":"7F8D1900-34CB-45D3-8DF3-503E10B75E5B"}]}]}],"references":[{"url":"https://lessonsec.com/cve/cve-2023-27216/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://lessonsec.com/cve/cve-2023-27216/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-27812","sourceIdentifier":"cve@mitre.org","published":"2023-04-13T14:15:08.277","lastModified":"2026-07-09T01:18:14.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"bloofox v0.5.2 was discovered to contain an arbitrary file deletion vulnerability via the delete_file() function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bloofox:bloofoxcms:0.5.2:*:*:*:*:*:*:*","matchCriteriaId":"50AFAD87-F6BD-4415-A89B-9B7D175DACDB"}]}]}],"references":[{"url":"https://github.com/jspring996","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/jspring996/PHPcodecms/issues/1","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.bloofox.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/jspring996","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/jspring996/PHPcodecms/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.bloofox.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-27779","sourceIdentifier":"cve@mitre.org","published":"2023-04-13T17:15:16.570","lastModified":"2026-07-09T01:18:14.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"AM Presencia v3.7.3 was discovered to contain a SQL injection vulnerability via the user parameter in the login form."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-07T16:24:34.080082Z","id":"CVE-2023-27779","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:amsystem:am_presencia:3.7.3:*:*:*:*:*:*:*","matchCriteriaId":"77E530D1-7184-4AD9-A36F-48841C4E298F"}]}]}],"references":[{"url":"https://amsystem.es/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://docs.google.com/document/d/1kGzmc6AOCfRzJf9mDz4emkhQj84Y1XemmAMZjYK32-o/edit?usp=sharing","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://portalempleado.alosuite.com/home","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://amsystem.es/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://docs.google.com/document/d/1kGzmc6AOCfRzJf9mDz4emkhQj84Y1XemmAMZjYK32-o/edit?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://portalempleado.alosuite.com/home","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2023-27667","sourceIdentifier":"cve@mitre.org","published":"2023-04-13T20:15:15.620","lastModified":"2026-07-09T01:18:14.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Auto Dealer Management System v1.0 was discovered to contain a SQL injection vulnerability."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-07T16:15:15.699372Z","id":"CVE-2023-27667","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:auto_dealer_management_system_project:auto_dealer_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3EE7F9BB-FEDE-4E66-B32B-AA76D90D9809"}]}]}],"references":[{"url":"https://gist.github.com/Flower-fertilizer/9c615b0fe5f9589b0d41be1ece7cb28f","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-free-source-code.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/Flower-fertilizer/9c615b0fe5f9589b0d41be1ece7cb28f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-27666","sourceIdentifier":"cve@mitre.org","published":"2023-04-14T12:15:07.733","lastModified":"2026-07-09T01:18:13.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-10T15:23:41.556763Z","id":"CVE-2023-27666","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:auto_dealer_management_system_project:auto_dealer_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"3EE7F9BB-FEDE-4E66-B32B-AA76D90D9809"}]}]}],"references":[{"url":"https://gist.github.com/Flower-fertilizer/a1fb260c02353906f2d2808656dd1559","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-free-source-code.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/Flower-fertilizer/a1fb260c02353906f2d2808656dd1559","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-46640","sourceIdentifier":"cve@mitre.org","published":"2023-04-18T13:15:09.193","lastModified":"2026-07-09T01:18:01.707","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability which is exploited via a crafted HTTP request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-06T15:15:15.474339Z","id":"CVE-2022-46640","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nanoleaf:nanoleaf_desktop:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.1","matchCriteriaId":"6D0AAE5F-9B73-487F-B355-E6D0C9852FBE"}]}]}],"references":[{"url":"https://pwning.tech/cve-2022-46640/","source":"cve@mitre.org"},{"url":"https://pwning.tech/cve-2022-46640/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://pwning.tech/cve-2022-46640/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2023-26735","sourceIdentifier":"cve@mitre.org","published":"2023-04-26T00:15:09.227","lastModified":"2026-07-09T01:18:10.233","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-04T15:12:41.565468Z","id":"CVE-2023-26735","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:prometheus:blackbox_exporter:0.23.0:*:*:*:*:*:*:*","matchCriteriaId":"DF41B4A7-0D76-435B-BD57-3CC09A4900C0"}]}]}],"references":[{"url":"https://github.com/prometheus/blackbox_exporter#tls-and-basic-authentication","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1024","source":"cve@mitre.org","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1025","source":"cve@mitre.org","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1026","source":"cve@mitre.org","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter#tls-and-basic-authentication","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1024","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1025","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter/issues/1026","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking"]},{"url":"https://github.com/prometheus/blackbox_exporter#tls-and-basic-authentication","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-30404","sourceIdentifier":"cve@mitre.org","published":"2023-04-26T00:15:09.387","lastModified":"2026-07-09T01:18:17.890","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Aigital Wireless-N Repeater Mini_Router v0.131229 was discovered to contain a remote code execution (RCE) vulnerability via the sysCmd parameter in the formSysCmd function. This vulnerability is exploited via a crafted HTTP request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-03T17:22:31.384858Z","id":"CVE-2023-30404","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:aigital:wireless-n_repeater_mini_router_firmware:0.131229:*:*:*:*:*:*:*","matchCriteriaId":"98062FCB-6507-4EDF-8445-6331EB735BBC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:aigital:wireless-n_repeater_mini_router:-:*:*:*:*:*:*:*","matchCriteriaId":"80F57200-B5E5-482B-908F-B715109893B1"}]}]}],"references":[{"url":"https://mandomat.github.io/2023-04-13-testing-a-cheap-wifi-repeater/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://mandomat.github.io/2023-04-13-testing-a-cheap-wifi-repeater/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-27978","sourceIdentifier":"cve@mitre.org","published":"2023-04-26T16:15:09.260","lastModified":"2026-07-09T01:17:24.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tooljet v1.6 does not properly handle missing values in the API, allowing attackers to arbitrarily reset passwords via a crafted HTTP request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-03T18:36:48.991474Z","id":"CVE-2022-27978","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-755"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tooljet:tooljet:1.6:*:*:*:*:*:*:*","matchCriteriaId":"045EAA93-CC71-4B4B-BE27-6BA4E52D9DAB"}]}]}],"references":[{"url":"https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220320-tooljet.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220320-tooljet.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2022-27979","sourceIdentifier":"cve@mitre.org","published":"2023-04-26T16:15:09.453","lastModified":"2026-07-09T01:17:24.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in ToolJet v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comment Body component."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-02-03T17:49:54.663371Z","id":"CVE-2022-27979","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tooljet:tooljet:1.6.0:*:*:*:*:*:*:*","matchCriteriaId":"A8C10A90-E547-4A76-A32E-7A73010BD212"}]}]}],"references":[{"url":"https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220321-tooljet-xss.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/fourcube/security-advisories/blob/main/security-advisories/20220321-tooljet-xss.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-25292","sourceIdentifier":"cve@mitre.org","published":"2023-04-27T01:15:08.283","lastModified":"2026-07-09T01:18:09.863","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Reflected Cross Site Scripting (XSS) in Intermesh BV Group-Office version 6.6.145, allows attackers to gain escalated privileges and gain sensitive information via the GO_LANGUAGE cookie."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-31T19:06:41.682893Z","id":"CVE-2023-25292","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:group-office:group_office:6.6.145:*:*:*:*:*:*:*","matchCriteriaId":"A0AF3C8D-6B49-4999-B2AA-5918CEC3ADC3"}]}]}],"references":[{"url":"https://github.com/brainkok/CVE-2023-25292","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/brainkok/CVE-2023-25292","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47758","sourceIdentifier":"cve@mitre.org","published":"2023-04-27T02:15:08.973","lastModified":"2026-07-09T01:18:02.207","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nanoleaf firmware v7.1.1 and below is missing TLS verification, allowing attackers to execute arbitrary code via a DNS hijacking attack."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-31T19:08:41.656968Z","id":"CVE-2022-47758","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:nanoleaf:nanoleaf_firmware:7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"C5D0C6B9-CFEC-4B1B-9857-2CD9B648FB69"}]}]}],"references":[{"url":"https://pwning.tech/cve-2022-47758","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://pwning.tech/cve-2022-47758/","source":"cve@mitre.org"},{"url":"https://pwning.tech/cve-2022-47758","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://pwning.tech/cve-2022-47758/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2022-38583","sourceIdentifier":"cve@mitre.org","published":"2023-04-28T13:15:13.313","lastModified":"2026-07-09T01:17:40.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"On versions of Sage 300 2017 - 2022 (6.4.x - 6.9.x) which are setup in a \"Windows Peer-to-Peer Network\" or \"Client Server Network\" configuration, a low-privileged Sage 300 workstation user could abuse their access to the \"SharedData\" folder on the connected Sage 300 server to view and/or modify the credentials associated with Sage 300 users and SQL accounts to impersonate users and/or access the SQL database as a system administrator. With system administrator-level access to the Sage 300 MS SQL database it would be possible to create, update, and delete all records associated with the program and, depending on the configuration, execute code on the underlying database server."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-31T17:54:37.839155Z","id":"CVE-2022-38583","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sage:sage_300:*:*:*:*:*:*:*:*","versionStartIncluding":"2017","versionEndIncluding":"2022","matchCriteriaId":"A29C9EFF-0209-4D1D-97EA-22B0DE2BF56B"}]}]}],"references":[{"url":"https://www.controlgap.com/blog/sage-300-case-study","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.controlgap.com/blog/sage-300-case-study","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2373","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T14:15:10.977","lastModified":"2026-07-09T15:16:27.217","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A vulnerability was identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This vulnerability affects unknown code of the component Web Management Interface. Such manipulation of the argument ecn-up leads to command injection. The attack may be performed from remote. The exploit is publicly available and might be used. The actual existence of this vulnerability is currently in question. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-30T17:10:08.357924Z","id":"CVE-2023-2373","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"1D3FE42C-7A01-420B-BD79-60992B4DC90F"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"DD084B6E-95B1-43EC-B44D-067F84857006"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1:*:*:*:*:*:*","matchCriteriaId":"C0CE2156-E44D-4137-B823-E29E9B504090"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"D674905D-1E0B-428D-826A-CB75E5E0313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"ACD593F1-F9C4-40F1-AE07-82015E69429F"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"643B67AA-ED41-4716-8449-E010B44F1900"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"ADEBD144-84BF-4A6C-B18F-4DBC6261D0D1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"},{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/5","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2373","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114074","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227649","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227649/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227649","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://vuldb.com/?id.227649","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2374","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T15:15:10.847","lastModified":"2026-07-09T15:16:27.517","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This issue affects some unknown processing of the component Web Management Interface. Performing a manipulation of the argument ecn-down results in command injection. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks. The existence of this vulnerability is still disputed at present. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"9DB3EE14-A555-4DCA-9C16-F3D72489F10C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"2844D28C-FAD9-498A-93FF-7A4A217210A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"FF7E7155-EFDC-42E0-A851-8FD2C58A2076"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"93A4BC03-E96D-42A9-9034-7017DA6EA389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"906F4A72-7C6D-45FD-875F-2D2791CE9F4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"B919E33F-AC70-432C-A3F8-29FDFC710BB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"101616F2-CA1A-4BF0-9025-F20EDA26F235"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"47ABA9C8-67E4-4DE2-822A-3E17639F745E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2374","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114075","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227650","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227650/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227650","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://vuldb.com/?id.227650","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2375","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T15:15:10.903","lastModified":"2026-07-09T15:16:27.760","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A weakness has been identified in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. Impacted is an unknown function of the component Web Management Interface. Executing a manipulation of the argument src can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks. The presence of this vulnerability remains uncertain at this time. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"9DB3EE14-A555-4DCA-9C16-F3D72489F10C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"2844D28C-FAD9-498A-93FF-7A4A217210A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"FF7E7155-EFDC-42E0-A851-8FD2C58A2076"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"93A4BC03-E96D-42A9-9034-7017DA6EA389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"906F4A72-7C6D-45FD-875F-2D2791CE9F4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"B919E33F-AC70-432C-A3F8-29FDFC710BB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"F4191452-071A-4BF1-B312-C4F9C28A5205"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"101616F2-CA1A-4BF0-9025-F20EDA26F235"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"47ABA9C8-67E4-4DE2-822A-3E17639F745E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2375","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114077","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227651","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227651/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227651","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://vuldb.com/?id.227651","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2376","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T16:15:09.933","lastModified":"2026-07-09T15:16:27.983","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The affected element is an unknown function of the component Web Management Interface. The manipulation of the argument dpi leads to command injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. There are still doubts about whether this vulnerability truly exists. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"9DB3EE14-A555-4DCA-9C16-F3D72489F10C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"2844D28C-FAD9-498A-93FF-7A4A217210A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"FF7E7155-EFDC-42E0-A851-8FD2C58A2076"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"93A4BC03-E96D-42A9-9034-7017DA6EA389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"906F4A72-7C6D-45FD-875F-2D2791CE9F4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"B919E33F-AC70-432C-A3F8-29FDFC710BB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"F4191452-071A-4BF1-B312-C4F9C28A5205"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"101616F2-CA1A-4BF0-9025-F20EDA26F235"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"47ABA9C8-67E4-4DE2-822A-3E17639F745E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2376","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114078","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227652","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227652/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227652","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?id.227652","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2377","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T16:15:10.003","lastModified":"2026-07-09T15:16:28.213","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A vulnerability was detected in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. The impacted element is an unknown function of the component Web Management Interface. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit is now public and may be used. There is ongoing doubt regarding the real existence of this vulnerability. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"9DB3EE14-A555-4DCA-9C16-F3D72489F10C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"2844D28C-FAD9-498A-93FF-7A4A217210A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"93A4BC03-E96D-42A9-9034-7017DA6EA389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"906F4A72-7C6D-45FD-875F-2D2791CE9F4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"B919E33F-AC70-432C-A3F8-29FDFC710BB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"F4191452-071A-4BF1-B312-C4F9C28A5205"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"101616F2-CA1A-4BF0-9025-F20EDA26F235"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"47ABA9C8-67E4-4DE2-822A-3E17639F745E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2377","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114081","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227653","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227653/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227653","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?id.227653","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-2378","sourceIdentifier":"cna@vuldb.com","published":"2023-04-28T16:15:10.063","lastModified":"2026-07-09T15:16:28.437","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cna@vuldb.com","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"A flaw has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown function of the component Web Management Interface. This manipulation of the argument suffix-rate-up causes command injection. The attack may be initiated remotely. The exploit has been published and may be used. The real existence of this vulnerability is still doubted at the moment. The vendor position is that post-authentication issues are not accepted as vulnerabilities."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"Ubiquiti","product":"EdgeRouter X","cpes":["cpe:2.3:h:ubiquiti:edgerouter_x:*:*:*:*:*:*:*:*"],"modules":["Web Management Interface"],"versions":[{"version":"2.0.9-hotfix.0","status":"affected"},{"version":"2.0.9-hotfix.1","status":"affected"},{"version":"2.0.9-hotfix.2","status":"affected"},{"version":"2.0.9-hotfix.3","status":"affected"},{"version":"2.0.9-hotfix.4","status":"affected"},{"version":"2.0.9-hotfix.5","status":"affected"},{"version":"2.0.9-hotfix.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:M/C:C/I:C/A:C","baseScore":8.3,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"MULTIPLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.4,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Primary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"5E5C7E0B-4335-44F0-A19F-6E68D9CFD5AF"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"9DB3EE14-A555-4DCA-9C16-F3D72489F10C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"2844D28C-FAD9-498A-93FF-7A4A217210A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"FF7E7155-EFDC-42E0-A851-8FD2C58A2076"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"B0473F8F-8D1E-4CEB-A7FC-979F3F3AAF29"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"C5D34B1D-9F1F-4A1F-A76C-FB4EE83D08F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"93A4BC03-E96D-42A9-9034-7017DA6EA389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x:-:*:*:*:*:*:*:*","matchCriteriaId":"91B9AD72-BF39-4731-85B9-26036F7C425B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.9","matchCriteriaId":"34DA36D8-F0BD-4E98-A74C-5D50AD0980C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:-:*:*:*:*:*:*","matchCriteriaId":"906F4A72-7C6D-45FD-875F-2D2791CE9F4A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix2:*:*:*:*:*:*","matchCriteriaId":"B919E33F-AC70-432C-A3F8-29FDFC710BB0"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix3:*:*:*:*:*:*","matchCriteriaId":"F4191452-071A-4BF1-B312-C4F9C28A5205"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix4:*:*:*:*:*:*","matchCriteriaId":"FFEE96EB-D8AE-4B23-B090-E86FBA4BEF73"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix5:*:*:*:*:*:*","matchCriteriaId":"101616F2-CA1A-4BF0-9025-F20EDA26F235"},{"vulnerable":true,"criteria":"cpe:2.3:o:ui:er-x-sfp_firmware:2.0.9:hotfix6:*:*:*:*:*:*","matchCriteriaId":"47ABA9C8-67E4-4DE2-822A-3E17639F745E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:er-x-sfp:-:*:*:*:*:*:*:*","matchCriteriaId":"4F922D6E-7C6D-4984-A0DF-6EDC0C7A9900"}]}]}],"references":[{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/cve/CVE-2023-2378","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/114072","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227654","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/227654/cti","source":"cna@vuldb.com"},{"url":"https://github.com/leetsun/IoT/tree/main/EdgeRouterX/CI/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.227654","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?id.227654","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-29778","sourceIdentifier":"cve@mitre.org","published":"2023-05-02T20:15:10.813","lastModified":"2026-07-09T01:18:15.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-30T16:39:46.951967Z","id":"CVE-2023-29778","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:gl-mt3000_firmware:4.1.0:release_2:*:*:*:*:*:*","matchCriteriaId":"828261AE-6FED-4663-A030-3CD6230A4ADD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:gl-mt3000:-:*:*:*:*:*:*:*","matchCriteriaId":"4D832083-488B-40F2-8D7A-66E917DF67F9"}]}]}],"references":[{"url":"https://github.com/OlivierLaflamme/cve/blob/main/GL.iNET/MT3000/get_nginx_log_RCE.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/OlivierLaflamme/cve/blob/main/GL.iNET/MT3000/get_nginx_log_RCE.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23059","sourceIdentifier":"cve@mitre.org","published":"2023-05-04T20:15:09.737","lastModified":"2026-07-09T01:18:03.810","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in GeoVision GV-Edge Recording Manager 2.2.3.0 for windows, which contains improper permissions within the default installation and allows attackers to execute arbitrary code and gain escalated privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:53:53.403632Z","id":"CVE-2023-23059","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-276"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:geovision:gv-edge_recording_manager:2.2.3.0:*:*:*:*:windows:*:*","matchCriteriaId":"E341B4E7-ECBA-4396-B8AD-6CA81599539F"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172141/GV-Edge-Recording-Manager-2.2.3.0-Privilege-Escalation.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172141/GV-Edge-Recording-Manager-2.2.3.0-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-30242","sourceIdentifier":"cve@mitre.org","published":"2023-05-05T12:15:09.093","lastModified":"2026-07-09T01:18:17.273","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T17:02:21.327095Z","id":"CVE-2023-30242","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*","matchCriteriaId":"7A708923-EF5F-4F53-86F3-DF0366E6FB58"}]}]}],"references":[{"url":"https://gist.github.com/nsvizp/ccbc51253a47d79d2bc1ea72e01bdaf6","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.netentsec.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/nsvizp/ccbc51253a47d79d2bc1ea72e01bdaf6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.netentsec.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-30243","sourceIdentifier":"cve@mitre.org","published":"2023-05-05T14:15:09.190","lastModified":"2026-07-09T01:18:17.433","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T17:01:18.260589Z","id":"CVE-2023-30243","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netentsec:application_security_gateway:6.3:*:*:*:*:*:*:*","matchCriteriaId":"7A708923-EF5F-4F53-86F3-DF0366E6FB58"}]}]}],"references":[{"url":"https://www.netentsec.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.netentsec.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-30185","sourceIdentifier":"cve@mitre.org","published":"2023-05-08T01:15:08.877","lastModified":"2026-07-09T01:18:16.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \\attachment\\SystemAttachmentServices.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:52:26.279506Z","id":"CVE-2023-30185","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:crmeb:crmeb:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndIncluding":"4.6.0","matchCriteriaId":"1E644C70-5216-40B7-9ED4-B9AA3C5C3362"}]}]}],"references":[{"url":"https://github.com/c7w1n/CVE-2023-30185/blob/main/CVE-2023-30185.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.crmeb.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/c7w1n/CVE-2023-30185/blob/main/CVE-2023-30185.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.crmeb.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2021-44283","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T03:15:09.197","lastModified":"2026-07-09T01:17:09.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow in the component /Enclave.cpp of Electronics and Telecommunications Research Institute ShieldStore commit 58d455617f99705f0ffd8a27616abdf77bdc1bdc allows attackers to cause an information leak via a crafted structure from an untrusted operating system."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T14:43:50.291516Z","id":"CVE-2021-44283","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shieldstore_project:shieldstore:-:*:*:*:*:*:*:*","matchCriteriaId":"B320E542-E645-45C6-B9CF-34EF80C8F9F1"}]}]}],"references":[{"url":"https://github.com/cocoppang/ShieldStore/blob/master/Enclave/Enclave.cpp","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/cocoppang/ShieldStore/issues/19","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/cocoppang/ShieldStore/blob/master/Enclave/Enclave.cpp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/cocoppang/ShieldStore/issues/19","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/cocoppang/ShieldStore/issues/19","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2023-30237","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T03:15:09.343","lastModified":"2026-07-09T01:18:17.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CyberGhostVPN Windows Client before v8.3.10.10015 was discovered to contain a DLL injection vulnerability via the component Dashboard.exe."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:35:43.641902Z","id":"CVE-2023-30237","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cyberghostvpn:cyberghost:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.3.10.10015","matchCriteriaId":"9414FA63-DC66-4B71-B5C7-E1DC003198A4"}]}]}],"references":[{"url":"https://cwe.mitre.org/data/definitions/77.html","source":"cve@mitre.org","tags":["Technical Description"]},{"url":"https://www.pentestpartners.com/security-blog/bullied-by-bugcrowd-over-kape-cyberghost-disclosure/","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://cwe.mitre.org/data/definitions/77.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Technical Description"]},{"url":"https://www.pentestpartners.com/security-blog/bullied-by-bugcrowd-over-kape-cyberghost-disclosure/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-30086","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.507","lastModified":"2026-07-09T01:18:16.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T14:42:43.326457Z","id":"CVE-2023-30086","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libtiff:libtiff:4.0.7:*:*:*:*:*:*:*","matchCriteriaId":"FE968DD2-24BE-4417-A6DF-D79E40E07766"}]}]}],"references":[{"url":"https://gitlab.com/libtiff/libtiff/-/issues/538","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230616-0003/","source":"cve@mitre.org"},{"url":"https://gitlab.com/libtiff/libtiff/-/issues/538","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://security.netapp.com/advisory/ntap-20230616-0003/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-31799","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.793","lastModified":"2026-07-09T01:18:19.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the system annnouncements parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:10:40.466894Z","id":"CVE-2023-31799","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-99-2023-04-11-Low-impact-Low-risk-XSS-in-system-announcements","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-99-2023-04-11-Low-impact-Low-risk-XSS-in-system-announcements","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31800","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.830","lastModified":"2026-07-09T01:18:20.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the forum title parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:07:40.716097Z","id":"CVE-2023-31800","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-102-2023-04-11-Low-impact-Moderate-risk-XSS-in-forum-titles","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-102-2023-04-11-Low-impact-Moderate-risk-XSS-in-forum-titles","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31801","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.870","lastModified":"2026-07-09T01:18:20.303","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skills wheel parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:04:47.780087Z","id":"CVE-2023-31801","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-97-2023-04-11-Low-impact-High-risk-XSS-in-skills-wheel","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-97-2023-04-11-Low-impact-High-risk-XSS-in-skills-wheel","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31802","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.910","lastModified":"2026-07-09T01:18:20.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the skype and linedin_url parameters."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T20:01:09.025880Z","id":"CVE-2023-31802","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-104-2023-04-11-Moderate-impact-High-risk-XSS-in-personal-profile","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-104-2023-04-11-Moderate-impact-High-risk-XSS-in-personal-profile","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31803","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.953","lastModified":"2026-07-09T01:18:20.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the resource sequencing parameters."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T19:14:35.703534Z","id":"CVE-2023-31803","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-100-2023-04-11-Low-impact-Low-risk-XSS-in-resources-sequencing","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-100-2023-04-11-Low-impact-Low-risk-XSS-in-resources-sequencing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31804","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:14.993","lastModified":"2026-07-09T01:18:20.767","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via the course category parameters."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-28T19:02:51.424565Z","id":"CVE-2023-31804","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-96-2023-04-06-Low-impact-Moderate-risk-XSS-in-course-categories","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-96-2023-04-06-Low-impact-Moderate-risk-XSS-in-course-categories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31805","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:15.033","lastModified":"2026-07-09T01:18:20.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local authenticated attacker to execute arbitrary code via the homepage function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T19:00:51.718289Z","id":"CVE-2023-31805","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-98-2023-04-11-Low-impact-Low-risk-XSS-in-homepage-edition","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-98-2023-04-11-Low-impact-Low-risk-XSS-in-homepage-edition","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31806","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:15.077","lastModified":"2026-07-09T01:18:21.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the My Progress function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T18:56:17.687294Z","id":"CVE-2023-31806","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-103-2023-04-11-Low-impact-Moderate-risk-XSS-in-My-progress-tab","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-103-2023-04-11-Low-impact-Moderate-risk-XSS-in-My-progress-tab","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-31807","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T16:15:15.123","lastModified":"2026-07-09T01:18:21.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in Chamilo Lms v.1.11.18 allows a local attacker to execute arbitrary code via a crafted payload to the personal notes function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T18:41:46.291795Z","id":"CVE-2023-31807","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:1.11.18:*:*:*:*:*:*:*","matchCriteriaId":"CC036024-F684-4567-86BD-6F4AA9433A01"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-101-2023-04-11-Low-impact-Low-risk-XSS-in-personal-notes-and-teacher-notes","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-101-2023-04-11-Low-impact-Low-risk-XSS-in-personal-notes-and-teacher-notes","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-30056","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T21:15:11.673","lastModified":"2026-07-09T01:18:16.083","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A session takeover vulnerability exists in FICO Origination Manager Decision Module 4.8.1 due to insufficient protection of the JSESSIONID cookie."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-28T19:52:27.146820Z","id":"CVE-2023-30056","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-384"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-384"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fico:origination_manager_decision:4.8.1:*:*:*:*:*:*:*","matchCriteriaId":"5DE79953-5581-4BF5-B6F9-F1691972F32E"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-30057","sourceIdentifier":"cve@mitre.org","published":"2023-05-09T21:15:11.717","lastModified":"2026-07-09T01:18:16.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Origination Manager Decision Module 4.8.1 allow attackers to execute arbitrary web scripts or HTML via a crafted payload."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-29T14:57:24.940987Z","id":"CVE-2023-30057","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fico:origination_manager_decision:4.8.1:*:*:*:*:*:*:*","matchCriteriaId":"5DE79953-5581-4BF5-B6F9-F1691972F32E"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172192/FICO-Origination-Manager-Decision-Module-4.8.1-XSS-Session-Hijacking.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-29863","sourceIdentifier":"cve@mitre.org","published":"2023-05-11T13:15:13.670","lastModified":"2026-07-09T01:18:15.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Medical Systems Co. Medisys Weblab Products v19.4.03 was discovered to contain a SQL injection vulnerability via the tem:statement parameter in the WSDL files."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-27T16:54:09.352033Z","id":"CVE-2023-29863","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:medisys:weblab:19.4.03:*:*:*:*:*:*:*","matchCriteriaId":"A5EE64CF-966E-4571-BADD-EEDB383E5EDA"}]}]}],"references":[{"url":"https://medium.com/@waadalbyalii5/sql-injection-in-wsdl-file-c66fa00042f5","source":"cve@mitre.org"},{"url":"https://medium.com/%40waadalbyalii5/sql-injection-in-wsdl-file-c66fa00042f5","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-25309","sourceIdentifier":"cve@mitre.org","published":"2023-05-11T18:15:12.360","lastModified":"2026-07-09T01:18:10.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) Vulnerability in Fetlife rollout-ui version 0.5, allows attackers to execute arbitrary code via a crafted url to the delete a feature functionality."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-27T17:01:18.828025Z","id":"CVE-2023-25309","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fetlife:rollout-ui:*:*:*:*:*:*:*:*","versionEndIncluding":"0.5","matchCriteriaId":"948D505F-AA4A-408A-8DF7-FDC959436C24"}]}]}],"references":[{"url":"https://cxsecurity.com/issue/WLB-2023050012","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/172185/Rollout-UI-0.5-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://cxsecurity.com/issue/WLB-2023050012","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://packetstormsecurity.com/files/172185/Rollout-UI-0.5-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-27237","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T11:15:12.773","lastModified":"2026-07-09T01:18:13.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LavaLite CMS v 9.0.0 was discovered to be vulnerable to a host header injection attack."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T19:51:58.940662Z","id":"CVE-2023-27237","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lavalite:lavalite:9.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6150AF5B-17E6-4BFB-9980-F181A335022D"}]}]}],"references":[{"url":"https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-27237","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://i.ibb.co/34DSW7B/1.png","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://i.ibb.co/kSkqPhQ/3.png","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://i.ibb.co/mJq9CH8/2.png","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-27237","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://i.ibb.co/34DSW7B/1.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://i.ibb.co/kSkqPhQ/3.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://i.ibb.co/mJq9CH8/2.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-29818","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T11:15:12.887","lastModified":"2026-07-09T01:18:15.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via the default allowlist feature being stored as non-admin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T15:36:37.368279Z","id":"CVE-2023-29818","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webroot:secureanywhere:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0.33.39","matchCriteriaId":"0C51899D-9E7A-46A8-8EEF-8D0F54C05E73"}]}]}],"references":[{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-29819","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T11:15:12.923","lastModified":"2026-07-09T01:18:15.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to bypass protections via a crafted payload."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T15:33:21.241314Z","id":"CVE-2023-29819","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webroot:secureanywhere:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0.33.39","matchCriteriaId":"0C51899D-9E7A-46A8-8EEF-8D0F54C05E73"}]}]}],"references":[{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-29820","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T11:15:12.960","lastModified":"2026-07-09T01:18:15.767","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"An issue found in Webroot SecureAnywhere Endpoint Protection CE 23.1 v.9.0.33.39 and before allows a local attacker to access sensitive information via the EXE installer. NOTE: the vendor's perspective is that this is not a separate vulnerability relative to CVE-2023-29818 and CVE-2023-29819."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T15:27:59.665874Z","id":"CVE-2023-29820","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webroot:secureanywhere:*:*:*:*:*:*:*:*","versionEndIncluding":"9.0.33.39","matchCriteriaId":"0C51899D-9E7A-46A8-8EEF-8D0F54C05E73"}]}]}],"references":[{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.spenceralessi.com/CVEs/2023-05-10-Webroot-SecureAnywhere/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47879","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T14:15:09.567","lastModified":"2026-07-09T01:18:02.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. NOTE: The vendor states that the vulnerability affects installations running version 22.5 or earlier. The issue was resolved with version 23.2 and later versions are not affected."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T15:42:38.767662Z","id":"CVE-2022-47879","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jedox:jedox:2020.2.5:*:*:*:*:*:*:*","matchCriteriaId":"3CD31D96-EC95-4111-A9A8-504144689CFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:jedox:jedox_cloud:-:*:*:*:*:*:*:*","matchCriteriaId":"0E29BFD3-4EC1-4323-B834-5AA35EE2AEE1"}]}]}],"references":[{"url":"https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://jedox.mantishub.io/app/issues/57236","source":"cve@mitre.org"},{"url":"https://jedox.mantishub.io/app/issues/57237","source":"cve@mitre.org"},{"url":"https://jedox.mantishub.io/app/issues/57238","source":"cve@mitre.org"},{"url":"https://jedox.mantishub.io/app/issues/57239","source":"cve@mitre.org"},{"url":"https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-47880","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T14:15:09.613","lastModified":"2026-07-09T01:18:03.087","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-27T16:36:18.846173Z","id":"CVE-2022-47880","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jedox:jedox:2020.2.5:*:*:*:*:*:*:*","matchCriteriaId":"3CD31D96-EC95-4111-A9A8-504144689CFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:jedox:jedox_cloud:-:*:*:*:*:*:*:*","matchCriteriaId":"0E29BFD3-4EC1-4323-B834-5AA35EE2AEE1"}]}]}],"references":[{"url":"https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27823","sourceIdentifier":"cve@mitre.org","published":"2023-05-12T14:15:09.727","lastModified":"2026-07-09T01:18:14.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration console without valid credentials."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-24T19:50:19.054148Z","id":"CVE-2023-27823","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:optoma:1080pstx:c02:*:*:*:*:*:*:*","matchCriteriaId":"59CEA818-372F-4C7D-82ED-BE14C2353E11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:optoma:1080pstx:-:*:*:*:*:*:*:*","matchCriteriaId":"C0149B13-3CD1-45A2-B0F5-B47B20B68923"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172276/Optoma-1080PSTX-Firmware-C02-Authentication-Bypass.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172276/Optoma-1080PSTX-Firmware-C02-Authentication-Bypass.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-31729","sourceIdentifier":"cve@mitre.org","published":"2023-05-18T02:15:12.380","lastModified":"2026-07-09T01:18:18.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection via /cgi-bin/cstecgi.cgi."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-22T14:54:22.056682Z","id":"CVE-2023-31729","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557:*:*:*:*:*:*:*","matchCriteriaId":"0C69B7CF-BF5E-423E-ACA1-D46D6BF6D127"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:*","matchCriteriaId":"7F723A73-4B32-4F9E-B5DA-80134D4711C1"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/2bac2c96e24229fa99e0254eaac1b8809e424b4b/Totolink/CVE-2023-31729/CVE-2023-31729.md","source":"cve@mitre.org"},{"url":"https://github.com/D2y6p/CVE/blob/main/Totolink/CVE-2023-31729/CVE-2023-31729.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/D2y6p/CVE/blob/2bac2c96e24229fa99e0254eaac1b8809e424b4b/Totolink/CVE-2023-31729/CVE-2023-31729.md","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/D2y6p/CVE/blob/main/Totolink/CVE-2023-31729/CVE-2023-31729.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/D2y6p/CVE/blob/2bac2c96e24229fa99e0254eaac1b8809e424b4b/Totolink/CVE-2023-31729/CVE-2023-31729.md","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2023-26818","sourceIdentifier":"cve@mitre.org","published":"2023-05-19T12:15:09.407","lastModified":"2026-07-09T01:18:10.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Telegram 9.3.1 and 9.4.0 allows attackers to access restricted files, microphone ,or video recording via the DYLD_INSERT_LIBRARIES flag."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-21T19:55:20.515781Z","id":"CVE-2023-26818","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:telegram:telegram:9.3.1:*:*:*:*:macos:*:*","matchCriteriaId":"1BB0B331-9AFD-4B37-9E12-82954F5648E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:telegram:telegram:9.4:*:*:*:*:macos:*:*","matchCriteriaId":"FCB8F5AC-982C-4FC0-A5C4-D4FF2FF23440"}]}]}],"references":[{"url":"https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31742","sourceIdentifier":"cve@mitre.org","published":"2023-05-22T17:15:09.477","lastModified":"2026-07-09T01:18:19.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-28T16:03:26.283652Z","id":"CVE-2023-31742","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linksys:wrt54gl_firmware:4.30.18.006:*:*:*:*:*:*:*","matchCriteriaId":"ABB375A9-7E02-4B09-8CC6-AAC4E5C6ABEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:linksys:wrt54gl:-:*:*:*:*:*:*:*","matchCriteriaId":"04AA9149-2F72-4585-8A41-66AE3D573197"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31742/Linksys_WRT54GL_RCE.pdf","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31742/Linksys_WRT54GL_RCE.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31740","sourceIdentifier":"cve@mitre.org","published":"2023-05-23T01:15:10.003","lastModified":"2026-07-09T01:18:19.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters WL_atten_bb, WL_atten_radio, and WL_atten_ctl in the apply.cgi interface, thereby gaining shell privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-21T18:56:32.509075Z","id":"CVE-2023-31740","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linksys:e2000_firmware:1.0.06:*:*:*:*:*:*:*","matchCriteriaId":"FE947E51-AD41-462E-B0B6-69A21F7D670A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:linksys:e2000:-:*:*:*:*:*:*:*","matchCriteriaId":"8052B407-172A-4A6B-983C-074F0FD1F8DB"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31740/Linksys_E2000_RCE.pdf","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31740/Linksys_E2000_RCE.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31741","sourceIdentifier":"cve@mitre.org","published":"2023-05-23T01:15:10.047","lastModified":"2026-07-09T01:18:19.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-21T18:44:58.149244Z","id":"CVE-2023-31741","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linksys:e2000_firmware:1.0.06:*:*:*:*:*:*:*","matchCriteriaId":"FE947E51-AD41-462E-B0B6-69A21F7D670A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:linksys:e2000:-:*:*:*:*:*:*:*","matchCriteriaId":"8052B407-172A-4A6B-983C-074F0FD1F8DB"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31741/Linksys_E2000_RCE_2.pdf","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://github.com/D2y6p/CVE/blob/main/Linksys/CVE-2023-31741/Linksys_E2000_RCE_2.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31517","sourceIdentifier":"cve@mitre.org","published":"2023-05-23T20:15:09.897","lastModified":"2026-07-09T01:18:18.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A memory leak in the component CConsole::Chain of Teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS) via opening a crafted file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:teeworlds:teeworlds:0.7.5:*:*:*:*:*:*:*","matchCriteriaId":"C8D5BD38-F074-48E6-89FF-64FB9BAD3B3C"}]}]}],"references":[{"url":"https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.redpacketsecurity.com/teeworlds-denial-of-service-cve-2023-31517/","source":"cve@mitre.org"},{"url":"https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.redpacketsecurity.com/teeworlds-denial-of-service-cve-2023-31517/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-31747","sourceIdentifier":"cve@mitre.org","published":"2023-05-23T23:15:09.270","lastModified":"2026-07-09T01:18:19.683","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-21T18:43:43.823569Z","id":"CVE-2023-31747","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-428"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-428"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondershare:filmora:12:*:*:*:*:*:*:*","matchCriteriaId":"9F7098E8-BF38-41A1-8F5E-4243F9660F1E"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172464/Filmora-12-Build-1.0.0.7-Unquoted-Service-Path.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172464/Filmora-12-Build-1.0.0.7-Unquoted-Service-Path.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-31748","sourceIdentifier":"cve@mitre.org","published":"2023-05-24T15:15:09.490","lastModified":"2026-07-09T01:18:19.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-16T15:38:49.596299Z","id":"CVE-2023-31748","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondershare:mobiletrans:4.0.11:*:*:*:*:*:*:*","matchCriteriaId":"7C27458A-A20D-4446-AB30-6D6F47E947CC"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/172466/MobileTrans-4.0.11-Weak-Service-Permissions.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://packetstormsecurity.com/files/172466/MobileTrans-4.0.11-Weak-Service-Permissions.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-31595","sourceIdentifier":"cve@mitre.org","published":"2023-05-24T20:15:10.150","lastModified":"2026-07-09T01:18:18.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via unauthenticated port access."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-16T15:43:25.984112Z","id":"CVE-2023-31595","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:icrealtime:icip-p2012t_firmware:2.420:*:*:*:*:*:*:*","matchCriteriaId":"2ECE20D6-2C1D-4419-8249-F1D9B81526FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:icrealtime:icip-p2012t:-:*:*:*:*:*:*:*","matchCriteriaId":"95FC9016-8FAC-437D-8CC5-94FC52235E77"}]}]}],"references":[{"url":"https://github.com/Yozarseef95/CVE-2023-31595","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Yozarseef95/CVE-2023-31595","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31594","sourceIdentifier":"cve@mitre.org","published":"2023-05-25T01:15:41.833","lastModified":"2026-07-09T01:18:18.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP channel using VLC network."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-16T15:04:01.535455Z","id":"CVE-2023-31594","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:icrealtime:icip-p2012t_firmware:2.420:*:*:*:*:*:*:*","matchCriteriaId":"2ECE20D6-2C1D-4419-8249-F1D9B81526FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:icrealtime:icip-p2012t:-:*:*:*:*:*:*:*","matchCriteriaId":"95FC9016-8FAC-437D-8CC5-94FC52235E77"}]}]}],"references":[{"url":"https://github.com/Yozarseef95/CVE-2023-31594","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Yozarseef95/CVE-2023-31594","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33779","sourceIdentifier":"cve@mitre.org","published":"2023-05-26T17:15:18.153","lastModified":"2026-07-09T01:18:25.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-14T20:05:08.640136Z","id":"CVE-2023-33779","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xuxueli:xxl-job:2.4.1:*:*:*:*:*:*:*","matchCriteriaId":"C90A77A0-C0DF-4EEB-AB59-EFAEBCFFE60B"}]}]}],"references":[{"url":"https://github.com/silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xuxueli/xxl-job","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xuxueli/xxl-job","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-30285","sourceIdentifier":"cve@mitre.org","published":"2023-05-31T12:15:09.410","lastModified":"2026-07-09T01:18:17.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Deviniti Issue Sync Synchronization v3.5.2 for Jira allows attackers to obtain the login credentials of a user via a crafted request sent to /rest/synchronizer/1.0/technicalUser."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-10T16:24:44.471089Z","id":"CVE-2023-30285","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deviniti:issue_sync:*:*:*:*:*:jira:*:*","versionEndExcluding":"3.5.2","matchCriteriaId":"BFF1CF92-0C1B-4F29-BBFB-DCAA5965023A"}]}]}],"references":[{"url":"https://github.com/D23K4N/CVE/blob/main/CVE-2023-30285.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/D23K4N/CVE/blob/main/CVE-2023-30285.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-29724","sourceIdentifier":"cve@mitre.org","published":"2023-06-02T04:15:49.803","lastModified":"2026-07-09T01:18:14.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The BT21 x BTS Wallpaper app 12 for Android allows unauthorized apps to actively request permission to modify data in the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the app is opened. An attacker could tamper with this data to cause an escalation of privilege attack."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T20:45:12.896376Z","id":"CVE-2023-29724","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bt21_x_bts_wallpaper_project:bt21_x_bts_wallpaper:12:*:*:*:*:android:*:*","matchCriteriaId":"2CF3F2D6-8AB5-4BC8-AE16-E927397B454C"}]}]}],"references":[{"url":"https://apkpure.com/cn/bt21-x-bts-wallpaper-hd-4k/com.bungaakp007.bt21wallpaperoffline130920/download/12-APK","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29724/CVE%20detail.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://apkpure.com/cn/bt21-x-bts-wallpaper-hd-4k/com.bungaakp007.bt21wallpaperoffline130920/download/12-APK","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29724/CVE%20detail.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-29725","sourceIdentifier":"cve@mitre.org","published":"2023-06-02T04:15:49.863","lastModified":"2026-07-09T01:18:15.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack."},{"lang":"es","value":"La aplicación BT21 x BTS Wallpaper v12 para Android permite que aplicaciones no autorizadas soliciten activamente permisos para insertar datos en la base de datos que registra información sobre las preferencias personales de un usuario y que se cargará en la memoria para ser leída y utilizada cuando se abra la aplicación. Al inyectar datos, el atacante puede forzar a la aplicación a cargar URLs de imágenes maliciosas y mostrarlas en la interfaz de usuario. A medida que aumente la cantidad de datos, acabará provocando que la aplicación desencadene un error \"OOM\" y se bloquee, dando lugar a un ataque persistente de denegación de servicio. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T20:44:11.662679Z","id":"CVE-2023-29725","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bt21_x_bts_wallpaper_project:bt21_x_bts_wallpaper:12:*:*:*:*:android:*:*","matchCriteriaId":"2CF3F2D6-8AB5-4BC8-AE16-E927397B454C"}]}]}],"references":[{"url":"https://apkpure.com/cn/bt21-x-bts-wallpaper-hd-4k/com.bungaakp007.bt21wallpaperoffline130920/download/12-APK","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29725/CVE%20detail.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.cuiet.blockCalls","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://apkpure.com/cn/bt21-x-bts-wallpaper-hd-4k/com.bungaakp007.bt21wallpaperoffline130920/download/12-APK","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29725/CVE%20detail.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://play.google.com/store/apps/details?id=com.cuiet.blockCalls","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2023-33381","sourceIdentifier":"cve@mitre.org","published":"2023-06-06T12:15:09.250","lastModified":"2026-07-09T01:18:22.567","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability was found in the ping functionality of the MitraStar GPT-2741GNAC router (firmware version AR_g5.8_110WVN0b7_2). The vulnerability allows an authenticated user to execute arbitrary OS commands by sending specially crafted input to the router via the ping function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T15:39:24.288597Z","id":"CVE-2023-33381","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mitrastar:gpt-2741gnac_firmware:ar_g5.8_110wvn0b7_2:*:*:*:*:*:*:*","matchCriteriaId":"3DFB4C77-B721-4BF1-8CD5-147DE6C0B065"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mitrastar:gpt-2741gnac:-:*:*:*:*:*:*:*","matchCriteriaId":"E1D33BCB-6C48-4B5D-BD06-A0F0344A9C2D"}]}]}],"references":[{"url":"https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33530","sourceIdentifier":"cve@mitre.org","published":"2023-06-06T13:15:15.900","lastModified":"2026-07-09T01:18:24.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a command injection vulnerability in the Tenda G103 Gigabit GPON Terminal with firmware version V1.0.0.5. If an attacker gains web management privileges, they can inject commands gaining shell privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T15:33:19.659866Z","id":"CVE-2023-33530","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:g103_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"20B50B9D-605D-4DE4-9785-FAA62019C25E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:g103:-:*:*:*:*:*:*:*","matchCriteriaId":"1530E06E-43D9-44DE-9569-D5A6B1647378"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/main/tenda/CVE-2023-33530/RCE2/tenda_G103_RCE_2.pdf","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/D2y6p/CVE/blob/main/tenda/CVE-2023-33530/RCE2/tenda_G103_RCE_2.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-31569","sourceIdentifier":"cve@mitre.org","published":"2023-06-06T14:15:12.427","lastModified":"2026-07-09T01:18:18.393","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T15:42:40.910325Z","id":"CVE-2023-31569","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:x5000r_firmware:9.1.0cu.2350_b20230313:*:*:*:*:*:*:*","matchCriteriaId":"AA390FB2-CCD9-4861-84D6-88CAA9DF57F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:x5000r:-:*:*:*:*:*:*:*","matchCriteriaId":"BC45BFB0-0CF0-4F9E-B19D-D274B17F1591"}]}]}],"references":[{"url":"https://github.com/JeeseenSec/Report/tree/main/TOTOLINK%2CThanks","source":"cve@mitre.org"},{"url":"https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JeeseenSec/Report/tree/main/TOTOLINK%2CThanks","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-33532","sourceIdentifier":"cve@mitre.org","published":"2023-06-06T14:15:12.740","lastModified":"2026-07-09T01:18:24.937","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0.4.48. If an attacker gains web management privileges, they can inject commands into the post request parameters, thereby gaining shell privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T15:30:37.487033Z","id":"CVE-2023-33532","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:netgear:r6250_firmware:1.0.4.48:*:*:*:*:*:*:*","matchCriteriaId":"0B7946DC-F8BA-4CBC-9A4F-18B773D10310"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:netgear:r6250:-:*:*:*:*:*:*:*","matchCriteriaId":"321BE843-52C4-4638-A321-439CA7B3A6F2"}]}]}],"references":[{"url":"https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33532/Netgear_R6250_RCE.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33532/Netgear_R6250_RCE.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27126","sourceIdentifier":"cve@mitre.org","published":"2023-06-06T18:15:10.343","lastModified":"2026-07-09T01:18:11.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The AES Key-IV pair used by the TP-Link TAPO C200 camera V3 (EU) on firmware version 1.1.22 Build 220725 is reused across all cameras. An attacker with physical access to a camera is able to extract and decrypt sensitive data containing the Wifi password and the TP-LINK account credential of the victim."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-08T15:46:31.568551Z","id":"CVE-2023-27126","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tapo_c200_firmware:1.2.2:build_220725:*:*:*:*:*:*","matchCriteriaId":"C39386E6-329F-418D-8603-21B000694452"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tapo_c200:3:*:*:*:*:*:*:*","matchCriteriaId":"101FA54E-1A3D-4A38-BBD0-8DAFAC414EA3"}]}]}],"references":[{"url":"https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.claranet.fr/blog/dans-les-entrailles-dune-camera-connectee-tp-link-14","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33781","sourceIdentifier":"cve@mitre.org","published":"2023-06-07T01:15:39.247","lastModified":"2026-07-09T01:18:25.857","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in D-Link DIR-842V2 v1.0.3 allows attackers to execute arbitrary commands via importing a crafted file."},{"lang":"es","value":"Un problema en D-Link DIR-842V2 v1.0.3 permite a los atacantes ejecutar comandos arbitrarios mediante la importación de un archivo manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-07T14:19:13.204564Z","id":"CVE-2023-33781","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-842v2_firmware:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"46C133C2-AD0B-4D47-9463-694A187A6292"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-842v2:-:*:*:*:*:*:*:*","matchCriteriaId":"5F047A1E-5C7F-41EC-9047-4A4F205C29FE"}]}]}],"references":[{"url":"https://github.com/s0tr/CVE-2023-33781","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/s0tr/CVE-2023-33781","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-33782","sourceIdentifier":"cve@mitre.org","published":"2023-06-07T01:15:39.293","lastModified":"2026-07-09T01:18:26.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability via the iperf3 diagnostics function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-06T20:18:41.083972Z","id":"CVE-2023-33782","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-842v2_firmware:1.0.3:*:*:*:*:*:*:*","matchCriteriaId":"46C133C2-AD0B-4D47-9463-694A187A6292"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-842v2:-:*:*:*:*:*:*:*","matchCriteriaId":"5F047A1E-5C7F-41EC-9047-4A4F205C29FE"}]}]}],"references":[{"url":"https://github.com/s0tr/CVE-2023-33782","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/s0tr/CVE-2023-33782","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-33621","sourceIdentifier":"cve@mitre.org","published":"2023-06-13T16:15:13.027","lastModified":"2026-07-09T01:18:25.253","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GL.iNET GL-AR750S-Ext firmware v3.215 inserts the admin authentication token into a GET request when the OpenVPN Server config file is downloaded. The token is then left in the browser history or access logs, potentially allowing attackers to bypass authentication via session replay."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-03T02:24:23.438406Z","id":"CVE-2023-33621","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-294"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:gl-ar750s_firmware:3.215:*:*:*:*:*:*:*","matchCriteriaId":"99E78333-5DE5-4577-8DE2-5C0C8B4EE5BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*","matchCriteriaId":"8C939D70-5353-43B7-AEF9-8F1D784DD4EF"}]}]}],"references":[{"url":"https://justinapplegate.me/2023/glinet-CVE-2023-33621/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://justinapplegate.me/2023/glinet-CVE-2023-33621/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31541","sourceIdentifier":"cve@mitre.org","published":"2023-06-13T17:15:14.810","lastModified":"2026-07-09T01:18:18.197","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A unrestricted file upload vulnerability was discovered in the ‘Browse and upload images’ feature of the CKEditor v1.2.3 plugin for Redmine, which allows arbitrary files to be uploaded to the server."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-03T19:28:03.588412Z","id":"CVE-2023-31541","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ckeditor:ckeditor:1.2.3:*:*:*:*:redmine:*:*","matchCriteriaId":"F8ED9F26-7429-434C-8FD9-5D1C6825DEB9"}]}]}],"references":[{"url":"https://github.com/DreamD2v/CVE-2023-31541/blob/main/CVE-2023-31541.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/DreamD2v/CVE-2023-31541/blob/main/CVE-2023-31541.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33620","sourceIdentifier":"cve@mitre.org","published":"2023-06-13T17:15:14.863","lastModified":"2026-07-09T01:18:25.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"GL.iNET GL-AR750S-Ext firmware v3.215 uses an insecure protocol in its communications which allows attackers to eavesdrop via a man-in-the-middle attack."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-03T02:25:53.636085Z","id":"CVE-2023-33620","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gl-inet:gl-ar750s_firmware:3.215:*:*:*:*:*:*:*","matchCriteriaId":"99E78333-5DE5-4577-8DE2-5C0C8B4EE5BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gl-inet:gl-ar750s:-:*:*:*:*:*:*:*","matchCriteriaId":"8C939D70-5353-43B7-AEF9-8F1D784DD4EF"}]}]}],"references":[{"url":"https://justinapplegate.me/2023/glinet-CVE-2023-33620/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://justinapplegate.me/2023/glinet-CVE-2023-33620/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-34944","sourceIdentifier":"cve@mitre.org","published":"2023-06-13T21:15:10.253","lastModified":"2026-07-09T01:18:27.447","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the /fileUpload.lib.php component of Chamilo 1.11.* up to v1.11.18 allows attackers to execute arbitrary code via uploading a crafted SVG file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-03T02:17:02.316413Z","id":"CVE-2023-34944","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo_lms:*:*:*:*:*:*:*:*","versionStartIncluding":"1.11.0","versionEndIncluding":"1.11.18","matchCriteriaId":"2633146D-0E64-40CC-97EF-DF2774900717"}]}]}],"references":[{"url":"https://github.com/chamilo/chamilo-lms/commit/0d0c88c4806280ac9b70a299d6e3099269c9bc54","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/chamilo/chamilo-lms/commit/f6e83550c2d17fc93a65ec4be602a78312289f37","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-113-2023-05-31-Low-impact-Low-risk-XSS-through-SVG","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/chamilo/chamilo-lms/commit/0d0c88c4806280ac9b70a299d6e3099269c9bc54","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/chamilo/chamilo-lms/commit/f6e83550c2d17fc93a65ec4be602a78312289f37","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-113-2023-05-31-Low-impact-Low-risk-XSS-through-SVG","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-34752","sourceIdentifier":"cve@mitre.org","published":"2023-06-14T14:15:10.533","lastModified":"2026-07-09T01:18:26.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-02T20:01:38.563831Z","id":"CVE-2023-34752","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:*","matchCriteriaId":"C12BED64-DA1B-4FB8-A196-B414759D79C4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bloofox.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://ndmcyb.hashnode.dev/bloofox-v0521-was-discovered-to-contain-many-sql-injection-vulnerability","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.bloofox.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-34832","sourceIdentifier":"cve@mitre.org","published":"2023-06-16T18:15:09.523","lastModified":"2026-07-09T01:18:27.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link Archer AX10(EU)_V1.2_230220 was discovered to contain a buffer overflow via the function FUN_131e8 - 0x132B4."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-17T17:10:19.094971Z","id":"CVE-2023-34832","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_ax10_firmware:230220:*:*:*:*:*:*:*","matchCriteriaId":"6E17A5B6-49DB-439E-8688-975E70553FCD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_ax10:1.2:*:*:*:*:*:*:*","matchCriteriaId":"9D7B35C7-62F8-4B0F-B038-DE128C058279"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/172989/TP-Link-Archer-AX10-EU-_V1.2_230220-Buffer-Overflow.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://gist.github.com/jhacker91/2026e080a42514255e758d64b465d1d5","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/172989/TP-Link-Archer-AX10-EU-_V1.2_230220-Buffer-Overflow.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://gist.github.com/jhacker91/2026e080a42514255e758d64b465d1d5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33438","sourceIdentifier":"cve@mitre.org","published":"2023-06-16T21:15:09.247","lastModified":"2026-07-09T01:18:24.310","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-12T18:55:39.356907Z","id":"CVE-2023-33438","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wolterskluwer:teammate\\+:35.0.11.0:*:*:*:*:*:*:*","matchCriteriaId":"3431B790-83FD-4B6F-8CB1-B8BCCC31174E"}]}]}],"references":[{"url":"https://github.com/justas-dee/CVEs/blob/main/CVE-2023-33438/README.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/justas-dee/CVEs/blob/main/CVE-2023-33438/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2022-45287","sourceIdentifier":"cve@mitre.org","published":"2023-06-21T13:15:09.750","lastModified":"2026-07-09T01:17:59.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in Registration.aspx of Temenos CWX 8.5.6 allows authenticated attackers to escalate privileges and perform arbitrary Administrative commands."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-06T21:31:24.614854Z","id":"CVE-2022-45287","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:temenos:cwx:8.5.6:*:*:*:*:*:*:*","matchCriteriaId":"6FF60BBC-5444-474E-AD80-2C22E21FD71A"}]}]}],"references":[{"url":"https://github.com/WhiteBearVN/CWX-Registration-Broken-Access-Control/blob/main/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/WhiteBearVN/CWX-Registration-Broken-Access-Control/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27243","sourceIdentifier":"cve@mitre.org","published":"2023-06-21T16:15:11.347","lastModified":"2026-07-09T01:18:13.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in Makves DCAP v3.0.0.122 allows unauthenticated attackers to obtain cleartext credentials via a crafted web request to the product API."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-06T18:46:28.321715Z","id":"CVE-2023-27243","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:makves:dcap:3.0.0.122:*:*:*:*:*:*:*","matchCriteriaId":"B00FDE30-C048-4F56-BF8B-3EE89E901D6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:makves:dcap:3.0.0.183:*:*:*:*:*:*:*","matchCriteriaId":"4F28C15F-9375-4567-95B8-02D75FCB2EC6"}]}]}],"references":[{"url":"https://pastebin.com/L5BkBeEE","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://pastebin.com/L5BkBeEE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31867","sourceIdentifier":"cve@mitre.org","published":"2023-06-22T12:15:11.920","lastModified":"2026-07-09T01:18:22.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sage X3 version 12.14.0.50-0 is vulnerable to CSV Injection."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-06T15:25:44.494474Z","id":"CVE-2023-31867","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1236"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sage:x3:12.14.0.50-0:*:*:*:*:*:*:*","matchCriteriaId":"E02F0A76-5C3C-4F96-B67E-E6BED5F39C57"}]}]}],"references":[{"url":"https://github.com/Digitemis/Advisory/blob/main/CVE-2023-31867.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Digitemis/Advisory/blob/main/CVE-2023-31867.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31868","sourceIdentifier":"cve@mitre.org","published":"2023-06-22T12:15:11.967","lastModified":"2026-07-09T01:18:22.447","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sage X3 version 12.14.0.50-0 is vulnerable to Cross Site Scripting (XSS). Some parts of the Web application are dynamically built using user's inputs. Yet, those inputs are not verified nor filtered by the application, so they mathed the expected format. Therefore, when HTML/JavaScript code is injected into those fields, this code will be saved by the application and executed by the web browser of the user viewing the web page. Several injection points have been identified on the application. The major one requires the user to be authenticated with a common account, he can then target an Administrator. All others endpoints need the malicious user to be authenticated as an Administrator. Therefore, the impact is diminished."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-06T15:24:53.181877Z","id":"CVE-2023-31868","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sage:x3:12.14.0.50-0:*:*:*:*:*:*:*","matchCriteriaId":"E02F0A76-5C3C-4F96-B67E-E6BED5F39C57"}]}]}],"references":[{"url":"https://github.com/Digitemis/Advisory/blob/main/CVE-2023-31868.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Digitemis/Advisory/blob/main/CVE-2023-31868.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-34671","sourceIdentifier":"cve@mitre.org","published":"2023-06-23T18:15:13.927","lastModified":"2026-07-09T01:18:26.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Access Control leads to privilege escalation affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role in the user profile. An attack could occur over the public Internet in some cases."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-05T18:56:34.002713Z","id":"CVE-2023-34671","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:elenos:etg150_fm_firmware:3.12:*:*:*:*:*:*:*","matchCriteriaId":"AE2C6198-3596-42AF-9649-6DC0F7086389"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:elenos:etg150_fm:-:*:*:*:*:*:*:*","matchCriteriaId":"911128AF-EBAD-425B-A754-93F89FDB57E4"}]}]}],"references":[{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34671","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-34672","sourceIdentifier":"cve@mitre.org","published":"2023-06-23T19:15:09.097","lastModified":"2026-07-09T01:18:26.637","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Access Control leads to adding a high-privilege user affecting Elenos ETG150 FM transmitter running on version 3.12 by exploiting user's role within the admin profile. An attack could occur over the public Internet in some cases."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"elenos","product":"etg150","defaultStatus":"unknown","cpes":["cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*"],"versions":[{"version":"3.12","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-05T15:04:17.437427Z","id":"CVE-2023-34672","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-281"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*","matchCriteriaId":"0BC76559-2E3D-4749-A709-F8735AFCA18B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*","matchCriteriaId":"202EBB13-21FD-4F02-A3F7-A9980EB6EDDB"}]}]}],"references":[{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34672","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34672","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-34673","sourceIdentifier":"cve@mitre.org","published":"2023-06-23T19:15:09.140","lastModified":"2026-07-09T01:18:26.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Elenos ETG150 FM transmitter running on version 3.12 was discovered to be leaking SMTP credentials and other sensitive information by exploiting the publicly accessible Memcached service. The attack can occur over the public Internet in some cases."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-12-05T18:58:26.217042Z","id":"CVE-2023-34673","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:elenos:etg150_firmware:3.12:*:*:*:*:*:*:*","matchCriteriaId":"0BC76559-2E3D-4749-A709-F8735AFCA18B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:elenos:etg150:-:*:*:*:*:*:*:*","matchCriteriaId":"202EBB13-21FD-4F02-A3F7-A9980EB6EDDB"}]}]}],"references":[{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34673","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-34673","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36143","sourceIdentifier":"cve@mitre.org","published":"2023-06-30T01:15:08.767","lastModified":"2026-07-09T01:18:28.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maxprint Maxlink 1200G v3.4.11E has an OS command injection vulnerability in the \"Diagnostic tool\" functionality of the device."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"maxprintisp","product":"maxlink_1200g","defaultStatus":"unknown","cpes":["cpe:2.3:h:maxprintisp:maxlink_1200g:-:*:*:*:*:*:*:*"],"versions":[{"version":"3.4.11e","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T15:35:02.233990Z","id":"CVE-2023-36143","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:maxprintisp:maxlink_1200g_firmware:3.4.11e:*:*:*:*:*:*:*","matchCriteriaId":"CE5140AC-5E19-4E9B-B2F3-915E9E9FE0EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:maxprintisp:maxlink_1200g:-:*:*:*:*:*:*:*","matchCriteriaId":"80F15C78-7B4D-4C59-9119-0FA675AE2434"}]}]}],"references":[{"url":"https://github.com/leonardobg/CVE-2023-36143","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/leonardobg/CVE-2023-36143","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36146","sourceIdentifier":"cve@mitre.org","published":"2023-06-30T01:15:08.823","lastModified":"2026-07-09T01:18:28.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Stored Cross-Site Scripting (XSS) vulnerability was found in Multilaser RE 170 using firmware 2.2.6733."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"multilaser","product":"re170","defaultStatus":"unknown","cpes":["cpe:2.3:h:multilaser:re170:-:*:*:*:*:*:*:*"],"versions":[{"version":"2.2.6733","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T15:33:00.476452Z","id":"CVE-2023-36146","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:multilaser:re170_firmware:2.2.6733:*:*:*:*:*:*:*","matchCriteriaId":"D34F8548-AFE8-44AC-8ED9-5D9A45A65A67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:multilaser:re170:-:*:*:*:*:*:*:*","matchCriteriaId":"B4126733-9C90-494A-9E89-22741DBB84E9"}]}]}],"references":[{"url":"https://github.com/leonardobg/CVE-2023-36146/#readme","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/leonardobg/CVE-2023-36146/#readme","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-34840","sourceIdentifier":"cve@mitre.org","published":"2023-06-30T16:15:09.600","lastModified":"2026-07-09T01:18:27.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T16:00:53.696587Z","id":"CVE-2023-34840","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular-ui-notification_project:angular-ui-notification:*:*:*:*:*:*:*:*","versionEndIncluding":"0.3.6","matchCriteriaId":"AD31E0E6-91B3-452C-93CF-5D422CB4B025"}]}]}],"references":[{"url":"https://github.com/Xh4H/CVE-2023-34840","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/alexcrack/angular-ui-notification","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Xh4H/CVE-2023-34840","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/alexcrack/angular-ui-notification","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-36144","sourceIdentifier":"cve@mitre.org","published":"2023-06-30T23:15:10.223","lastModified":"2026-07-09T01:18:28.323","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass in Intelbras Switch SG 2404 MR in firmware 1.00.54 allows an unauthenticated attacker to download the backup file of the device, exposing critical information about the device configuration."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"intelbras","product":"sg_2404_mr","defaultStatus":"unknown","cpes":["cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:*"],"versions":[{"version":"1.00.54","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-27T15:33:38.153254Z","id":"CVE-2023-36144","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:*","matchCriteriaId":"14756311-AB06-4EC0-B73E-C68F9E5DF2B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:intelbras:sg_2404_mr:-:*:*:*:*:*:*:*","matchCriteriaId":"B3EDC560-366C-46A2-AE4A-34FB9C7A5FE1"}]}]}],"references":[{"url":"https://github.com/leonardobg/CVE-2023-36144","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/leonardobg/CVE-2023-36144","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-36222","sourceIdentifier":"cve@mitre.org","published":"2023-07-03T21:15:09.707","lastModified":"2026-07-09T01:18:29.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the comment parameter in the article function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-22T18:19:51.246385Z","id":"CVE-2023-36222","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bbs-go:bbs-go:*:*:*:*:*:*:*:*","versionEndIncluding":"3.5.5","matchCriteriaId":"5473C64C-0539-4C6E-BE56-D4FB57F16BF2"}]}]}],"references":[{"url":"https://github.com/mlogclub/bbs-go","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/mlogclub/bbs-go/issues/206","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/mlogclub/bbs-go","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/mlogclub/bbs-go/issues/206","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36223","sourceIdentifier":"cve@mitre.org","published":"2023-07-03T21:15:09.750","lastModified":"2026-07-09T01:18:29.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-22T16:49:17.438275Z","id":"CVE-2023-36223","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bbs-go:bbs-go:*:*:*:*:*:*:*:*","versionEndIncluding":"3.5.5","matchCriteriaId":"5473C64C-0539-4C6E-BE56-D4FB57F16BF2"}]}]}],"references":[{"url":"https://github.com/mlogclub/bbs-go","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/mlogclub/bbs-go/issues/208","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/mlogclub/bbs-go","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/mlogclub/bbs-go/issues/208","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-42175","sourceIdentifier":"cve@mitre.org","published":"2023-07-05T03:15:09.080","lastModified":"2026-07-09T01:17:50.280","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-26T18:42:11.096153Z","id":"CVE-2022-42175","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:soluslabs:solusvm:4.1.2:*:*:*:*:*:*:*","matchCriteriaId":"D87B6A51-3097-47B3-B689-EA780D5A489F"}]}]}],"references":[{"url":"https://gist.github.com/mr404ntf/9c8728ee8f35d9744feec3828df1085d","source":"cve@mitre.org","tags":["Release Notes","Third Party Advisory"]},{"url":"https://gist.github.com/mr404ntf/9c8728ee8f35d9744feec3828df1085d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-20118","sourceIdentifier":"cve@mitre.org","published":"2023-07-11T14:15:09.300","lastModified":"2026-07-09T00:16:52.230","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability in Avast AntiVirus before v.19.7 allows a local attacker to cause a denial of service via a crafted request to the aswSnx.sys driver."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-08T16:33:35.277566Z","id":"CVE-2020-20118","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:avast:antivirus:*:*:*:*:*:*:*:*","versionEndExcluding":"19.7","matchCriteriaId":"228EF642-BA80-47F0-BD6B-2824131707DA"}]}]}],"references":[{"url":"https://gitlab.com/yongchuank/avast-aswsnx-ioctl-82ac0060-oob-write","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://gitlab.com/yongchuank/avast-aswsnx-ioctl-82ac0060-oob-write","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31818","sourceIdentifier":"cve@mitre.org","published":"2023-07-11T15:15:20.250","lastModified":"2026-07-09T01:18:21.400","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Marukyu Line v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-08T15:43:44.757794Z","id":"CVE-2023-31818","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:marukyu:marukyu_line:13.4.1:*:*:*:*:*:*:*","matchCriteriaId":"62C39D84-B883-4465-9661-A51B7064A2E5"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31818.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31818.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-20021","sourceIdentifier":"cve@mitre.org","published":"2023-07-12T13:15:09.060","lastModified":"2026-07-09T00:16:52.090","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue discovered in MikroTik Router v6.46.3 and earlier allows attacker to cause denial of service via misconfiguration in the SSH daemon."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-07T15:15:08.600717Z","id":"CVE-2020-20021","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mikrotik:routeros:*:*:*:*:*:*:*:*","versionEndIncluding":"6.46.3","matchCriteriaId":"0FE16B96-C8E2-414D-949C-693087370840"}]}]}],"references":[{"url":"https://www.exploit-db.com/exploits/48228","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://www.exploit-db.com/exploits/48228","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-33668","sourceIdentifier":"cve@mitre.org","published":"2023-07-12T13:15:09.190","lastModified":"2026-07-09T01:18:25.380","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DigiExam up to v14.0.2 lacks integrity checks for native modules, allowing attackers to access PII and takeover accounts on shared computers."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-07T19:20:41.377210Z","id":"CVE-2023-33668","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-354"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:digiexam:digiexam:*:*:*:*:*:*:*:*","versionEndIncluding":"14.0.2","matchCriteriaId":"EB3B8CB6-1D21-4B3D-9409-4EE3669CB01F"}]}]}],"references":[{"url":"https://github.com/lodi-g/CVE-2023-33668","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/lodi-g/CVE-2023-33668","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31819","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T14:15:09.113","lastModified":"2026-07-09T01:18:21.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in KEISEI STORE Co, Ltd. LIVRE KEISEI v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-31T18:07:29.783985Z","id":"CVE-2023-31819","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:keisei_store:livre:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"81617E2F-B579-4BB8-BD8D-576863A7DE1A"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31819.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31819.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31820","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T14:15:09.177","lastModified":"2026-07-09T01:18:21.633","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Shizutetsu Store v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-05T20:28:21.644054Z","id":"CVE-2023-31820","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:shizutetsu:shizutetsu_store:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"E3143FBA-270F-4618-9E7F-239585C97717"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31820.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31820.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31822","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T14:15:09.230","lastModified":"2026-07-09T01:18:21.860","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Entetsu Store v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Entetsu Store function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-31T18:06:10.205145Z","id":"CVE-2023-31822","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:entetsu:entetsu_store:13.4.1:*:*:*:*:*:*:*","matchCriteriaId":"F812C1E1-6E43-4F11-9945-F18B8CFD7F69"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31822.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31822.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31825","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T14:15:09.283","lastModified":"2026-07-09T01:18:22.210","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Inageya v.13.4.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Inageya function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-30T19:41:42.609355Z","id":"CVE-2023-31825","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-311"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:inageya:inageya:13.4.1:*:*:*:*:*:*:*","matchCriteriaId":"0C5F342E-4489-4C67-8636-3A55287FD4BD"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31825.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31825.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31821","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T15:15:09.027","lastModified":"2026-07-09T01:18:21.750","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in ALBIS Co. ALBIS v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp ALBIS function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-31T18:06:43.591346Z","id":"CVE-2023-31821","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:albis:albis:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"54BB8332-6FD7-4122-A1B2-3F334B137E33"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31821.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31821.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31823","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T15:15:09.073","lastModified":"2026-07-09T01:18:21.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in Marui Co Marui Official app v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp Marui Official Store function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-31T18:05:44.025057Z","id":"CVE-2023-31823","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:marui:marui:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"6E999B9E-A814-4D66-8918-88940BDAC8F6"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31823.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31823.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-31824","sourceIdentifier":"cve@mitre.org","published":"2023-07-13T15:15:09.123","lastModified":"2026-07-09T01:18:22.090","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-30T19:43:42.099925Z","id":"CVE-2023-31824","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dericia:delicia:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"714D0CA1-296C-46EC-BDE6-706B1FEF736B"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31824.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-31824.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-30383","sourceIdentifier":"cve@mitre.org","published":"2023-07-18T19:15:09.643","lastModified":"2026-07-09T01:18:17.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tp-link","product":"archer_c50","defaultStatus":"unknown","cpes":["cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*"],"versions":[{"version":"v2_160801","status":"affected"}]},{"vendor":"tp-link","product":"archer_c20","defaultStatus":"unknown","cpes":["cpe:2.3:h:tp-link:archer_c20:1:*:*:*:*:*:*:*"],"versions":[{"version":"v1_150707","status":"affected"}]},{"vendor":"tp-link","product":"archer_c2","defaultStatus":"unknown","cpes":["cpe:2.3:h:tp-link:archer_c2:-:*:*:*:*:*:*:*"],"versions":[{"version":"v1_170228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-28T18:32:54.899161Z","id":"CVE-2023-30383","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c2_v1_firmware:170228:*:*:*:*:*:*:*","matchCriteriaId":"E67A17E5-2199-4FFC-A9ED-DA1694CAC531"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c2_v1:-:*:*:*:*:*:*:*","matchCriteriaId":"10AEB762-E804-46FF-B37D-5CC21A1EFEB7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c20_firmware:150707:*:*:*:*:*:*:*","matchCriteriaId":"7EBCD60C-2B46-4A7F-821A-2852267A0114"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c20:1:*:*:*:*:*:*:*","matchCriteriaId":"9D159009-CF48-4631-9139-5AB553B58018"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c50_firmware:160801:*:*:*:*:*:*:*","matchCriteriaId":"9DD711B4-011F-4576-97FA-20857549E6FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c50:2:*:*:*:*:*:*:*","matchCriteriaId":"FBAF991B-15EB-4858-B7A7-18FA24C180DC"}]}]}],"references":[{"url":"https://gist.github.com/a2ure123/a4eda2813d85d8b414bb87e855ab4bf8","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.tp-link.com/us/support/download/archer-c2/v1/#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware%29%2CTPLINK","source":"cve@mitre.org"},{"url":"https://gist.github.com/a2ure123/a4eda2813d85d8b414bb87e855ab4bf8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.tp-link.com/us/support/download/archer-c2/v1/#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware%29%2CTPLINK","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-37733","sourceIdentifier":"cve@mitre.org","published":"2023-07-19T19:15:11.947","lastModified":"2026-07-09T01:18:31.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in tduck-platform v4.0 allows attackers to execute arbitrary code via a crafted HTML file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-28T15:17:43.207154Z","id":"CVE-2023-37733","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tduckcloud:tduck-platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"BB4EF1A5-DC74-4333-B8F8-92B85275839C"}]}]}],"references":[{"url":"https://github.com/TDuckCloud/tduck-platform","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/TDuckCloud/tduck-platform/issues/17","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/TDuckCloud/tduck-platform","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/TDuckCloud/tduck-platform/issues/17","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2023-37728","sourceIdentifier":"cve@mitre.org","published":"2023-07-20T18:15:12.110","lastModified":"2026-07-09T01:18:31.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IceWarp v10.2.1 was discovered to contain cross-site scripting (XSS) vulnerability via the color parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-24T20:34:16.927790Z","id":"CVE-2023-37728","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:icewarp:icewarp:10.2.1:*:*:*:*:*:*:*","matchCriteriaId":"D766FDC0-FCBC-4F85-AE0A-5F478D8D140B"}]}]}],"references":[{"url":"https://medium.com/@ayush.engr29/cve-2023-37728-6dfb7586311","source":"cve@mitre.org"},{"url":"https://medium.com/%40ayush.engr29/cve-2023-37728-6dfb7586311","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2021-35391","sourceIdentifier":"cve@mitre.org","published":"2023-07-21T20:15:11.887","lastModified":"2026-07-09T01:16:56.497","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Server Side Request Forgery vulnerability found in Deskpro Support Desk v2021.21.6 allows attackers to execute arbitrary code via a crafted URL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-24T14:47:43.340928Z","id":"CVE-2021-35391","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:deskpro:deskpro:2021.21.6:*:*:*:*:*:*:*","matchCriteriaId":"6A1365EA-8E30-4DD5-B1B2-26B98789C925"}]}]}],"references":[{"url":"https://sayaanalam.github.io/CVE-2021-35391.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://sayaanalam.github.io/CVE-2021-35391.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-26911","sourceIdentifier":"cve@mitre.org","published":"2023-07-26T14:15:10.283","lastModified":"2026-07-09T01:18:10.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-23T19:17:57.402771Z","id":"CVE-2023-26911","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-428"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:asus:armoury_crate:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.4.0","matchCriteriaId":"15E195AD-C257-44D8-BF03-35DF7B4E1093"},{"vulnerable":true,"criteria":"cpe:2.3:a:asus:setupasusservices:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.5.1","matchCriteriaId":"A4B49657-7E92-47A4-BBF5-F56BD3E9E9F5"}]}]}],"references":[{"url":"https://irradiate.com.au/blog/CVE-2023-26911","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://irradiate.com.au/blog/CVE-2023-26911","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-36580","sourceIdentifier":"cve@mitre.org","published":"2023-07-27T18:15:09.893","lastModified":"2026-07-09T01:16:57.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Open Redirect vulnerability exists in IceWarp MailServer IceWarp Server Deep Castle 2 Update 1 (13.0.1.2) via the referer parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-23T13:05:33.382900Z","id":"CVE-2021-36580","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:*","versionEndExcluding":"13.0.1.2","matchCriteriaId":"5E58B7FE-833A-48D9-B9A3-0DB2FD5F039A"},{"vulnerable":true,"criteria":"cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:*","versionEndExcluding":"13.0.1.2","matchCriteriaId":"6A0DEA97-0B80-4322-97DD-5E5430DC5617"}]}]}],"references":[{"url":"https://medium.com/@rohitgautam26/cve-2021-36580-69219798231c","source":"cve@mitre.org"},{"url":"http://mail.ziyan.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://medium.com/%40rohitgautam26/cve-2021-36580-69219798231c","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2020-22623","sourceIdentifier":"cve@mitre.org","published":"2023-07-27T20:15:09.790","lastModified":"2026-07-09T00:16:58.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in Jinfornet Jreport 15.6 allows unauthenticated attackers to gain sensitive information."},{"lang":"es","value":"La vulnerabilidad de salto de directorios en Jinfornet Jreport v15.6 permite a atacantes no autenticados obtener información confidencial. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-23T13:06:13.302022Z","id":"CVE-2020-22623","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:insightsoftware:jreport:15.6:*:*:*:*:*:*:*","matchCriteriaId":"14091AF1-5186-49FC-A69D-3CC5606F1313"}]}]}],"references":[{"url":"https://medium.com/@nguyenhongphu/cve-2020-22623-jinfornet-jreport-unauthenticated-path-traversal-arbitrary-file-download-83224cef32c8","source":"cve@mitre.org"},{"url":"https://medium.com/%40nguyenhongphu/cve-2020-22623-jinfornet-jreport-unauthenticated-path-traversal-arbitrary-file-download-83224cef32c8","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-37647","sourceIdentifier":"cve@mitre.org","published":"2023-07-31T13:15:09.897","lastModified":"2026-07-09T01:18:30.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-22T18:03:23.738496Z","id":"CVE-2023-37647","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sem-cms:semcms:1.5:*:*:*:*:*:*:*","matchCriteriaId":"29E32EAD-AB16-4C59-868D-A80DE7E0C34F"}]}]}],"references":[{"url":"https://gitee.com/ants12/sem-cms_-shop_210918_v1.5-sql-injection-exists-s/tree/master/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.sem-cms.cn/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://gitee.com/ants12/sem-cms_-shop_210918_v1.5-sql-injection-exists-s/tree/master/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.sem-cms.cn/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-34842","sourceIdentifier":"cve@mitre.org","published":"2023-07-31T14:15:10.373","lastModified":"2026-07-09T01:18:27.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-22T17:56:38.649226Z","id":"CVE-2023-34842","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*","versionEndIncluding":"5.7.109","matchCriteriaId":"46619FD4-CE48-4B19-83FF-D8B6560DD5F6"}]}]}],"references":[{"url":"https://www.dedecms.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.dedecms.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-34960","sourceIdentifier":"cve@mitre.org","published":"2023-08-01T02:15:10.307","lastModified":"2026-07-09T01:18:27.567","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commands via a SOAP API call with a crafted PowerPoint name."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-23T20:44:02.181906Z","id":"CVE-2023-34960","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*","versionStartIncluding":"1.11.0","versionEndIncluding":"1.11.18","matchCriteriaId":"51098DB7-26D2-41C5-A69A-AECC6406F4C5"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/174314/Chamilo-1.11.18-Command-Injection.html","source":"cve@mitre.org"},{"url":"https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/174314/Chamilo-1.11.18-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-Execution","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-34551","sourceIdentifier":"cve@mitre.org","published":"2023-08-01T18:15:09.997","lastModified":"2026-07-09T01:18:26.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In certain EZVIZ products, two stack buffer overflows in netClientSetWlanCfg function of the EZVIZ SDK command server can allow an authenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214. The impact is: execute arbitrary code (remote)."},{"lang":"es","value":"En ciertos productos EZVIZ, dos desbordamientos de búfer de pila en la función netClientSetWlanCfg del servidor de comandos EZVIZ SDK pueden permitir a un atacante autenticado presente en la misma red local que la cámara lograr la ejecución remota de código. Esto afecta a las versiones de firmware CS-C6N-B0-1G2WF anteriores a V5.3.0 build 230215 y CS-C6N-R101-1G2WF anteriores a V5.3.0 build 230215 y CS-CV310-A0-1B2WFR anteriores a V5.3.0 build 230221 y CS-CV310-A0-1C2WFR-C anteriores a V5.3.2 build 230221 y a las versiones de firmware CS-C6N-A0-1C2WFR-MUL anteriores a V5.3.2 build 230218 y a las versiones de firmware CS-CV310-A0-3C2WFRL-1080p anteriores a V5.2.7 build 230302 y a las versiones de firmware CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p anteriores a V5.3.2 build 230214 y a las versiones de firmware CS-CV248-A0-32WMFR anteriores a V5.2.3 build 230217 y las versiones de firmware EZVIZ LC1C anteriores a V5.3.4 build 230214. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"ezviz","product":"cs-c6n-b0-1g2wf_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:5.3.0:build210731:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-c6n-r101-1g2wf_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:5.3.0:build230215:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-cv310-a0-1b2wfr_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:5.3.0:build230221:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-cv310-a0-1c2wfr-c_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:5.3.2:build230221:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.2","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-c6n-a0-1c2wfr-mul_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:5.3.2:build230218:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.2","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-cv310-a0-3c2wfrl-1080p_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-cv310-a0-3c2wfrl-1080p_firmware:5.2.7:build230302:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.2.7","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-cv310-a0-1c2wfr","defaultStatus":"unknown","cpes":["cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.2","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-cv248-a0-32wmfr_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-cv248-a0-32wmfr_firmware:5.2.3:build230217:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.2.3","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"lc1c_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:lc1c_firmware:5.3.4:build230214:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-21T18:17:57.197693Z","id":"CVE-2023-34551","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"9A77C112-1175-4460-A5BD-9BB71B4CE204"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-b0-1g2wf:-:*:*:*:*:*:*:*","matchCriteriaId":"53448693-4C67-4538-B879-12F3F8B51BEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"2D7EEDF7-442B-40AC-8806-0AB3CFE17533"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-r101-1g2wf:-:*:*:*:*:*:*:*","matchCriteriaId":"6470C072-971D-4417-B0E7-4BFDA9584FBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"458145FB-A40C-4229-AE37-215B2E62A701"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1b2wfr:-:*:*:*:*:*:*:*","matchCriteriaId":"73269D17-F2D1-4D52-AF7C-561B584D6573"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"D45B4879-5E30-4C71-AE38-6C35CF9BEA83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr-c:-:*:*:*:*:*:*:*","matchCriteriaId":"801FF4C3-BF3B-4C89-B129-91FC9D33D82C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"3F29D41E-916A-4643-881F-73FB60E68CA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr-mul:-:*:*:*:*:*:*:*","matchCriteriaId":"872DDB21-ACE6-475D-B6C1-9653261E2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-3c2wfrl-1080p_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.7","matchCriteriaId":"1199D966-913A-4240-A80D-F7A570EA7DE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-3c2wfrl-1080p:-:*:*:*:*:*:*:*","matchCriteriaId":"8F009BB5-0ECC-48CC-B69A-5E81E9F97082"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"9C7442C9-0069-4401-9DE9-ACC54857493C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:*","matchCriteriaId":"A9181568-193B-4BF7-9A11-B7A031065934"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv248-a0-32wmfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.3","matchCriteriaId":"089FFD60-0E39-4880-8D51-AB851BC063C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv248-a0-32wmfr:-:*:*:*:*:*:*:*","matchCriteriaId":"E56B8667-7DCC-45C7-8945-45A0909CFFB8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:lc1c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.4","matchCriteriaId":"A88C0969-FFAE-45DA-881E-852844558554"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:lc1c:-:*:*:*:*:*:*:*","matchCriteriaId":"74D44F05-26DC-4976-8B5A-6DC9AA7D78D9"}]}]}],"references":[{"url":"https://www.ezviz.com/data-security/security-notice/detail/827","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.ezviz.com/data-security/security-notice/detail/827","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-34552","sourceIdentifier":"cve@mitre.org","published":"2023-08-01T18:15:10.057","lastModified":"2026-07-09T01:18:26.337","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In certain EZVIZ products, two stack based buffer overflows in mulicast_parse_sadp_packet and mulicast_get_pack_type functions of the SADP multicast protocol can allow an unauthenticated attacker present on the same local network as the camera to achieve remote code execution. This affects CS-C6N-B0-1G2WF Firmware versions before V5.3.0 build 230215 and CS-C6N-R101-1G2WF Firmware versions before V5.3.0 build 230215 and CS-CV310-A0-1B2WFR Firmware versions before V5.3.0 build 230221 and CS-CV310-A0-1C2WFR-C Firmware versions before V5.3.2 build 230221 and CS-C6N-A0-1C2WFR-MUL Firmware versions before V5.3.2 build 230218 and CS-CV310-A0-3C2WFRL-1080p Firmware versions before V5.2.7 build 230302 and CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p Firmware versions before V5.3.2 build 230214 and CS-CV248-A0-32WMFR Firmware versions before V5.2.3 build 230217 and EZVIZ LC1C Firmware versions before V5.3.4 build 230214."},{"lang":"es","value":"En determinados productos EZVIZ, dos desbordamientos de búfer basados en pila en las funciones mulicast_parse_sadp_packet y mulicast_get_pack_type del protocolo de multidifusión SADP pueden permitir a un atacante no autenticado presente en la misma red local que la cámara lograr la ejecución remota de código. Esto afecta a las versiones de firmware CS-C6N-B0-1G2WF anteriores a V5.3.0 build 230215 y a las versiones de firmware CS-C6N-R101-1G2WF anteriores a V5.3.0 build 230215 y a las versiones de firmware CS-CV310-A0-1B2WFR anteriores a V5.3.0 build 230221 y a las versiones de firmware CS-CV310-A0-1C2WFR-C anteriores a V5.3.2 build 230221 y a las versiones de firmware CS-C6N-A0-1C2WFR-MUL anteriores a V5.3.2 build 230218 y a las versiones de firmware CS-C6N-A0-1C2WFR-MUL anteriores a V5.3.2 build 230218 y a las versiones de firmware CS-CV310-A0-3C2WFRL-1080p anteriores a V5.2.7 build 230302 y a las versiones de firmware CS-CV310-A0-1C2WFR Wifi IP66 2.8mm 1080p anteriores a V5.3.2 build 230214 y a las versiones de firmware CS-CV248-A0-32WMFR anteriores a V5.2.3 build 230217 y a las versiones de firmware EZVIZ LC1C anteriores a V5.3.4 build 230214."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"ezviz","product":"cs-c6n-a0-1c2wfr-mul_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:5.3.2:build230218:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cs-c6n-r101-1g2wf_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:5.3.0:build230215:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]},{"vendor":"ezviz","product":"cv310-a0-1b2wfr_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:a:ezviz:cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"5.3.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-23T20:46:21.774754Z","id":"CVE-2023-34552","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-b0-1g2wf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"9A77C112-1175-4460-A5BD-9BB71B4CE204"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-b0-1g2wf:-:*:*:*:*:*:*:*","matchCriteriaId":"53448693-4C67-4538-B879-12F3F8B51BEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-r101-1g2wf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"2D7EEDF7-442B-40AC-8806-0AB3CFE17533"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-r101-1g2wf:-:*:*:*:*:*:*:*","matchCriteriaId":"6470C072-971D-4417-B0E7-4BFDA9584FBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1b2wfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.0","matchCriteriaId":"458145FB-A40C-4229-AE37-215B2E62A701"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1b2wfr:-:*:*:*:*:*:*:*","matchCriteriaId":"73269D17-F2D1-4D52-AF7C-561B584D6573"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"D45B4879-5E30-4C71-AE38-6C35CF9BEA83"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr-c:-:*:*:*:*:*:*:*","matchCriteriaId":"801FF4C3-BF3B-4C89-B129-91FC9D33D82C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-c6n-a0-1c2wfr-mul_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"3F29D41E-916A-4643-881F-73FB60E68CA2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-c6n-a0-1c2wfr-mul:-:*:*:*:*:*:*:*","matchCriteriaId":"872DDB21-ACE6-475D-B6C1-9653261E2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-3c2wfrl-1080p_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.7","matchCriteriaId":"1199D966-913A-4240-A80D-F7A570EA7DE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-3c2wfrl-1080p:-:*:*:*:*:*:*:*","matchCriteriaId":"8F009BB5-0ECC-48CC-B69A-5E81E9F97082"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv310-a0-1c2wfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.2","matchCriteriaId":"9C7442C9-0069-4401-9DE9-ACC54857493C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv310-a0-1c2wfr:-:*:*:*:*:*:*:*","matchCriteriaId":"A9181568-193B-4BF7-9A11-B7A031065934"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:cs-cv248-a0-32wmfr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.3","matchCriteriaId":"089FFD60-0E39-4880-8D51-AB851BC063C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:cs-cv248-a0-32wmfr:-:*:*:*:*:*:*:*","matchCriteriaId":"E56B8667-7DCC-45C7-8945-45A0909CFFB8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ezviz:lc1c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.3.4","matchCriteriaId":"A88C0969-FFAE-45DA-881E-852844558554"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ezviz:lc1c:-:*:*:*:*:*:*:*","matchCriteriaId":"74D44F05-26DC-4976-8B5A-6DC9AA7D78D9"}]}]}],"references":[{"url":"https://www.ezviz.com/data-security/security-notice/detail/827","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.ezviz.com/data-security/security-notice/detail/827","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-36081","sourceIdentifier":"cve@mitre.org","published":"2023-08-02T20:15:12.027","lastModified":"2026-07-09T01:18:27.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in GatesAIr Flexiva FM Transmitter/Exciter v.FAX 150W allows a remote attacker to execute arbitrary code via a crafted script to the web application dashboard."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"gatesair","product":"flexiva_fax_150w","defaultStatus":"unknown","cpes":["cpe:2.3:h:gatesair:flexiva_fax_150w:-:*:*:*:*:*:*:*"],"versions":[{"version":"150w","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T18:22:02.477988Z","id":"CVE-2023-36081","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gatesair:flexiva_fax_150w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"782C8D1B-B833-48F1-8B75-9E72F717219D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gatesair:flexiva_fax_150w:-:*:*:*:*:*:*:*","matchCriteriaId":"E2AFEDE8-25AE-4D42-B725-E6F6AE63CB24"}]}]}],"references":[{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36081","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36081","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36082","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T01:15:11.437","lastModified":"2026-07-09T01:18:27.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"gatesair","product":"flexiva_fax_150w","defaultStatus":"unknown","cpes":["cpe:2.3:h:gatesair:flexiva_fax_150w:-:*:*:*:*:*:*:*"],"versions":[{"version":"150w","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T16:25:47.453969Z","id":"CVE-2023-36082","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gatesair:flexiva_fax_150w_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"782C8D1B-B833-48F1-8B75-9E72F717219D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gatesair:flexiva_fax_150w:-:*:*:*:*:*:*:*","matchCriteriaId":"E2AFEDE8-25AE-4D42-B725-E6F6AE63CB24"}]}]}],"references":[{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-26979","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.433","lastModified":"2026-07-09T01:18:11.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the BLE channel. It allows attackers to decrease or increase the intensity of the stimulator by hijacking the BLE communication."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T20:07:46.469046Z","id":"CVE-2023-26979","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-924"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bluetens:bluetensq:4.3.15:*:*:*:*:*:*:*","matchCriteriaId":"7A06D742-1C78-4A1F-90C1-B1B319AAE150"}]}]}],"references":[{"url":"https://www.secura.com/blog/serious-safety-impact-found-in-bluetooth-low-energy-based-medical-devices","source":"cve@mitre.org","tags":["Exploit","Technical Description","Third Party Advisory"]},{"url":"https://www.secura.com/blog/serious-safety-impact-found-in-bluetooth-low-energy-based-medical-devices","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Technical Description","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36255","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.577","lastModified":"2026-07-09T01:18:29.257","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Eramba Limited Eramba Enterprise and Community edition v.3.19.1 allows a remote attacker to execute arbitrary code via the path parameter in the URL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T16:12:29.494997Z","id":"CVE-2023-36255","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eramba:eramba:3.19.1:*:*:*:*:*:*:*","matchCriteriaId":"5066840B-8481-4876-9C9D-61EBFCCFA9FA"}]}]}],"references":[{"url":"https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt","source":"cve@mitre.org"},{"url":"https://trovent.io/security-advisory-2303-01/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.eramba.org","source":"cve@mitre.org"},{"url":"https://trovent.github.io/security-advisories/TRSA-2303-01/TRSA-2303-01.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://trovent.io/security-advisory-2303-01/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.eramba.org","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-38954","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.650","lastModified":"2026-07-09T01:18:33.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability."},{"lang":"es","value":"Se ha descubierto que ZKTeco BioAccess IVS v3.3.1 contiene una vulnerabilidad de inyección SQL. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T19:37:46.115346Z","id":"CVE-2023-38954","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:bioaccess_ivs:3.3.1:*:*:*:*:*:*:*","matchCriteriaId":"E5FA70E1-699A-4148-9140-FF80E8E9E1F7"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38954","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38954","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38955","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.713","lastModified":"2026-07-09T01:18:33.693","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names."},{"lang":"es","value":"ZKTeco BioAccess IVS v3.3.1 permite a los atacantes no autenticados obtener información sensible sobre todos los dispositivos gestionados, incluyendo sus direcciones IP y nombres de dispositivos. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T19:37:00.354787Z","id":"CVE-2023-38955","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:bioaccess_ivs:3.3.1:*:*:*:*:*:*:*","matchCriteriaId":"E5FA70E1-699A-4148-9140-FF80E8E9E1F7"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38955","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38955","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38956","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.763","lastModified":"2026-07-09T01:18:33.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal vulnerability in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload."},{"lang":"es","value":"Una vulnerabilidad de salto de ruta en ZKTeco BioAccess IVS v3.3.1 permite a atacantes no autenticados leer archivos arbitrarios mediante el suministro de un payload manipulado. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T20:02:37.756767Z","id":"CVE-2023-38956","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:bioaccess_ivs:3.3.1:*:*:*:*:*:*:*","matchCriteriaId":"E5FA70E1-699A-4148-9140-FF80E8E9E1F7"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38956","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38956","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38958","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T02:15:09.823","lastModified":"2026-07-09T01:18:33.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request."},{"lang":"es","value":"Un problema de control de acceso en ZKTeco BioAccess IVS v3.3.1 permite a atacantes no autenticados cerrar y abrir de forma arbitraria las puertas gestionadas por la plataforma de forma remota mediante el envío de una solicitud web manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-18T13:54:50.851938Z","id":"CVE-2023-38958","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:bioaccess_ivs:3.3.1:*:*:*:*:*:*:*","matchCriteriaId":"E5FA70E1-699A-4148-9140-FF80E8E9E1F7"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38958","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38958","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-37679","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T03:15:10.697","lastModified":"2026-07-09T01:18:30.573","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server."},{"lang":"es","value":"Una vulnerabilidad de ejecución remota de comandos (RCE) en NextGen Mirth Connect v4.3.0 permite a los atacantes ejecutar comandos arbitrarios en el servidor de alojamiento. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nextgen:mirth_connect:4.3.0:*:*:*:*:*:*:*","matchCriteriaId":"6CE651ED-60AA-44A3-B9CC-3A6A62062591"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html","source":"cve@mitre.org"},{"url":"https://www.ihteam.net/advisory/mirth-connect","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176920/Mirth-Connect-4.4.0-Remote-Command-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.ihteam.net/advisory/mirth-connect","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38949","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T23:15:10.973","lastModified":"2026-07-09T01:18:32.987","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T16:05:45.829106Z","id":"CVE-2023-38949","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:8.5.5:*:*:*:*:*:*:*","matchCriteriaId":"1C1ABA20-2F3E-4EB4-8AAB-0C3C93A382A0"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38949","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38949","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38950","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T23:15:11.117","lastModified":"2026-07-09T13:57:25.203","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload. This vulnerability was fixed in version 9.0.120240617.19506 of ZKBioTime."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-21T03:55:34.683253Z","id":"CVE-2023-38950","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2025-05-19","cisaActionDue":"2025-06-09","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"ZKTeco BioTime Path Traversal Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:*:*:*:*:*:*:*:*","versionEndExcluding":"9.0.1","matchCriteriaId":"83628D17-18DB-4D0B-B7F0-45271B020E17"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38950","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38950","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://sploitus.com/exploit?id=PACKETSTORM:177859","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-38950","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]},{"url":"https://www.fortinet.com/content/dam/fortinet/assets/reports/report-incident-response-middle-east.pdf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Broken Link","Technical Description"]}]}},{"cve":{"id":"CVE-2023-38951","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T23:15:11.363","lastModified":"2026-07-09T01:18:33.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ZKTeco BioTime 8.5.5 through 9.x before 9.0.1 (20240617.19506) allows authenticated attackers to create or overwrite arbitrary files on the server via crafted requests to /base/sftpsetting/ endpoints that abuse a path traversal issue in the Username field and a lack of input sanitization on the SSH Key field. Overwriting specific files may lead to arbitrary code execution as NT AUTHORITY\\SYSTEM."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-05T14:16:42.488998Z","id":"CVE-2023-38951","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:8.5.5:*:*:*:*:*:*:*","matchCriteriaId":"1C1ABA20-2F3E-4EB4-8AAB-0C3C93A382A0"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38951","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/omair2084/biotime-rce-8.5.5/blob/main/biotime_enum.py","source":"cve@mitre.org"},{"url":"https://krashconsulting.com/fury-of-fingers-biotime-rce/","source":"cve@mitre.org"},{"url":"https://www.zkteco.com/en/ZKBio_Time/ZKBioTime#Download","source":"cve@mitre.org"},{"url":"https://www.zkteco.com/en/announcement","source":"cve@mitre.org"},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38951","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://sploitus.com/exploit?id=PACKETSTORM:177859","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2023-38952","sourceIdentifier":"cve@mitre.org","published":"2023-08-03T23:15:11.473","lastModified":"2026-07-09T01:18:33.433","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforced and any authenticated user can leverage admin functions without restriction by making direct requests to administrative endpoints."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-05T14:17:25.505955Z","id":"CVE-2023-38952","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-552"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:8.5.5:*:*:*:*:*:*:*","matchCriteriaId":"1C1ABA20-2F3E-4EB4-8AAB-0C3C93A382A0"}]}]}],"references":[{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38952","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/omair2084/biotime-rce-8.5.5/blob/main/biotime_enum.py","source":"cve@mitre.org"},{"url":"https://krashconsulting.com/fury-of-fingers-biotime-rce/","source":"cve@mitre.org"},{"url":"https://claroty.com/team82/disclosure-dashboard/cve-2023-38952","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://sploitus.com/exploit?id=PACKETSTORM:177859","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2023-36158","sourceIdentifier":"cve@mitre.org","published":"2023-08-04T00:15:13.447","lastModified":"2026-07-09T01:18:28.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in sourcecodester Toll Tax Management System 1.0 allows remote attackers to run arbitrary code via the First Name and Last Name fields on the My Account page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T16:17:17.774235Z","id":"CVE-2023-36158","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:toll_tax_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0E1E9D6B-3A71-47E0-A7E6-8A539D2D49F1"}]}]}],"references":[{"url":"https://cyberredteam.tech/posts/cve-2023-36158/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://cyberredteam.tech/posts/cve-2023-36158/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/unknown00759/CVE-2023-36158/blob/main/CVE-2023-36158.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.sourcecodester.com/php/15304/toll-tax-management-system-phpoop-free-source-code.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-36159","sourceIdentifier":"cve@mitre.org","published":"2023-08-04T00:15:13.587","lastModified":"2026-07-09T01:18:28.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) vulnerability in sourcecodester Lost and Found Information System 1.0 allows remote attackers to run arbitrary code via the First Name, Middle Name and Last Name fields on the Create User page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T16:16:37.375259Z","id":"CVE-2023-36159","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://cyberredteam.tech/posts/cve-2023-36159/","source":"cve@mitre.org"},{"url":"https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html","source":"cve@mitre.org","tags":["Product"]},{"url":"https://cyberredteam.tech/posts/cve-2023-36159/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-36095","sourceIdentifier":"cve@mitre.org","published":"2023-08-05T03:15:13.580","lastModified":"2026-07-09T01:18:28.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Harrison Chase langchain v.0.0.194 allows an attacker to execute arbitrary code via the python exec calls in the PALChain, affected functions include from_math_prompt and from_colored_object_prompt."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-17T14:46:57.535168Z","id":"CVE-2023-36095","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:langchain:langchain:0.0.194:*:*:*:*:*:*:*","matchCriteriaId":"7186FBDD-894A-41C2-A682-D7B2B95107C9"}]}]}],"references":[{"url":"https://github.com/hwchase17/langchain","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/langchain-ai/langchain/issues/5872","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/hwchase17/langchain","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/langchain-ai/langchain/issues/5872","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-37683","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:11.587","lastModified":"2026-07-09T01:18:30.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:24:59.160905Z","id":"CVE-2023-37683","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55E447B4-02C3-4D8B-8E03-2C1A474E2968"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37683.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37683.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-37684","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:11.677","lastModified":"2026-07-09T01:18:30.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:23:54.025087Z","id":"CVE-2023-37684","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55E447B4-02C3-4D8B-8E03-2C1A474E2968"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37684.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37684.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37685","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:11.773","lastModified":"2026-07-09T01:18:30.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:20:55.588909Z","id":"CVE-2023-37685","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55E447B4-02C3-4D8B-8E03-2C1A474E2968"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37685.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37685.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37686","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:11.877","lastModified":"2026-07-09T01:18:31.060","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:09:23.726805Z","id":"CVE-2023-37686","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55E447B4-02C3-4D8B-8E03-2C1A474E2968"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37686.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37686.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/online-nurse-hiring-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37687","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:11.967","lastModified":"2026-07-09T01:18:31.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the View Request of Nurse Page in the Admin portal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:08:46.233911Z","id":"CVE-2023-37687","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:online_nurse_hiring_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"55E447B4-02C3-4D8B-8E03-2C1A474E2968"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37687.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37687.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-37688","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:12.077","lastModified":"2026-07-09T01:18:31.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:08:00.792760Z","id":"CVE-2023-37688","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:maid_hiring_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"41ECF6D6-2D7F-47DA-9E36-EB00E8341EF2"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37688.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37688.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37689","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:12.150","lastModified":"2026-07-09T01:18:31.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:07:00.368254Z","id":"CVE-2023-37689","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:maid_hiring_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"41ECF6D6-2D7F-47DA-9E36-EB00E8341EF2"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37689.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37689.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37690","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T12:15:12.250","lastModified":"2026-07-09T01:18:31.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T20:04:50.188388Z","id":"CVE-2023-37690","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpgurukul:maid_hiring_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"41ECF6D6-2D7F-47DA-9E36-EB00E8341EF2"}]}]}],"references":[{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37690.txt","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rt122001/CVES/blob/main/CVE-2023-37690.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://phpgurukul.com/maid-hiring-management-system-using-php-and-mysql/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37646","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T17:15:09.440","lastModified":"2026-07-09T01:18:30.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the CAB file extraction function of Bitberry File Opener v23.0 allows attackers to execute a directory traversal."},{"lang":"es","value":"Un problema en la función de extracción de archivos CAB de Bitberry FIle Opener v23.0 permite a los atacantes ejecutar un salto de directorios. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-11T13:55:00.501298Z","id":"CVE-2023-37646","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bitberry:file_opener:23.0:*:*:*:*:*:*:*","matchCriteriaId":"9D1916E5-4EBC-48A7-9F79-EE915E6B8A38"}]}]}],"references":[{"url":"https://gist.github.com/Decamark/868e88aa6aae6b8f4a1dc1991efb83ca","source":"cve@mitre.org","tags":["Product","Third Party Advisory"]},{"url":"https://gist.github.com/Decamark/868e88aa6aae6b8f4a1dc1991efb83ca","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-26961","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T20:15:10.080","lastModified":"2026-07-09T01:18:10.930","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows attackers to upload arbitrary files (e.g., JavaScript content for stored XSS) via the type field in a JSON document within a PUT /gallery/api/media request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-15T18:00:46.617313Z","id":"CVE-2023-26961","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:alteryx:alteryx_server:2022.1.1.42590:*:*:*:*:*:*:*","matchCriteriaId":"7E2E8988-A4F4-4C56-9274-0A7F2DA1BD51"}]}]}],"references":[{"url":"https://gist.github.com/DylanGrl/4269ae834c5d0ec77c9b928ad35d3be3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/DylanGrl/4269ae834c5d0ec77c9b928ad35d3be3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39086","sourceIdentifier":"cve@mitre.org","published":"2023-08-08T20:15:10.303","lastModified":"2026-07-09T01:18:35.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"asus","product":"rt-ac66u_b1","defaultStatus":"unknown","cpes":["cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*"],"versions":[{"version":"3.0.0.4.286_51665","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T19:59:11.303600Z","id":"CVE-2023-39086","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:asus:rt-ac66u_b1_firmware:3.0.0.4.286_51665:*:*:*:*:*:*:*","matchCriteriaId":"2F526FFB-3562-4B63-B5D5-96B82B2CAAAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:asus:rt-ac66u_b1:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6B0EC4-797D-4059-AA90-EC09A49FE105"}]}]}],"references":[{"url":"http://121.41.98.87/2023/08/04/info/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://121.41.98.87/2023/08/04/info/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39003","sourceIdentifier":"cve@mitre.org","published":"2023-08-09T19:15:14.953","lastModified":"2026-07-09T01:18:34.077","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 was discovered to contain insecure permissions in the directory /tmp."},{"lang":"es","value":"Se ha descubierto que OPNsense Community Edition anterior a 23.7 y Business Edition anterior a 23.4.2 contienen permisos inseguros en el directorio /tmp."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T15:32:52.129166Z","id":"CVE-2023-39003","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*","versionEndExcluding":"23.7","matchCriteriaId":"E4C1BDFF-B6E1-4F82-9957-1FFA069E2EDC"}]}]}],"references":[{"url":"https://logicaltrust.net/blog/2023/08/opnsense.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://logicaltrust.net/blog/2023/08/opnsense.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39004","sourceIdentifier":"cve@mitre.org","published":"2023-08-09T19:15:15.013","lastModified":"2026-07-09T01:18:34.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure permissions in the configuration directory (/conf/) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation."},{"lang":"es","value":"Permisos inseguros en el directorio de configuración (/conf/) de OPNsense Community Edition antes de 23.7 y Business Edition antes de 23.4.2 permiten a los atacantes acceder a información sensible (por ejemplo, la contraseña raíz hash) que podría conducir a la escalada de privilegios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T14:59:46.145206Z","id":"CVE-2023-39004","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:*","versionEndExcluding":"23.7","matchCriteriaId":"E4C1BDFF-B6E1-4F82-9957-1FFA069E2EDC"}]}]}],"references":[{"url":"https://logicaltrust.net/blog/2023/08/opnsense.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://logicaltrust.net/blog/2023/08/opnsense.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33468","sourceIdentifier":"cve@mitre.org","published":"2023-08-09T20:15:10.357","lastModified":"2026-07-09T01:18:24.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 exhibit a vulnerability that enables remote manipulation of the device. This vulnerability involves extracting the connection confirmation code remotely, bypassing the need to obtain it directly from the physical screen."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"kramerav","product":"via_connect2","defaultStatus":"unknown","cpes":["cpe:2.3:h:kramerav:via_connect2:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"4.0.1.1326","versionType":"custom","status":"affected"}]},{"vendor":"kramerav","product":"via_go2","defaultStatus":"unknown","cpes":["cpe:2.3:h:kramerav:via_go2:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"4.0.1.1326","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T16:13:48.181350Z","id":"CVE-2023-33468","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:kramerav:via_go2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.1.1326","matchCriteriaId":"1B4DD0C6-167E-4649-BDE4-201EC41BBA7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:kramerav:via_go2:-:*:*:*:*:*:*:*","matchCriteriaId":"2192F73C-6F59-4319-8921-3BAE8AF7A330"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:kramerav:via_connect2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.1.1326","matchCriteriaId":"4E3A6866-F39F-4D84-A960-9FD8D2834358"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:kramerav:via_connect2:-:*:*:*:*:*:*:*","matchCriteriaId":"D53EDD4A-B5A0-4440-9B4D-78F8B97D79E8"}]}]}],"references":[{"url":"https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33468","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33469","sourceIdentifier":"cve@mitre.org","published":"2023-08-09T20:15:10.427","lastModified":"2026-07-09T01:18:24.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In instances where the screen is visible and remote mouse connection is enabled, KramerAV VIA Connect (2) and VIA Go (2) devices with a version prior to 4.0.1.1326 can be exploited to achieve local code execution at the root level."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"kramerav","product":"via_connect2","defaultStatus":"unknown","cpes":["cpe:2.3:h:kramerav:via_connect2:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"4.0.1.1326","versionType":"custom","status":"affected"}]},{"vendor":"kramerav","product":"via_go2","defaultStatus":"unknown","cpes":["cpe:2.3:h:kramerav:via_go2:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"4.0.1.1326","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T16:11:55.394729Z","id":"CVE-2023-33469","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:kramerav:via_go2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.1.1326","matchCriteriaId":"1B4DD0C6-167E-4649-BDE4-201EC41BBA7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:kramerav:via_go2:-:*:*:*:*:*:*:*","matchCriteriaId":"2192F73C-6F59-4319-8921-3BAE8AF7A330"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:kramerav:via_connect2_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.1.1326","matchCriteriaId":"4E3A6866-F39F-4D84-A960-9FD8D2834358"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:kramerav:via_connect2:-:*:*:*:*:*:*:*","matchCriteriaId":"D53EDD4A-B5A0-4440-9B4D-78F8B97D79E8"}]}]}],"references":[{"url":"https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33469","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2023-33469","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39805","sourceIdentifier":"cve@mitre.org","published":"2023-08-10T20:15:10.733","lastModified":"2026-07-09T01:18:36.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T19:43:58.996853Z","id":"CVE-2023-39805","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:idreamsoft:icms:7.0.16:*:*:*:*:*:*:*","matchCriteriaId":"ADF5334A-FE6D-45F3-801F-DF6CC9FC92F0"}]}]}],"references":[{"url":"https://gist.github.com/ChubbyZ/3ad434bd5fc2ab1242dd32500384cfb5","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/ChubbyZ/3ad434bd5fc2ab1242dd32500384cfb5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39806","sourceIdentifier":"cve@mitre.org","published":"2023-08-10T20:15:10.793","lastModified":"2026-07-09T01:18:36.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T19:42:06.297899Z","id":"CVE-2023-39806","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:idreamsoft:icms:7.0.16:*:*:*:*:*:*:*","matchCriteriaId":"ADF5334A-FE6D-45F3-801F-DF6CC9FC92F0"}]}]}],"references":[{"url":"https://gist.github.com/ChubbyZ/27fa6f43699c9964ddfa701614fc4d5e","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/ChubbyZ/27fa6f43699c9964ddfa701614fc4d5e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2020-35990","sourceIdentifier":"cve@mitre.org","published":"2023-08-11T14:15:11.443","lastModified":"2026-07-09T01:16:45.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Overflow vulnerability in cFilenameInit parameter in browseForDoc function in Foxit Software Foxit PDF Reader version 10.1.0.37527, allows local attackers to cause a denial of service (DoS) via crafted .pdf file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T18:02:15.628204Z","id":"CVE-2020-35990","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"10.1.0.37527","matchCriteriaId":"39CBCF67-6EB8-4ECA-B35C-1E32177DE0D4"}]}]}],"references":[{"url":"https://www.foxitsoftware.com/support/security-bulletins.php","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.foxitsoftware.com/support/security-bulletins.php","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-37847","sourceIdentifier":"cve@mitre.org","published":"2023-08-14T12:15:09.593","lastModified":"2026-07-09T01:18:31.987","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability."},{"lang":"es","value":"Se descubrió que novel-plus v3.6.2 contenía una vulnerabilidad de inyección SQL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T16:12:50.128980Z","id":"CVE-2023-37847","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xxyopen:novel-plus:3.6.2:*:*:*:*:*:*:*","matchCriteriaId":"E8784DC3-1BFE-4C21-B764-13F6C7CC28BC"}]}]}],"references":[{"url":"https://github.com/KingBangQ/CVE-2023-37847/blob/main/README.md","source":"cve@mitre.org","tags":["Broken Link","Third Party Advisory"]},{"url":"https://novel.xxyopen.com/index.htm","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/KingBangQ/CVE-2023-37847/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory"]},{"url":"https://novel.xxyopen.com/index.htm","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-30186","sourceIdentifier":"cve@mitre.org","published":"2023-08-14T13:15:10.420","lastModified":"2026-07-09T01:18:16.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T16:18:03.103545Z","id":"CVE-2023-30186","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.3","versionEndIncluding":"7.3.2","matchCriteriaId":"F05076E0-A23D-4BEE-B161-248ACEFEA307"}]}]}],"references":[{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-30187","sourceIdentifier":"cve@mitre.org","published":"2023-08-14T13:15:10.527","lastModified":"2026-07-09T01:18:16.863","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T16:17:15.913485Z","id":"CVE-2023-30187","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.3","versionEndIncluding":"7.3.2","matchCriteriaId":"F05076E0-A23D-4BEE-B161-248ACEFEA307"}]}]}],"references":[{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-30188","sourceIdentifier":"cve@mitre.org","published":"2023-08-14T13:15:10.720","lastModified":"2026-07-09T01:18:16.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T16:16:20.949758Z","id":"CVE-2023-30188","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:onlyoffice:document_server:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.3","versionEndIncluding":"7.3.2","matchCriteriaId":"F05076E0-A23D-4BEE-B161-248ACEFEA307"}]}]}],"references":[{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://gist.github.com/merrychap/25eba8c4dd97c9e545edad1b8f0eadc2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/ONLYOFFICE/DocumentServer","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/ONLYOFFICE/core/blob/8ca40a44ce47a86168327a46db91253cf6bb205d/DesktopEditor/doctrenderer/embed/NativeControlEmbed.cpp#L110","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/ONLYOFFICE/core/commit/2b6ad83b36afd9845085b536969d366d1d61150a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-26037","sourceIdentifier":"cve@mitre.org","published":"2023-08-16T13:15:10.413","lastModified":"2026-07-09T00:17:02.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal vulnerability in Server functionalty in Even Balance Punkbuster version 1.902 before 1.905 allows remote attackers to execute arbitrary code."},{"lang":"es","value":"La vulnerabilidad de Directory Traversal en Server functionalty en Even Balance Punkbuster en la versión 1.902 antes de la versión 1.905 permite a atacantes remotos ejecutar código arbitrario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-08T19:28:46.241708Z","id":"CVE-2020-26037","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:evenbalance:punkbuster:*:*:*:*:*:*:*:*","versionStartIncluding":"1.902","versionEndExcluding":"1.905","matchCriteriaId":"0F12BD38-FF07-484B-A022-369E21AA055A"}]}]}],"references":[{"url":"https://medium.com/@prizmant/hacking-punkbuster-e22e6cf2f36e","source":"cve@mitre.org"},{"url":"https://medium.com/%40prizmant/hacking-punkbuster-e22e6cf2f36e","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-38894","sourceIdentifier":"cve@mitre.org","published":"2023-08-16T22:15:13.397","lastModified":"2026-07-09T01:18:32.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Prototype Pollution issue in Cronvel Tree-kit v.0.7.4 and before allows a remote attacker to execute arbitrary code via the extend function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-08T19:24:37.806702Z","id":"CVE-2023-38894","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1321"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tree_kit_project:tree_kit:*:*:*:*:*:node.js:*:*","versionEndIncluding":"0.7.4","matchCriteriaId":"2A5407EF-16B1-497B-A791-FC29EE9B99DC"}]}]}],"references":[{"url":"https://github.com/cronvel/tree-kit","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.code-intelligence.com/blog/treekit-prototype-pollution-cve-2023-38894","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/cronvel/tree-kit","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.code-intelligence.com/blog/treekit-prototype-pollution-cve-2023-38894","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-38838","sourceIdentifier":"cve@mitre.org","published":"2023-08-17T12:15:09.430","lastModified":"2026-07-09T01:18:32.237","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via the edit.php component."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-08T15:05:19.464575Z","id":"CVE-2023-38838","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kiduswb:minimati:1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"A575DAD7-D7E3-4AEE-A923-00E3A1645E0E"}]}]}],"references":[{"url":"https://github.com/kiduswb/minimati/issues/1","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://github.com/kiduswb/minimati/issues/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2023-39784","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:08.927","lastModified":"2026-07-09T01:18:35.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"ac8v4_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.34.06","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-04T20:12:59.768669Z","id":"CVE-2023-39784","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:*:*:*:*:*:*:*","matchCriteriaId":"9C1D64DC-1EDC-4F62-8D22-E1890B71843C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*","matchCriteriaId":"8EEC256B-442B-4FE8-8253-7A725CF66A6C"}]}]}],"references":[{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39785","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:09.273","lastModified":"2026-07-09T01:18:35.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"ac8v4_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.34.06","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-04T19:21:18.914265Z","id":"CVE-2023-39785","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:*:*:*:*:*:*:*","matchCriteriaId":"9C1D64DC-1EDC-4F62-8D22-E1890B71843C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*","matchCriteriaId":"8EEC256B-442B-4FE8-8253-7A725CF66A6C"}]}]}],"references":[{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/2","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39786","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:09.357","lastModified":"2026-07-09T01:18:35.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"ac8v4_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:tenda:ac8v4_firmware:16.03.34.06:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.34.06","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-04T19:18:08.062228Z","id":"CVE-2023-39786","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac8_firmware:16.03.34.06:*:*:*:*:*:*:*","matchCriteriaId":"9C1D64DC-1EDC-4F62-8D22-E1890B71843C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*","matchCriteriaId":"8EEC256B-442B-4FE8-8253-7A725CF66A6C"}]}]}],"references":[{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39807","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:09.417","lastModified":"2026-07-09T01:18:36.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-07T15:49:23.823819Z","id":"CVE-2023-39807","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nvki:intelligent_broadband_subscriber_gateway:3.5:*:*:*:*:*:*:*","matchCriteriaId":"BAB936AF-C772-4A98-B8AC-6BE2A6DE55A4"}]}]}],"references":[{"url":"https://github.com/maride","source":"cve@mitre.org"},{"url":"https://sec.maride.cc/posts/ibsg/","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2023-39808","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:09.477","lastModified":"2026-07-09T01:18:36.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password that allows attackers to login with root privileges via the SSH service. The cleartext password corresponding to the $1$4Tmm01jl$7HRvcW.bz7uGmX9hiQWvR hash was not determined by the vulnerability discoverer."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-07T15:48:11.189525Z","id":"CVE-2023-39808","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nvki:intelligent_broadband_subscriber_gateway:3.5:*:*:*:*:*:*:*","matchCriteriaId":"BAB936AF-C772-4A98-B8AC-6BE2A6DE55A4"}]}]}],"references":[{"url":"https://github.com/maride","source":"cve@mitre.org"},{"url":"https://sec.maride.cc/posts/ibsg/","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2023-39809","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T01:15:09.550","lastModified":"2026-07-09T01:18:36.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain an OS command injection vulnerability via shell metacharacters in the system_hostname parameter at /manage/network-basic.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-03T20:33:43.047194Z","id":"CVE-2023-39809","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nvki:intelligent_broadband_subscriber_gateway:3.5:*:*:*:*:*:*:*","matchCriteriaId":"BAB936AF-C772-4A98-B8AC-6BE2A6DE55A4"}]}]}],"references":[{"url":"https://github.com/maride","source":"cve@mitre.org"},{"url":"https://sec.maride.cc/posts/ibsg/","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2020-28715","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T12:15:07.913","lastModified":"2026-07-09T01:16:42.973","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"leeco","product":"letv_x43","defaultStatus":"unknown","cpes":["cpe:2.3:h:leeco:letv_x43:-:*:*:*:*:*:*:*"],"versions":[{"version":"v2401rcn02c080080b04121s","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-09T14:03:35.905017Z","id":"CVE-2020-28715","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:leeco:letv_x43_firmware:v2401rcn02c080080b04121s:*:*:*:*:*:*:*","matchCriteriaId":"24199123-0BF9-4BEF-BF61-3CACE81E27E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:leeco:letv_x43:-:*:*:*:*:*:*:*","matchCriteriaId":"D35C7CC1-98C3-4307-AD70-FD11EE97E234"}]}]}],"references":[{"url":"https://www.cnvd.org.cn/flaw/show/2602948","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.cnvd.org.cn/flaw/show/2602948","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38899","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T12:15:08.483","lastModified":"2026-07-09T01:18:32.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-07T17:06:17.752530Z","id":"CVE-2023-38899","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:berkaygediz:o_blog:1.0:*:*:*:*:*:*:*","matchCriteriaId":"9B207331-2B17-4DEC-8DD7-8351A3D1822F"}]}]}],"references":[{"url":"https://github.com/berkaygediz/O_Blog","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/berkaygediz/O_Blog/issues","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/berkaygediz/O_Blog/issues/2","source":"cve@mitre.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/berkaygediz/O_Blog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/berkaygediz/O_Blog/issues","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/berkaygediz/O_Blog/issues/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-38836","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T17:15:47.633","lastModified":"2026-07-09T01:18:32.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos en BoidCMS v2.0.0 permite a un atacante remoto ejecutar código arbitrario a través del componente de cabecera GIF. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-07T17:08:25.330209Z","id":"CVE-2023-38836","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:boidcms:boidcms:2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"9CA34CF5-1C33-4846-B9C0-718CD2A9766A"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/175026/BoidCMS-2.0.0-Shell-Upload.html","source":"cve@mitre.org"},{"url":"https://github.com/BoidCMS/BoidCMS/issues/27","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/175026/BoidCMS-2.0.0-Shell-Upload.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/BoidCMS/BoidCMS/issues/27","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-39061","sourceIdentifier":"cve@mitre.org","published":"2023-08-21T17:15:48.277","lastModified":"2026-07-09T01:18:35.303","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Request Forgery (CSRF) en Chamilo desde v1.11 a v1.11.20 permite a un atacante remoto autenticado ejecutar código arbitrario. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-10T13:46:08.997978Z","id":"CVE-2023-39061","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:*","versionStartIncluding":"1.11","versionEndIncluding":"1.11.20","matchCriteriaId":"430B7F12-51F0-47BA-AF88-931650467CF0"}]}]}],"references":[{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-123-2023-07-08-Moderate-impact-Moderate-risk-CSRF-through-admin-account-forum-posts","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-123-2023-07-08-Moderate-impact-Moderate-risk-CSRF-through-admin-account-forum-posts","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2020-27418","sourceIdentifier":"cve@mitre.org","published":"2023-08-22T19:16:20.047","lastModified":"2026-07-09T01:16:42.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function."},{"lang":"es","value":"Una vulnerabilidad de use-after-free en el kernel de Fedora Linux 5.9.0-rc9 permite a los atacantes obtener información confidencial a través de la función vgacon_invert_region()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-03T19:23:30.017813Z","id":"CVE-2020-27418","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fedoraproject:fedora_linux_kernel:5.9.0:rc9:*:*:*:*:*:*","matchCriteriaId":"74ED0E71-78FA-49CF-8D16-B2B3291F352E"}]}]}],"references":[{"url":"https://patchwork.freedesktop.org/patch/356372/","source":"cve@mitre.org","tags":["Mailing List","Patch"]},{"url":"https://patchwork.freedesktop.org/patch/356372/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch"]}]}},{"cve":{"id":"CVE-2023-39810","sourceIdentifier":"cve@mitre.org","published":"2023-08-28T19:15:07.893","lastModified":"2026-07-09T01:18:36.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-02T15:58:10.995250Z","id":"CVE-2023-39810","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:busybox:busybox:1.30.1:*:*:*:*:*:*:*","matchCriteriaId":"8AC195D9-9524-4293-8324-599BAD0EE324"},{"vulnerable":true,"criteria":"cpe:2.3:a:busybox:busybox:1.33.2:*:*:*:*:*:*:*","matchCriteriaId":"2E135F20-BC21-42DE-A91C-343049863AA2"}]}]}],"references":[{"url":"https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2025/04/23/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/23/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/23/3","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/04/24/2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-3262","sourceIdentifier":"cve@mitre.org","published":"2023-08-29T20:15:09.487","lastModified":"2026-07-09T01:17:01.070","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TripSpark VEO Transportation-2.2.x-XP_BB-20201123-184084 NovusEDU-2.2.x-XP_BB-20201123-184084 allows unsafe data inputs in POST body parameters from end users without sanitizing using server-side logic. It was possible to inject custom SQL commands into the \"Student Busing Information\" search queries."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-02T14:57:34.673514Z","id":"CVE-2021-3262","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trispark:novusedu:2.2.x-xp_bb-20201123-184084:*:*:*:*:*:*:*","matchCriteriaId":"D5F18292-9ACB-411B-B539-A6ADF2EAACCE"},{"vulnerable":true,"criteria":"cpe:2.3:a:trispark:veo_transportation:2.2.x-xp_bb-20201123-184084os:*:*:*:*:*:*:*","matchCriteriaId":"B988A3AA-75DA-4C34-8EC7-169FB5A44307"}]}]}],"references":[{"url":"https://susos.co/blog/f/cve-disclosureuncovered-sql-injection-in-tripspark-veo-transport","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://susos.co/blog/f/cve-disclosureuncovered-sql-injection-in-tripspark-veo-transport","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36088","sourceIdentifier":"cve@mitre.org","published":"2023-09-01T16:15:07.910","lastModified":"2026-07-09T01:18:27.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information."},{"lang":"es","value":"Una vulnerabilidad de Server Side Request Forgery (SSRF) en NebulaGraph Studio versión 3.7.0, permite a atacantes remotos obtener información sensible. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-01T16:29:52.694883Z","id":"CVE-2023-36088","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vesoft:nebulagraph_studio:3.7.0:*:*:*:*:*:*:*","matchCriteriaId":"10E246F7-BEED-4EDB-898B-09599EA9A6A2"}]}]}],"references":[{"url":"https://github.com/vesoft-inc/nebula-studio","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/vesoft-inc/nebula-studio/issues/571","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/vesoft-inc/nebula-studio","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/vesoft-inc/nebula-studio/issues/571","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36361","sourceIdentifier":"cve@mitre.org","published":"2023-09-05T16:15:07.567","lastModified":"2026-07-09T01:18:29.383","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability via the p_table_name parameter."},{"lang":"es","value":"Se ha descubierto que Audimexee v14.1.7 contiene una vulnerabilidad de inyección SQL a través del parámetro \"p_table_name\". "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-04T18:34:14.970154Z","id":"CVE-2023-36361","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:web-audimex:audimexee:14.1.7:*:*:*:*:*:*:*","matchCriteriaId":"44E11B64-AAD9-4BBD-9CAC-8FC30C9CF102"}]}]}],"references":[{"url":"https://gist.github.com/Cameleon037/40b3b6f6729d1d0984d6ce5b6837c46b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2023-36361","source":"cve@mitre.org"},{"url":"https://gist.github.com/Cameleon037/40b3b6f6729d1d0984d6ce5b6837c46b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/Henkel-CyberVM/CVEs/tree/main/CVE-2023-36361","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2023-41009","sourceIdentifier":"cve@mitre.org","published":"2023-09-05T20:15:07.937","lastModified":"2026-07-09T01:18:37.873","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos en adlered bolo-solo v2.6 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el campo de autorización de la cabecera. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-30T17:23:20.571235Z","id":"CVE-2023-41009","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adlered:bolo-solo:2.6:*:*:*:*:*:*:*","matchCriteriaId":"4DDEA408-2849-4AC1-AF15-0B94BEA8B7F3"}]}]}],"references":[{"url":"https://github.com/Rabb1tQ/HillstoneCVEs/blob/main/CVE-2023-41009/CVE-2023-41009.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/adlered/bolo-solo","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/Rabb1tQ/HillstoneCVEs/blob/main/CVE-2023-41009/CVE-2023-41009.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/adlered/bolo-solo","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-37798","sourceIdentifier":"cve@mitre.org","published":"2023-09-07T19:15:47.510","lastModified":"2026-07-09T01:18:31.877","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) Almacenado en la nueva función de creación de proyectos REDCap de Vanderbilt REDCap 13.1.35 permite a los atacantes ejecutar scripts web arbitrarios o HTML mediante la inyección de un payload manipulado en el parámetro \"project title\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-26T17:42:24.276085Z","id":"CVE-2023-37798","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vanderbilt:redcap:*:*:*:*:*:*:*:*","versionEndIncluding":"13.1.35","matchCriteriaId":"40893ACC-652C-4691-8BEB-D3AFBBDE63FD"}]}]}],"references":[{"url":"https://www.cyderes.com/blog/cve-2023-37798-stored-cross-site-scripting-in-vanderbilt-redcap/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cyderes.com/blog/cve-2023-37798-stored-cross-site-scripting-in-vanderbilt-redcap/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-45811","sourceIdentifier":"cve@mitre.org","published":"2023-09-08T02:15:07.877","lastModified":"2026-07-09T01:17:12.030","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in the \"Search\" functionality of \"tickets.php\" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the \"keywords\" and \"topic_id\" URL parameters combination."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en la funcionalidad \"Search\" de la página \"tickets.php\" en osTicket v1.15.x permite a atacantes autenticados ejecutar comandos SQL arbitrarios a través de la combinación de parámetros URL \"keywords\" y \"topic_id\". "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-26T18:41:33.712197Z","id":"CVE-2021-45811","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:enhancesoft:osticket:*:*:*:*:*:*:*:*","versionStartIncluding":"1.15","versionEndIncluding":"1.15.8","matchCriteriaId":"763E683C-D2EC-4E03-9362-23CA5F34E9C6"}]}]}],"references":[{"url":"https://members.backbox.org/osticket-sql-injection/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://members.backbox.org/osticket-sql-injection/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2021-27715","sourceIdentifier":"cve@mitre.org","published":"2023-09-08T03:15:07.823","lastModified":"2026-07-09T01:16:49.090","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request."},{"lang":"es","value":"Se descubrió un problema en MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052, que permite a los atacantes omitir la autenticación y ejecutar código arbitrario a través de una petición HTTP manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"mofinetwork","product":"mofi4500-4gxelte-v2","defaultStatus":"unknown","cpes":["cpe:2.3:h:mofinetwork:mofi4500-4gxelte-v2:-:*:*:*:*:*:*:*"],"versions":[{"version":"3.5.6-xnet-5052","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-26T18:18:18.803206Z","id":"CVE-2021-27715","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:mofinetwork:mofi4500-4gxelte-v2_firmware:3.5.6-xnet-5052:*:*:*:*:*:*:*","matchCriteriaId":"07AEC844-FE9B-49CF-A748-07B67AF837BC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mofinetwork:mofi4500-4gxelte-v2:-:*:*:*:*:*:*:*","matchCriteriaId":"FD1B5A49-821C-4192-84B3-46201EEED36D"}]}]}],"references":[{"url":"https://www.nagarro.com/services/security/mofi-cve-security-advisory","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagarro.com/services/security/mofi-cve-security-advisory","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39637","sourceIdentifier":"cve@mitre.org","published":"2023-09-12T12:15:08.077","lastModified":"2026-07-09T01:18:35.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis."},{"lang":"es","value":"Se descubrió que D-Link DIR-816 A2 1.10 B05 contiene una vulnerabilidad de inyección de comandos a través del componente /goform/Diagnosis."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"d-link","product":"dir-816_a2","defaultStatus":"unknown","cpes":["cpe:2.3:h:d-link:dir-816_a2:-:*:*:*:*:*:*:*"],"versions":[{"version":"1.10_b05","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-26T16:07:46.783598Z","id":"CVE-2023-39637","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-816_firmware:1.10b05:*:*:*:*:*:*:*","matchCriteriaId":"B12CE36E-C7F7-4FE7-BA46-8EC5B61F617E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-816:a2:*:*:*:*:*:*:*","matchCriteriaId":"1A3AC507-7219-401E-AC60-12D96382E4B7"}]}]}],"references":[{"url":"http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-816","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/mmmmmx1/dlink/blob/main/DIR-816/readme.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-816","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/mmmmmx1/dlink/blob/main/DIR-816/readme.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-41013","sourceIdentifier":"cve@mitre.org","published":"2023-09-12T12:15:08.533","lastModified":"2026-07-09T01:18:37.997","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the \"p4\" field."},{"lang":"es","value":"Cross Site Scripting (XSS) en Webmail Calendar en IceWarp 10.3.1 permite a atacantes remotos inyectar scripts web o HTML arbitrarias a través del campo \"p4\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-26T14:28:59.952783Z","id":"CVE-2023-41013","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:icewarp:icewarp:10.3.1:*:*:*:*:*:*:*","matchCriteriaId":"3B7D1C54-2DE8-4C29-8676-55C5DA8722C2"}]}]}],"references":[{"url":"https://medium.com/@katikitala.sushmitha078/cve-2023-41013-789841dcad91","source":"cve@mitre.org"},{"url":"https://medium.com/%40katikitala.sushmitha078/cve-2023-41013-789841dcad91","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-40984","sourceIdentifier":"cve@mitre.org","published":"2023-09-15T01:15:07.653","lastModified":"2026-07-09T01:18:37.530","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Replace in Results file."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) reflejada en la función Administrador de Archivos de Webmin v2.100 permite a los atacantes ejecutar un script malicioso mediante la inyección de un payload manipulado en el fichero Reemplazar en Resultados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:37:38.309801Z","id":"CVE-2023-40984","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*","matchCriteriaId":"C1B4BC89-37BB-4538-887D-DE2B0930BDED"}]}]}],"references":[{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40984","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40984","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-40985","sourceIdentifier":"cve@mitre.org","published":"2023-09-15T01:15:07.787","lastModified":"2026-07-09T01:18:37.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Webmin 2.100. The File Manager functionality allows an attacker to exploit a Cross-Site Scripting (XSS) vulnerability. By providing a malicious payload, an attacker can inject arbitrary code, which is then executed within the context of the victim's browser when any file is searched/replaced."},{"lang":"es","value":"Se descubrió un problema en Webmin 2.100. La funcionalidad del Administrador de Archivos permite a un atacante explotar una vulnerabilidad de Cross-Site Scripting (XSS). Al proporcionar un payload malicioso, un atacante puede inyectar código arbitrario, que luego se ejecuta dentro del contexto del navegador de la víctima cuando se busca o reemplaza cualquier archivo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:36:11.791675Z","id":"CVE-2023-40985","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*","matchCriteriaId":"C1B4BC89-37BB-4538-887D-DE2B0930BDED"}]}]}],"references":[{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40985","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-40986","sourceIdentifier":"cve@mitre.org","published":"2023-09-15T01:15:07.910","lastModified":"2026-07-09T01:18:37.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the Usermin Configuration function of Webmin v2.100 allows attackers to execute arbitrary web sripts or HTML via a crafted payload injected into the Custom field."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting (XSS) almacenado en la función de Usermin Configuration de Webmin v2.100 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el campo Custom."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:34:21.045135Z","id":"CVE-2023-40986","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*","matchCriteriaId":"C1B4BC89-37BB-4538-887D-DE2B0930BDED"}]}]}],"references":[{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40986","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40986","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-40982","sourceIdentifier":"cve@mitre.org","published":"2023-09-15T03:15:09.047","lastModified":"2026-07-09T01:18:37.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in Webmin v2.100 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cloned module name parameter."},{"lang":"es","value":"Una vulnerabilidad cross-site scripting (XSS) almacenadas en Webmin v2.100 permite a los atacantes ejecutar scripts web o HTML arbitrarias a través de payload elaborado inyectado en el módulo clonado en el parámetro nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T18:07:28.649592Z","id":"CVE-2023-40982","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*","matchCriteriaId":"C1B4BC89-37BB-4538-887D-DE2B0930BDED"}]}]}],"references":[{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40982","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40982","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-40983","sourceIdentifier":"cve@mitre.org","published":"2023-09-15T04:15:10.243","lastModified":"2026-07-09T01:18:37.420","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A reflected cross-site scripting (XSS) vulnerability in the File Manager function of Webmin v2.100 allows attackers to execute malicious scripts via injecting a crafted payload into the Find in Results file."},{"lang":"es","value":"Una vulnerabilidad de cross-site scripting (XSS) reflejada en la función Administrador de Archivos de Webmin v2.100 permite a los atacantes ejecutar secuencias de comandos maliciosas mediante la inyección de un payload preparado en el archivo Buscar en Resultados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:44:01.053063Z","id":"CVE-2023-40983","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webmin:webmin:2.100:*:*:*:*:*:*:*","matchCriteriaId":"C1B4BC89-37BB-4538-887D-DE2B0930BDED"}]}]}],"references":[{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40983","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Vi39/Webmin-2.100/blob/main/CVE-2023-40983","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41595","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T16:15:45.577","lastModified":"2026-07-09T01:18:39.500","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in xui-xray v1.8.3 allows attackers to obtain sensitive information via default password."},{"lang":"es","value":"Un problema en xui-xray v1.8.3 permite a las atacantes obtener información sensible a través de la contraseña predeterminada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T17:25:33.997734Z","id":"CVE-2023-41595","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vaxilu:x-ui:1.8.3:*:*:*:*:*:*:*","matchCriteriaId":"21976C47-CB47-4E98-8014-1650AB4E3AC8"}]}]}],"references":[{"url":"https://github.com/dubin12345/xui-xary/blob/main/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/vaxilu/x-ui","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/dubin12345/xui-xary/blob/main/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/vaxilu/x-ui","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-39039","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T21:15:54.923","lastModified":"2026-07-09T01:18:34.320","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en Camp Style Project Line v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T18:39:29.529087Z","id":"CVE-2023-39039","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:camp_style_project_line_project:camp_style_project_line:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"CB868138-6A02-4A55-983E-83351F96C699"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39039.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39039.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-39040","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T21:15:54.987","lastModified":"2026-07-09T01:18:34.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en Cheese Cafe Line v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T19:24:35.827567Z","id":"CVE-2023-39040","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cheese_cafe_line_project:cheese_cafe_line:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"0BB12C18-B464-493B-B8F0-D5AAC3BDE692"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39040.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39040.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39043","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T21:15:55.047","lastModified":"2026-07-09T01:18:34.593","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en YKC Tokushima_awayokocho Line v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T19:32:19.194622Z","id":"CVE-2023-39043","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ykc:tokushima_awayokocho:13.6.1:*:*:*:*:line:*:*","matchCriteriaId":"339C6E87-57D0-43C6-A578-3D5B91AAA194"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39043.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39043.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39058","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T21:15:55.103","lastModified":"2026-07-09T01:18:35.183","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en THE_B_members tarjeta v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:51:37.275618Z","id":"CVE-2023-39058","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:the_b_members_card_project:the_b_members_card:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"FD5D8BD6-D9E4-4914-AA4C-87EADAAF0D44"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39058.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39058.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39046","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T22:15:46.710","lastModified":"2026-07-09T01:18:34.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en TonTon-Tei_waiting Line v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T17:39:40.994958Z","id":"CVE-2023-39046","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tonton-tei_waiting_project:tonton-tei_waiting:13.6.1:*:*:*:*:line:*:*","matchCriteriaId":"DC377C05-FD16-4CDD-B8C8-F53D79FDBAB4"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39046.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39046.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39049","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T22:15:46.850","lastModified":"2026-07-09T01:18:34.923","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en youmart-tokunaga v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T18:17:32.570326Z","id":"CVE-2023-39049","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:youmart-tokunaga_project:youmart-tokunaga:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"1E64A187-7A2E-411E-B049-74C183EB2C92"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39049.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39049.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-39056","sourceIdentifier":"cve@mitre.org","published":"2023-09-18T22:15:46.983","lastModified":"2026-07-09T01:18:35.063","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages."},{"lang":"es","value":"Una fuga de información en Coffee-jumbo v13.6.1 permite a los atacantes obtener el token de acceso al canal y enviar mensajes manipulados."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:52:15.448030Z","id":"CVE-2023-39056","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-668"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coffee-jumbo_project:coffee-jumbo:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"61C06F96-46E7-4512-9832-FD52BCFBCE0C"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39056.md","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-39056.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-42399","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T04:15:55.347","lastModified":"2026-07-09T01:18:39.623","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attacker to obtain sensitive information via the rich text editor component."},{"lang":"es","value":"La vulnerabilidad de  Cross Site Scripting en xdsoft.net Jodit Editor v.4.0.0-beta.86 permite a un atacante remoto obtener información sensible a través del componente editor de texto enriquecido."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T20:33:29.739106Z","id":"CVE-2023-42399","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xdsoft:joditeditor:4.0.0:beta86:*:*:*:*:*:*","matchCriteriaId":"74969402-E432-4197-BF0A-E2B20187D58C"}]}]}],"references":[{"url":"https://github.com/xdan/jodit/issues/1017","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://xdsoft.net","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/xdan/jodit/issues/1017","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://xdsoft.net","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-40931","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:09.153","lastModified":"2026-07-09T01:18:36.803","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php"},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en Nagios XI desde la versión 5.11.0 hasta la 5.11.1 inclusive permite a atacantes autenticados ejecutar comandos SQL arbitrarios a través del parámetro ID en la solicitud POST a /nagiosxi/admin/banner_message-ajaxhelper.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T14:26:11.062445Z","id":"CVE-2023-40931","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11.0","versionEndExcluding":"5.11.2","matchCriteriaId":"7BA69A3A-E1A4-45C5-859C-51F4E92B32C6"}]}]}],"references":[{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-40932","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:10.237","lastModified":"2026-07-09T01:18:36.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-site scripting (XSS) vulnerability in Nagios XI version 5.11.1 and below allows authenticated attackers with access to the custom logo component to inject arbitrary javascript or HTML via the alt-text field. This affects all pages containing the navbar including the login page which means the attacker is able to to steal plaintext credentials."},{"lang":"es","value":"Una vulnerabilidad de A Cross-Site scripting (XSS) en Nagios XI versión 5.11.1 y anteriores permite a atacantes autenticados con acceso al componente del logotipo personalizado inyectar javascript o HTML de su elección a través del campo de texto alternativo. Esto afecta a todas las páginas que contienen la barra de navegación, incluida la página de inicio de sesión, lo que significa que el atacante puede robar credenciales de texto plano."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T20:39:09.574785Z","id":"CVE-2023-40932","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndExcluding":"5.11.2","matchCriteriaId":"9DDB8315-F31F-4D8D-B78D-586732BDC727"}]}]}],"references":[{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-40933","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:10.533","lastModified":"2026-07-09T01:18:37.043","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en Nagios XI v5.11.1 y anteriores permite a atacantes autenticados con privilegios de configuración de banners de anuncios ejecutar comandos SQL arbitrarios a través del parámetro ID enviado a la función update_banner_message()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T20:38:05.693675Z","id":"CVE-2023-40933","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndExcluding":"5.11.2","matchCriteriaId":"9DDB8315-F31F-4D8D-B78D-586732BDC727"}]}]}],"references":[{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-40934","sourceIdentifier":"cve@mitre.org","published":"2023-09-19T23:15:10.677","lastModified":"2026-07-09T01:18:37.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in Nagios XI 5.11.1 and below allows authenticated attackers with privileges to manage host escalations in the Core Configuration Manager to execute arbitrary SQL commands via the host escalation notification settings."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL en Nagios XI 5.11.1 y versiones anteriores permite a atacantes autenticados con privilegios administrar las escaladas en máquinas anfitrión en Core Configuration Manager para ejecutar comandos SQL arbitrarios a través de la configuración de notificación de escalada de host."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T20:43:47.242401Z","id":"CVE-2023-40934","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:nagios_xi:*:*:*:*:*:*:*:*","versionEndExcluding":"5.11.2","matchCriteriaId":"9DDB8315-F31F-4D8D-B78D-586732BDC727"}]}]}],"references":[{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://outpost24.com/blog/nagios-xi-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/products/security/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-38886","sourceIdentifier":"cve@mitre.org","published":"2023-09-20T01:15:56.153","lastModified":"2026-07-09T01:18:32.353","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script."},{"lang":"es","value":"Un problema en Dolibarr ERP CRM v.17.0.1 y anteriores permite a un atacante remoto con privilegios ejecutar código arbitrario a través de un comando/script maniulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:03:16.027399Z","id":"CVE-2023-38886","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*","versionEndIncluding":"17.0.1","matchCriteriaId":"BCEE13D4-508A-405B-8889-8BB2F29B2903"}]}]}],"references":[{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38886_Dolibarr_RCE-1.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38887","sourceIdentifier":"cve@mitre.org","published":"2023-09-20T01:15:56.327","lastModified":"2026-07-09T01:18:32.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File Upload vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to execute arbitrary code and obtain sensitive information via the extension filtering and renaming functions."},{"lang":"es","value":"Vulnerabilidad de carga de archivos en Dolibarr ERP CRM v.17.0.1 y anteriores permite a un atacante remoto ejecutar código arbitrario y obtener información sensible a través de las funciones de filtrado y cambio de nombre de la extensión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T20:34:30.472976Z","id":"CVE-2023-38887","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*","versionEndIncluding":"17.0.1","matchCriteriaId":"BCEE13D4-508A-405B-8889-8BB2F29B2903"}]}]}],"references":[{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38887_Dolibarr_AFU.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38887_Dolibarr_AFU.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-38888","sourceIdentifier":"cve@mitre.org","published":"2023-09-20T01:15:56.580","lastModified":"2026-07-09T01:18:32.640","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Dolibarr ERP CRM v.17.0.1 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the REST API module, related to analyseVarsForSqlAndScriptsInjection and testSqlAndScriptInject."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en Dolibarr ERP CRM v.17.0.1 y anteriores permite a un atacante remoto obtener información sensible y ejecutar código arbitrario a través del módulo REST API, relacionado con analyseVarsForSqlAndScriptsInjection y testSqlAndScriptInject."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-25T15:01:54.552998Z","id":"CVE-2023-38888","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*","versionEndIncluding":"17.0.1","matchCriteriaId":"BCEE13D4-508A-405B-8889-8BB2F29B2903"}]}]}],"references":[{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://akerva.com/wp-content/uploads/2023/09/AKERVA_Security-Advisory_CVE-2023-38888_Dolibarr_XSS.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-43141","sourceIdentifier":"cve@mitre.org","published":"2023-09-25T16:15:14.587","lastModified":"2026-07-09T01:18:40.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control."},{"lang":"es","value":"TOTOLINK A3700R V9.1.2u.6134_B20201202 y N600R V5.3c.5137 son vulnerables a un control de acceso incorrecto."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"a3700r","defaultStatus":"unknown","cpes":["cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*"],"versions":[{"version":"v9.1.2u.6134_b20201202","status":"affected"}]},{"vendor":"totolink","product":"n600r","defaultStatus":"unknown","cpes":["cpe:2.3:h:totolink:n600r:-:*:*:*:*:*:*:*"],"versions":[{"version":"v5.3c.5137","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T17:57:01.109413Z","id":"CVE-2023-43141","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6134_b20201202:*:*:*:*:*:*:*","matchCriteriaId":"6F50C1F0-97C3-4A36-AF11-5833D01537F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*","matchCriteriaId":"05777EB4-0963-4317-AB0B-287A2140915D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:n600r_firmware:4.3.0cu.7647_b20210106:*:*:*:*:*:*:*","matchCriteriaId":"EB9382F5-D212-4B6A-94A6-56F889C16E4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:n600r:-:*:*:*:*:*:*:*","matchCriteriaId":"601C2FBE-B584-40B9-BBD7-7BF2A14CA694"}]}]}],"references":[{"url":"https://github.com/Blue-And-White/vul/blob/main/Iot/TOTOLINK/1/readme.md","source":"cve@mitre.org","tags":["Broken Link","Exploit","Third Party Advisory"]},{"url":"https://github.com/Blue-And-White/vul/blob/main/Iot/TOTOLINK/1/readme.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-42426","sourceIdentifier":"cve@mitre.org","published":"2023-09-25T21:15:15.640","lastModified":"2026-07-09T01:18:39.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to execute arbitrary code via the 'Insert link' parameter in the 'Insert Image' component."},{"lang":"es","value":"Vulnerabilidad de cross-site scripting (XSS) en Froala Froala Editor v.4.1.1 permite a atacantes remotos ejecutar código de su elección a través del parámetro 'Insertar enlace' en el componente 'Insertar imagen'."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"froala","product":"froala_editor","defaultStatus":"unknown","cpes":["cpe:2.3:a:froala:froala_editor:4.1.1:*:*:*:*:*:*:*"],"versions":[{"version":"4.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T17:29:35.322855Z","id":"CVE-2023-42426","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:froala:froala_editor:4.1.1:*:*:*:*:*:*:*","matchCriteriaId":"2BB68CF8-9500-4619-B1CF-32FE03ED6B61"}]}]}],"references":[{"url":"https://github.com/b0marek/CVE-2023-42426","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.youtube.com/watch?v=Me33Dx1_XqQ","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/b0marek/CVE-2023-42426","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.youtube.com/watch?v=Me33Dx1_XqQ","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-43278","sourceIdentifier":"cve@mitre.org","published":"2023-09-25T23:15:10.703","lastModified":"2026-07-09T01:18:40.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account."},{"lang":"es","value":"Un Cross-Site Request Forgery (CSRF) en admin_manager.php de Seacms hasta v12.8 permite a los atacantes agregar arbitrariamente una cuenta de administrador."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T15:41:48.442075Z","id":"CVE-2023-43278","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*","versionEndIncluding":"12.8","matchCriteriaId":"1387A5B3-00DF-47D3-8482-136F59D91D77"}]}]}],"references":[{"url":"https://blog.csdn.net/sugaryzheng/article/details/133283101?spm=1001.2014.3001.5501","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.seacms.net/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://blog.csdn.net/sugaryzheng/article/details/133283101?spm=1001.2014.3001.5501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.seacms.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-43232","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T15:19:33.533","lastModified":"2026-07-09T01:18:40.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the Website column management function of DedeBIZ v6.2.11 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter."},{"lang":"es","value":"Una vulnerabilidad de cross-site scripting (XSS) almacenadas en la función de administración de columnas del sitio web de DedeBIZ v6.2.11 permite a los atacantes ejecutar scripts web o HTML arbitrarias a través de un payload manipulado inyectado en el parámetro del título."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-23T19:46:49.783230Z","id":"CVE-2023-43232","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dedebiz:dedebiz:6.2.11:*:*:*:*:*:*:*","matchCriteriaId":"1C51EF6C-1405-42FA-B55C-78227DF54694"}]}]}],"references":[{"url":"https://github.com/yux1azhengye/mycve/blob/main/dedebiz_6.2.11_xss.pdf","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.dedebiz.com/download","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/yux1azhengye/mycve/blob/main/dedebiz_6.2.11_xss.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.dedebiz.com/download","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-43234","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T15:19:33.767","lastModified":"2026-07-09T01:18:40.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DedeBIZ v6.2.11 was discovered to contain multiple remote code execution (RCE) vulnerabilities at /admin/file_manage_control.php via the $activepath and $filename parameters."},{"lang":"es","value":"Se descubrió que DedeBIZ v6.2.11 contiene múltiples vulnerabilidades de Ejecución Remota de Código (RCE) en /admin/file_manage_control.php a través de los parámetros $activepath y $filename."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T15:01:39.509234Z","id":"CVE-2023-43234","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dedebiz:dedebiz:6.2.11:*:*:*:*:*:*:*","matchCriteriaId":"1C51EF6C-1405-42FA-B55C-78227DF54694"}]}]}],"references":[{"url":"https://github.com/yux1azhengye","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/yux1azhengye/mycve/blob/main/DedeBIZ_v6.2.11_RCE.pdf","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.dedebiz.com","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/yux1azhengye","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/yux1azhengye/mycve/blob/main/DedeBIZ_v6.2.11_RCE.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.dedebiz.com","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-43856","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T15:19:34.767","lastModified":"2026-07-09T01:18:41.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java."},{"lang":"es","value":"Se descubrió que Dreamer CMS v4.1.3 contenía una vulnerabilidad de lectura de archivos arbitraria a través del componente /admin/TemplateController.java."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T14:08:31.749047Z","id":"CVE-2023-43856","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-552"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iteachyou:dreamer_cms:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"113EEBC1-2B91-4AE0-995F-E24A4AD607BC"}]}]}],"references":[{"url":"http://cms.iteachyou.cc/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/yux1azhengye","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/yux1azhengye/mycve/blob/main/DreamerCMS%20arbitrary%20file%20reading.pdf","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"http://cms.iteachyou.cc/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/yux1azhengye","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]},{"url":"https://github.com/yux1azhengye/mycve/blob/main/DreamerCMS%20arbitrary%20file%20reading.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-41445","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:10.150","lastModified":"2026-07-09T01:18:38.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:25:52.583651Z","id":"CVE-2023-41445","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/84cac1b949bab0e4c587a668385b052d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41448","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:11.667","lastModified":"2026-07-09T01:18:38.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the ID parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro ID en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:25:30.220211Z","id":"CVE-2023-41448","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/458e17f24ebf7d8af3c5c4d7073347a0","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/458e17f24ebf7d8af3c5c4d7073347a0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41449","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:11.730","lastModified":"2026-07-09T01:18:38.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter."},{"lang":"es","value":"Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro reque."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:17:37.338543Z","id":"CVE-2023-41449","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/c1ae240f2acec138132aa64ce3faa2e0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41451","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:11.787","lastModified":"2026-07-09T01:18:39.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro txt en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:17:11.223823Z","id":"CVE-2023-41451","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/062cfca2e293a0e7d24f5d55f8db3fde","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41452","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:11.843","lastModified":"2026-07-09T01:18:39.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Request Forgery vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the txt parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross Site Request Forgery en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro txt en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:16:38.742353Z","id":"CVE-2023-41452","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/32be1c4bae6f9378d4f382ba0c92b367","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41453","sourceIdentifier":"cve@mitre.org","published":"2023-09-27T23:15:11.900","lastModified":"2026-07-09T01:18:39.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro cmd en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-24T13:15:57.390605Z","id":"CVE-2023-41453","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/be2ca92cb1f943d4c340c75fbfc9b783","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/be2ca92cb1f943d4c340c75fbfc9b783","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41446","sourceIdentifier":"cve@mitre.org","published":"2023-09-28T03:15:11.387","lastModified":"2026-07-09T01:18:38.427","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted script to the title parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado para el parámetro de título en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"phpkobo","product":"ajaxnewsticker","defaultStatus":"unknown","cpes":["cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-23T17:57:29.141265Z","id":"CVE-2023-41446","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/4bb91170f8ee50b395427f26bc96a1f2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41447","sourceIdentifier":"cve@mitre.org","published":"2023-09-28T03:15:11.480","lastModified":"2026-07-09T01:18:38.583","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the subcmd parameter in the index.php component."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scriptings en phpkobo AjaxNewTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro subcmd en el componente index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"phpkobo","product":"ajaxnewsticker","defaultStatus":"unknown","cpes":["cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-23T17:55:12.277125Z","id":"CVE-2023-41447","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/56b9fe4dcc3a248d4288bde5ffb3a5b3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/56b9fe4dcc3a248d4288bde5ffb3a5b3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41450","sourceIdentifier":"cve@mitre.org","published":"2023-09-28T03:15:11.563","lastModified":"2026-07-09T01:18:38.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter."},{"lang":"es","value":"Un problema en phpkobo AjaxNewsTicker v.1.0.5 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro reque."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-23T20:24:47.108184Z","id":"CVE-2023-41450","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpkobo:ajaxnewsticker:1.0.5:*:*:*:*:*:*:*","matchCriteriaId":"5AB746FE-B97E-47A9-949A-E9B4FA537D10"}]}]}],"references":[{"url":"https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/RNPG/e11af10e1bd3606de8b568033d932589","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-43176","sourceIdentifier":"cve@mitre.org","published":"2023-10-03T21:15:10.330","lastModified":"2026-07-09T01:18:40.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file."},{"lang":"es","value":"Una vulnerabilidad de deserialización en Afterlogic Aurora Files v9.7.3 permite a los atacantes ejecutar código arbitrario proporcionando un archivo .sabredav manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-20T16:16:26.309366Z","id":"CVE-2023-43176","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:afterlogic:aurora_files:9.7.3:*:*:*:*:*:*:*","matchCriteriaId":"B2DF2E3B-326A-42B9-AAB5-02A7A78A99DB"}]}]}],"references":[{"url":"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H&version=3.1","source":"cve@mitre.org","tags":["Third Party Advisory","US Government Resource","VDB Entry"]},{"url":"https://sec.leonardini.dev/blog/cve-2023-43176-rce_aurora_files/","source":"cve@mitre.org","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H&version=3.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource","VDB Entry"]},{"url":"https://sec.leonardini.dev/blog/cve-2023-43176-rce_aurora_files/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-43261","sourceIdentifier":"cve@mitre.org","published":"2023-10-04T12:15:10.627","lastModified":"2026-07-09T01:18:40.603","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components."},{"lang":"es","value":"Una divulgación de información en Milesight UR5X, UR32L, UR32, UR35, UR41 anterior a v35.3.0.7 permite a los atacantes acceder a componentes confidenciales del router."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-23T13:30:15.619711Z","id":"CVE-2023-43261","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:milesight:ur5x_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"35.3.0.7","matchCriteriaId":"F0915F1C-87D1-4375-9FBC-45C38EBAB645"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur51:-:*:*:*:*:*:*:*","matchCriteriaId":"9A5538BB-43CB-461F-9DA3-11F2F147F233"},{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur52:-:*:*:*:*:*:*:*","matchCriteriaId":"22242E4A-9719-4EB1-BB92-2AB606F323A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur55:-:*:*:*:*:*:*:*","matchCriteriaId":"BFD82DC3-E1E6-4073-8160-03FCADD9151E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:milesight:ur32l_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"35.3.0.7","matchCriteriaId":"E538CE7E-1300-40FD-B99F-BDBFF104FB55"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur32l:-:*:*:*:*:*:*:*","matchCriteriaId":"224B5936-7A7A-48E7-B0F3-754B74E4BF2D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:milesight:ur32_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"35.3.0.7","matchCriteriaId":"38B4812C-F6AE-4E05-BF80-41DEE6DB3171"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur32:-:*:*:*:*:*:*:*","matchCriteriaId":"080EADC9-FFA7-4789-8A88-FD3F484EDC42"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:milesight:ur35_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"35.3.0.7","matchCriteriaId":"8FE72087-C99B-4108-ADA7-1B7FA476E7C1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur35:-:*:*:*:*:*:*:*","matchCriteriaId":"616ACA1E-D93D-4A07-AEE0-37C2AE35A326"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:milesight:ur41_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"35.3.0.7","matchCriteriaId":"E00FF8AD-4E24-4154-BA7B-99867515AB80"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:milesight:ur41:-:*:*:*:*:*:*:*","matchCriteriaId":"7D8BC494-6640-47F0-8F58-AB8118C07329"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html","source":"cve@mitre.org"},{"url":"https://github.com/win3zz/CVE-2023-43261","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/@win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf","source":"cve@mitre.org"},{"url":"https://support.milesight-iot.com/support/home","source":"cve@mitre.org","tags":["Product"]},{"url":"http://packetstormsecurity.com/files/176988/Milesight-UR5X-UR32L-UR32-UR35-UR41-Credential-Leakage.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/win3zz/CVE-2023-43261","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://medium.com/%40win3zz/inside-the-router-how-i-accessed-industrial-routers-and-reported-the-flaws-29c34213dfdf","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://support.milesight-iot.com/support/home","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-43896","sourceIdentifier":"cve@mitre.org","published":"2023-10-10T16:15:10.047","lastModified":"2026-07-09T01:18:41.263","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow in Macrium Reflect 8.1.7544 and below allows attackers to escalate privileges or execute arbitrary code."},{"lang":"es","value":"Un desbordamiento de búfer en Macrium Reflect 8.1.7544 y versiones anteriores permite a los atacantes escalar privilegios o ejecutar código arbitrario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-19T14:58:57.529540Z","id":"CVE-2023-43896","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:macrium:reflect:8.1.7544:*:*:*:*:*:*:*","matchCriteriaId":"D6F66109-567C-4DB9-92EE-FDA4B528FE5F"}]}]}],"references":[{"url":"https://knowledgebase.macrium.com/display/KNOW80/CVE-2023-43896+Advisory","source":"cve@mitre.org"},{"url":"https://northwave-cybersecurity.com/vulnerability-notice/macrium-reflect-driver-out-of-bounds-write","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://knowledgebase.macrium.com/display/KNOW80/CVE-2023-43896+Advisory","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://northwave-cybersecurity.com/vulnerability-notice/macrium-reflect-driver-out-of-bounds-write","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-37830","sourceIdentifier":"cve@mitre.org","published":"2023-10-19T13:15:09.140","lastModified":"2026-07-09T01:17:39.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Interway a.s WebJET CMS 8.6.896 is vulnerable to Cross Site Scripting (XSS)."},{"lang":"es","value":"Interway a.s WebJET CMS 8.6.896 es vulnerable a Cross Site Scripting (XSS)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-13T14:50:25.545566Z","id":"CVE-2022-37830","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webjet:webjet_cms:*:*:*:*:*:*:*:*","versionEndExcluding":"8.6.896","matchCriteriaId":"0370E88A-BEE3-43AE-8535-7792D02EA10C"}]}]}],"references":[{"url":"https://citadelo.com/download/CVE-2022-37830.pdf","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://citadelo.com/download/CVE-2022-37830.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-45379","sourceIdentifier":"cve@mitre.org","published":"2023-10-19T13:15:10.323","lastModified":"2026-07-09T01:18:41.407","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the module \"Rotator Img\" (posrotatorimg) in versions at least up to 1.1 from PosThemes for PrestaShop, a guest can perform SQL injection."},{"lang":"es","value":"En el módulo \"Rotator Img\" (posrotatorimg) en versiones al menos hasta 1.1 de PosThemes para PrestaShop, un invitado puede realizar una inyección SQL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-13T14:30:04.646566Z","id":"CVE-2023-45379","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:posthemes:posrotatorimg:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"1.1","matchCriteriaId":"AC523A14-8792-48D2-A0C4-0B6D8F31ACC8"}]}]}],"references":[{"url":"https://security.friendsofpresta.org/modules/2023/10/17/posrotatorimg.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://security.friendsofpresta.org/modules/2023/10/17/posrotatorimg.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-45992","sourceIdentifier":"cve@mitre.org","published":"2023-10-19T19:15:16.223","lastModified":"2026-07-09T01:18:41.693","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based interface of the RUCKUS Cloudpath product on version 5.12 build 5538 or before to could allow a remote, unauthenticated attacker to execute persistent XSS and CSRF attacks against a user of the admin management interface. A successful attack, combined with a certain admin activity, could allow the attacker to gain full admin privileges on the exploited system."},{"lang":"es","value":"Una vulnerabilidad en la interfaz web del producto RUCKUS Cloudpath en la versión 5.12 build 5538 o anterior podría permitir que un atacante remoto no autenticado ejecute ataques XSS y CSRF persistentes contra un usuario de la interfaz de gestión de administración. Un ataque exitoso, combinado con una determinada actividad administrativa, podría permitir al atacante obtener privilegios completos de administrador en el sistema explotado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:commscope:ruckus_cloudpath_enrollment_system:*:*:*:*:*:*:*:*","versionEndIncluding":"5.12.5538","matchCriteriaId":"C21536CD-2726-476D-A01C-1DF492A24F9A"}]}]}],"references":[{"url":"https://github.com/harry935/CVE-2023-45992","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://server.cloudpath/","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://server.cloudpath/admin/enrollmentData/","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://support.ruckuswireless.com/security_bulletins/322","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://github.com/harry935/CVE-2023-45992","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://server.cloudpath/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://server.cloudpath/admin/enrollmentData/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://support.ruckuswireless.com/security_bulletins/322","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-46010","sourceIdentifier":"cve@mitre.org","published":"2023-10-25T18:17:35.657","lastModified":"2026-07-09T01:18:41.823","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component."},{"lang":"es","value":"Un problema en SeaCMS v.12.9 permite a un atacante ejecutar comandos arbitrarios a través del componente admin_safe.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-11T18:12:21.419661Z","id":"CVE-2023-46010","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seacms:seacms:*:*:*:*:*:*:*:*","versionEndIncluding":"12.9","matchCriteriaId":"4B114546-6AB3-471D-BB71-4AE0B0443265"}]}]}],"references":[{"url":"https://blog.csdn.net/DGS666/article/details/133795200?spm=1001.2014.3001.5501","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://blog.csdn.net/DGS666/article/details/133795200?spm=1001.2014.3001.5501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-42425","sourceIdentifier":"cve@mitre.org","published":"2023-10-31T15:15:09.340","lastModified":"2026-07-09T01:18:39.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary code and obtain sensitive information via the cloud connection components."},{"lang":"es","value":"Un problema en Turing Video Turing Edge+ EVC5FD v.1.38.6 permite a un atacante remoto ejecutar código arbitrario y obtener información confidencial a través de los componentes de conexión a la nube."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"turing","product":"edge\\+_evc5fd","defaultStatus":"unknown","cpes":["cpe:2.3:h:turing:edge\\+_evc5fd:-:*:*:*:*:*:*:*"],"versions":[{"version":"1.38.6","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-09T17:42:39.383370Z","id":"CVE-2023-42425","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:turing:edge\\+_evc5fd_firmware:1.38.6:*:*:*:*:*:*:*","matchCriteriaId":"4206C572-8184-4D8D-A29A-38C7A3B3E10C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:turing:edge\\+_evc5fd:-:*:*:*:*:*:*:*","matchCriteriaId":"24EC9C56-0208-4D30-9870-DC57BFD3083E"}]}]}],"references":[{"url":"https://gist.github.com/stevenliuturing/306bb689737cec5d3a5760c34d65932c","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/stevenliuturing/306bb689737cec5d3a5760c34d65932c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-43336","sourceIdentifier":"cve@mitre.org","published":"2023-11-02T12:15:09.673","lastModified":"2026-07-09T01:18:41.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sangoma Technologies FreePBX before cdr 15.0.18, 16.0.40, 15.0.16, and 16.0.17 was discovered to contain an access control issue via a modified parameter value, e.g., changing extension=self to extension=101."},{"lang":"es","value":"Se descubrió que Sangoma Technologies FreePBX anterior a cdr 15.0.18, 16.0.40, 15.0.16 y 16.0.17 contenía un problema de control de acceso a través de un valor de parámetro modificado, por ejemplo, cambiando extensión=self a extensión=101."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-05T20:22:15.863608Z","id":"CVE-2023-43336","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0.16","matchCriteriaId":"67A2BA00-D508-4A51-A615-13C9E00722EC"},{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.2","versionEndExcluding":"16.0.17","matchCriteriaId":"2FCF3B9C-F378-41AB-9A2B-B7463ADE57D2"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*","versionEndExcluding":"15.0.18","matchCriteriaId":"5211D126-B9A2-4834-898C-90EB8AEFFF15"},{"vulnerable":true,"criteria":"cpe:2.3:a:sangoma:freepbx:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.2","versionEndExcluding":"16.0.40","matchCriteriaId":"6922607E-29FD-4DFA-9E61-C7C2A134F7F1"}]}]}],"references":[{"url":"https://medium.com/@janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826","source":"cve@mitre.org"},{"url":"https://medium.com/%40janirudransh/security-disclosure-of-vulnerability-cve-2023-23336-4429d416f826","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-46958","sourceIdentifier":"cve@mitre.org","published":"2023-11-02T22:15:09.250","lastModified":"2026-07-09T01:18:42.797","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in lmxcms v.1.41 allows a remote attacker to execute arbitrary code via a crafted script to the admin.php file."},{"lang":"es","value":"Un problema en lmxcms v.1.41 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el archivo admin.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-06T14:02:47.297383Z","id":"CVE-2023-46958","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lmxcms:lmxcms:1.41:*:*:*:*:*:*:*","matchCriteriaId":"8FBD77AA-E05B-4141-AF77-E5F1AAA215EE"}]}]}],"references":[{"url":"http://www.lmxcms.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/durian5201314/6507d1057c62f4bf93e740a631617434","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"http://www.lmxcms.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://gist.github.com/durian5201314/6507d1057c62f4bf93e740a631617434","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-41425","sourceIdentifier":"cve@mitre.org","published":"2023-11-07T16:15:28.867","lastModified":"2026-07-09T01:18:38.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en Wonder CMS v.3.2.0 a v.3.4.2 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado y cargado en el componente installModule."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"wondercms","product":"wondercms","defaultStatus":"unknown","cpes":["cpe:2.3:a:wondercms:wondercms:*:*:*:*:*:*:*:*"],"versions":[{"version":"3.2.0","lessThan":"3.4.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-05T13:44:34.632947Z","id":"CVE-2023-41425","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wondercms:wondercms:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndIncluding":"3.4.2","matchCriteriaId":"12378343-FA06-47FB-B3A5-BE3858A34347"}]}]}],"references":[{"url":"https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://packetstorm.news/files/id/190575/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/52271","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-48056","sourceIdentifier":"cve@mitre.org","published":"2023-11-16T18:15:07.440","lastModified":"2026-07-09T01:18:44.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications."},{"lang":"es","value":"PyPinkSign v0.5.1 utiliza un IV no aleatorio o estático para el modo Cipher Block Chaining (CBC) en el cifrado AES. Esta vulnerabilidad puede dar lugar a la divulgación de información y comunicaciones."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2023-11-16T19:10:47.126236Z","id":"CVE-2023-48056","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-330"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bandoche:pypinksign:0.5.1:*:*:*:*:*:*:*","matchCriteriaId":"FD699B70-087B-47BC-B486-13A7DA1BEDC1"}]}]}],"references":[{"url":"https://gxx777.github.io/PyPinkSign_v0.5.1_Cryptographic_API_Misuse_Vulnerability.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gxx777.github.io/PyPinkSign_v0.5.1_Cryptographic_API_Misuse_Vulnerability.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-48192","sourceIdentifier":"cve@mitre.org","published":"2023-11-20T22:15:07.243","lastModified":"2026-07-09T01:18:44.857","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in TOTOlink A3700R v.9.1.2u.6134_B20201202 allows a local attacker to execute arbitrary code via the setTracerouteCfg function."},{"lang":"es","value":"Un problema en TOTOlink A3700R v.9.1.2u.6134_B20201202 permite a un atacante local ejecutar código arbitrario a través de la función setTracerouteCfg."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6134_b20201202:*:*:*:*:*:*:*","matchCriteriaId":"6F50C1F0-97C3-4A36-AF11-5833D01537F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*","matchCriteriaId":"05777EB4-0963-4317-AB0B-287A2140915D"}]}]}],"references":[{"url":"https://github.com/zxsssd/TotoLink-","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://github.com/zxsssd/TotoLink-","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2023-48105","sourceIdentifier":"cve@mitre.org","published":"2023-11-22T23:15:10.617","lastModified":"2026-07-09T01:18:44.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An heap overflow vulnerability was discovered in Bytecode alliance wasm-micro-runtime v.1.2.3 allows a remote attacker to cause a denial of service via the wasm_loader_prepare_bytecode function in core/iwasm/interpreter/wasm_loader.c."},{"lang":"es","value":"Se descubrió una vulnerabilidad de desbordamiento del heap en Bytecode alliance wasm-micro-runtime v.1.2.3 que permite a un atacante remoto provocar una denegación de servicio a través de la función wasm_loader_prepare_bytecode en core/iwasm/interpreter/wasm_loader.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2023-12-01T19:06:19.084717Z","id":"CVE-2023-48105","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bytecodealliance:webassembly_micro_runtime:1.2.3:*:*:*:*:*:*:*","matchCriteriaId":"438EEBB6-205A-496A-A009-321357C86154"}]}]}],"references":[{"url":"https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://github.com/bytecodealliance/wasm-micro-runtime/pull/2734/commits/4785d91b16dd49c09a96835de2d9c7b077543fa4","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/bytecodealliance/wasm-micro-runtime/issues/2726","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://github.com/bytecodealliance/wasm-micro-runtime/pull/2734/commits/4785d91b16dd49c09a96835de2d9c7b077543fa4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}},{"cve":{"id":"CVE-2023-48193","sourceIdentifier":"cve@mitre.org","published":"2023-11-28T21:15:08.373","lastModified":"2026-07-09T01:18:44.977","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users who are allowed to execute files."},{"lang":"es","value":"La vulnerabilidad de permisos inseguros en JumpServer GPLv3 v.3.8.0 permite a un atacante remoto ejecutar código arbitrario omitiendo la función de filtrado de comandos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fit2cloud:jumpserver:3.8.0:*:*:*:*:*:*:*","matchCriteriaId":"BEA14CBD-A40D-4DB1-B0F4-42E9C62A5B54"}]}]}],"references":[{"url":"https://blog.fit2cloud.com/?p=8cf83cd9-c23b-4625-9350-38926fb7f88e","source":"cve@mitre.org"},{"url":"https://github.com/296430468/lcc_test/blob/main/jumpserver_BUG.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jumpserver/jumpserver","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/jumpserver/jumpserver/issues/13394","source":"cve@mitre.org"},{"url":"https://blog.fit2cloud.com/?p=8cf83cd9-c23b-4625-9350-38926fb7f88e","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/296430468/lcc_test/blob/main/jumpserver_BUG.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jumpserver/jumpserver","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/jumpserver/jumpserver/issues/13394","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-23324","sourceIdentifier":"cve@mitre.org","published":"2023-11-29T01:15:07.127","lastModified":"2026-07-09T01:18:03.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account."},{"lang":"es","value":"Zumtobel Netlink CCD Onboard 3.74: se descubrió que el firmware 3.80 contiene credenciales codificadas para la cuenta de administrador."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zumtobel:netlink_ccd_firmware:3.80:*:*:*:*:*:*:*","matchCriteriaId":"6420755E-4442-4FBB-AF8E-F5742031BC21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zumtobel:netlink_ccd:3.74:*:*:*:*:*:*:*","matchCriteriaId":"FB3769BB-3A5F-4A10-BEFD-EC0362085B7F"}]}]}],"references":[{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Mitigation","Third Party Advisory"]},{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-23325","sourceIdentifier":"cve@mitre.org","published":"2023-11-29T01:15:07.187","lastModified":"2026-07-09T01:18:04.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection vulnerability via the NetHostname parameter."},{"lang":"es","value":"Zumtobel Netlink CCD Onboard 3.74: se descubrió que el firmware 3.80 contiene una vulnerabilidad de inyección de comandos a través del parámetro NetHostname."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2023-11-29T19:29:59.902756Z","id":"CVE-2023-23325","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zumtobel:netlink_ccd_firmware:3.80:*:*:*:*:*:*:*","matchCriteriaId":"6420755E-4442-4FBB-AF8E-F5742031BC21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zumtobel:netlink_ccd:3.74:*:*:*:*:*:*:*","matchCriteriaId":"FB3769BB-3A5F-4A10-BEFD-EC0362085B7F"}]}]}],"references":[{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Mitigation","Third Party Advisory"]},{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-24294","sourceIdentifier":"cve@mitre.org","published":"2023-11-29T01:15:07.237","lastModified":"2026-07-09T01:18:08.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Zumtobel Netlink CCD Onboard v3.74 - Firmware v3.80 was discovered to contain a buffer overflow via the component NetlinkWeb::Information::SetDeviceIdentification."},{"lang":"es","value":"Zumtobel Netlink CCD Onboard v3.74 - Se descubrió que el firmware v3.80 contiene un desbordamiento del búfer a través del componente NetlinkWeb::Information::SetDeviceIdentification."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zumtobel:netlink_ccd_firmware:3.80:*:*:*:*:*:*:*","matchCriteriaId":"6420755E-4442-4FBB-AF8E-F5742031BC21"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zumtobel:netlink_ccd:3.74:*:*:*:*:*:*:*","matchCriteriaId":"FB3769BB-3A5F-4A10-BEFD-EC0362085B7F"}]}]}],"references":[{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Mitigation","Third Party Advisory"]},{"url":"https://yoroi.company/en/research/cve-advisory-partial-disclosure-zumtobel-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-48940","sourceIdentifier":"cve@mitre.org","published":"2023-12-06T02:15:06.810","lastModified":"2026-07-09T01:18:45.330","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) Almacenadas en /admin.php de DaiCuo v2.5.15 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:daicuo:daicuo:2.5.15:*:*:*:*:*:*:*","matchCriteriaId":"0500B3BB-DB6C-4D83-BF0C-4D424E2AA485"}]}]}],"references":[{"url":"https://gist.github.com/durian5201314/957af852a42dad9c07ceb3fb2f8359b2","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.daicuo.net/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/durian5201314/957af852a42dad9c07ceb3fb2f8359b2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.daicuo.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-43303","sourceIdentifier":"cve@mitre.org","published":"2023-12-07T07:15:09.027","lastModified":"2026-07-09T01:18:40.897","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in craftbeer bar canvas mini-app on Line v13.6.1 allows attackers to send crafted malicious notifications via leakage of the channel access token (via captured network traffic)."},{"lang":"es","value":"Un problema en la miniaplicación craftbeer bar canvas en Line v13.6.1 permite a los atacantes enviar notificaciones maliciosas manipuladas mediante la fuga del token de acceso al canal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"22743D41-3381-4220-8D9F-60CC36E48F78"}]}]}],"references":[{"url":"https://www.cve.org/CVERecord?id=CVE-2023-43303","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2023-33411","sourceIdentifier":"cve@mitre.org","published":"2023-12-07T18:15:07.393","lastModified":"2026-07-09T01:18:22.730","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A web server in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions up to 3.17.02, allows remote unauthenticated users to perform directory traversal, potentially disclosing sensitive information."},{"lang":"es","value":"Un servidor web en la implementación de Baseboard Management Controller (BMC) de Intelligent Platform Management Interface (IPMI) en dispositivos basados en Supermicro X11 y M11, con versiones de firmware hasta 3.17.02, permite a usuarios remotos no autenticados realizar recorridos de directorio, revelando potencialmente información confidencial."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-26T15:28:13.887741Z","id":"CVE-2023-33411","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB4C5A73-CF7A-4891-90A0-ECC1BEEEC8F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA419264-0203-4851-83E2-6C8D9EC10CC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B119A07-8996-4EF8-9BCA-6F0EFC78ABA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"47CE6672-50D3-4F34-86A9-75B81CDF2A9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A61610F5-C653-4731-8B42-8C70BDF7505E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC8BBC2-9D1B-4242-A850-48BA13F3BEC3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A7BE31C-1C28-4937-BB45-46C978ADC335"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"704A622A-9144-4673-8DF2-651B7C70450B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c\\+-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03497EA2-5051-4B65-A851-C95DD0C45C84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c\\+-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C183B42C-0B42-4C80-9FB2-0191B06A754B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8865673-289A-4E7F-8DA5-C707957AE5D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg:-:*:*:*:*:*:*:*","matchCriteriaId":"43A67415-C05D-46F8-8C82-381A4763610C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA8F7797-378F-4BB0-A172-D79E01891F5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300:-:*:*:*:*:*:*:*","matchCriteriaId":"F049DED7-6A11-4B35-9318-7CBF9A4669DD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"62CE5298-8933-42C7-9538-0CF7152E086E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBB5FD13-BCEB-4E0C-999A-B8DC68073B9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FCDC20AD-D292-472D-A725-C99D90D696D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf:-:*:*:*:*:*:*:*","matchCriteriaId":"0670C747-49E6-4358-9989-CBF08D20BDD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9C918A3A-2BCD-4F62-9EBA-13C8F3C016F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"29A2FC6A-8873-4B9F-A1B4-B88429A135F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"861476F5-E684-41AE-9E33-62D22A18B064"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf:-:*:*:*:*:*:*:*","matchCriteriaId":"1AC82579-210A-40F5-A12E-2829FF0B2DA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E3B530C-3664-4EE6-B15F-4031E91893C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"595457C2-0C73-457F-B571-B9B694062D7E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13dee_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97C2F1CB-98A2-487C-8E9D-75CCF36B1C5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13dee:-:*:*:*:*:*:*:*","matchCriteriaId":"3411564B-FCE5-4819-B226-65F7B3152E32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13det_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2FBB7068-B11B-43FD-8866-71F3484248EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13det:-:*:*:*:*:*:*:*","matchCriteriaId":"67D98A72-B2DE-40C8-9491-B7543677A266"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13see-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DD8AAC7B-19F3-43D4-89AD-A5F717374067"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13see-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B1B07E94-29D2-4DAA-9B34-3573FEE22C7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13seg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B0D0D78-832E-41E6-84B8-C651C94749EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13seg:-:*:*:*:*:*:*:*","matchCriteriaId":"B6F157CA-D9A4-4EFA-8C0E-D644E9E3C8A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6BB12538-3CEC-4A7C-8E9A-DE7E5079E426"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"DA579368-7624-46E8-93A4-596A18538BD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu-d_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6552B70F-94CA-4AEC-9519-D2952A0B3B3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu-d:-:*:*:*:*:*:*:*","matchCriteriaId":"7E0F442E-B787-43EA-8FC7-078935708514"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-om_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"66D2261E-3CFE-40A8-8C80-DE4B0F70CA33"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-om:-:*:*:*:*:*:*:*","matchCriteriaId":"B93C26E1-EC4A-4B55-BC6C-4DBB3B29F548"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B066F428-4D87-4233-8C49-475ACEE4A861"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsh:-:*:*:*:*:*:*:*","matchCriteriaId":"89B92EB3-1B95-4095-BBEA-B1DBDB3B0FA2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sae-mf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B275D084-1081-4891-B8A4-CFEDA687593C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sae-mf:-:*:*:*:*:*:*:*","matchCriteriaId":"F556ECED-E349-4D22-B5E6-FC7D5E70BEAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B22FBD4-BA6A-418D-A835-93B61F08B085"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"87E5769F-2994-4D71-BA3F-F84600F888A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0B25B157-9AB1-4FBA-8500-01AC35A91911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6A6CDD62-FD70-4219-A8B3-3C0F01C3F1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13srd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87BA83AC-0BE8-4E0A-9A55-6B7E976153BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13srd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"675A5F85-E7EF-40B4-A7B0-1C4FA83E20F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C5522D20-411D-4673-AEFF-91F872050CCF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssf:-:*:*:*:*:*:*:*","matchCriteriaId":"63215A82-9A56-4901-B5AE-90633D64E1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65CFBF7E-4450-495A-8E29-BB814EE5474E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssh:-:*:*:*:*:*:*:*","matchCriteriaId":"10D2DCA1-183A-48FE-8F59-B1A67B0576DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"772C085F-F428-48EE-B559-B77B891BBCB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-n:-:*:*:*:*:*:*:*","matchCriteriaId":"364216C0-0D65-40A9-B35B-36B1A9228A56"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A37D71E-3B24-4890-975F-B1807ED531A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F06F7E1B-6235-4B48-88AA-B9833AE75862"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"098BEC3C-6859-454A-B466-CCD975C6EE12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-g:-:*:*:*:*:*:*:*","matchCriteriaId":"005B9DC1-4115-4773-8F45-F4FB555A03D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF2A14DE-1F9F-4D01-9CB4-977C8D71597A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"5C340BFE-2FB0-4BF6-A2B2-B8526DBB1D63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssw_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"917A23DF-FCEF-4FB6-ACDD-8077A2091816"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssw:-:*:*:*:*:*:*:*","matchCriteriaId":"0A611C4A-57C2-48A2-B3E8-4AC46242CD31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BC575B82-D63B-4FBE-A18D-BA9A7615F66E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-n:-:*:*:*:*:*:*:*","matchCriteriaId":"FB3B6BEB-65D4-4D08-A2A0-5B91C5C93757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"50B780CA-71F0-479F-B1C3-4573129883E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"8F0AA1B7-A15E-4570-A47A-4734DAAFC9F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dai-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3450B80D-F902-4A9B-AC94-474C6A1BEA06"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dai-t:-:*:*:*:*:*:*:*","matchCriteriaId":"75EA52CF-A1A2-4A09-849A-423F6E47A485"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13ddw-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4FAFFA34-4335-4A0E-BEAE-A9502CD47265"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13ddw-a:-:*:*:*:*:*:*:*","matchCriteriaId":"558BAD24-8C02-4A7C-B10F-48059C810579"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"571760F1-A792-4319-9592-19368FF462FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oa:-:*:*:*:*:*:*:*","matchCriteriaId":"5FAD54D8-480C-4BBA-8A17-5557BDA7CED0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oad_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B4903E9B-8C41-42C2-95FB-8171EA6D6C3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oad:-:*:*:*:*:*:*:*","matchCriteriaId":"D661D4FC-874B-4020-B03B-A7DC3B82B0E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-pvc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6C305075-2344-408D-A569-7457434C8A9A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-pvc:-:*:*:*:*:*:*:*","matchCriteriaId":"BD036B36-43BA-451C-B371-A04C41FBEB65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"606D0988-D3C0-47CE-A8F4-5440243416AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF5517B-B6C5-47CA-929F-D4B95827A902"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2D119D5D-AC6F-4606-9075-807201258470"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deh:-:*:*:*:*:*:*:*","matchCriteriaId":"852917B3-AFF7-4465-873C-5D5A10F7966D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6E28F78-6BD7-4E2B-8BA3-2637FEB09DBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei:-:*:*:*:*:*:*:*","matchCriteriaId":"A18D05BE-FE30-4041-A250-1F26825C591C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9AB27667-74A7-493E-8B98-4B1836779245"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei-t:-:*:*:*:*:*:*:*","matchCriteriaId":"841C9D0B-F0AF-411F-BA06-2432BA24B275"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dem_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AF9BD95-9BA9-4949-A7D5-028BE528E81F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dem:-:*:*:*:*:*:*:*","matchCriteriaId":"E3A34C5B-89B4-4DC2-A8CE-9257B450D79E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13det-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"76182A30-365B-4183-A3D6-24B43A1DD5A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13det-b:-:*:*:*:*:*:*:*","matchCriteriaId":"EBFC9589-DF31-4D9C-B50E-11503F99C618"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00D7B8E2-ECC7-433C-9BF8-30DB2DD9C904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"70E0611D-F0DA-44DB-8D43-C9249B6106DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dsf-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"979A6750-1575-4E5F-B440-620D8623F0A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dsf-a:-:*:*:*:*:*:*:*","matchCriteriaId":"CE647392-5307-4D6B-BAC0-4533BC4A4801"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13qeh\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FAB88534-4CDD-463E-8004-688F16BA3C03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13qeh\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6560D7C5-8D62-4634-8E2C-CB293BCE3126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7BE8C5BC-7C49-4139-9D21-78463D7DC775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae:-:*:*:*:*:*:*:*","matchCriteriaId":"F36733DC-9633-41C9-BEB6-AA1630FCB9DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"45F2F46A-C272-4187-BC92-248F7BEE5DCB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B6AE36E6-C235-4524-A5AA-C26AD5B8AEC7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9FE5298-F64E-4333-A870-C9D916562250"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c:-:*:*:*:*:*:*:*","matchCriteriaId":"74BCA069-8DFA-4441-AA2E-2861C01A4A6E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1460E0F4-1786-4C80-AAD3-0DC3229B0863"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"2B2C7E3F-7E79-409C-AA7B-29361EB96516"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B35449E-A228-46C0-8FB4-AC1052ADDB7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E8F060-82A0-49AF-AC11-69ED96403CA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0554C8B7-A7C4-4850-9C2E-3DCAB3530AD0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"9551D604-528B-4942-B207-37E851F64690"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00FC5F1A-ACB3-4F63-B276-B92EAE871ACC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h:-:*:*:*:*:*:*:*","matchCriteriaId":"87F176BE-5099-49B2-B658-7A8F2BFF793E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7BF68EB-AFC5-49C7-BF62-416E7EFD638D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"3378D8AA-EB40-4F73-83CD-765FA4A4DC6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1729755B-724B-4D01-B858-60216C580CD6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l:-:*:*:*:*:*:*:*","matchCriteriaId":"96CBF59E-7865-41A5-8952-512FD13F1CD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2390C99E-41A6-4A56-B89E-15041AEEF467"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"66765BAD-8F07-492C-8740-25FBC4DB0DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DAA5324E-0383-4022-9E85-36DEF93C3CC4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saq:-:*:*:*:*:*:*:*","matchCriteriaId":"4B8AD410-AF0F-42E0-B60A-71BCBB6BC3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"764B379D-46A1-49FA-9BB7-C024F3F165CC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7C2F5EDC-CFD5-41F5-9EAF-FB5CB6E9764F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00ED42A1-6577-48D3-ABF0-B3ECA79023F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AE3C2846-5816-4773-B73D-4B36A6B24542"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0C33B135-B212-4F75-A0B5-615CB437B782"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"A97110CA-8623-4EF4-90DE-9356D5E9311F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B994482-2AC4-40DE-92BB-81D50EC62073"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"909438EF-7652-4184-9DB8-CB2E45B300A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sedw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97AA39B0-E63B-4CCE-82D2-092A075D6490"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sedw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"46BE300F-CE76-45F4-BFBF-6CA857E593CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A793DE0A-83C2-4EC1-AE60-C77F2BBDD73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-f:-:*:*:*:*:*:*:*","matchCriteriaId":"241D4911-2240-42CD-8F52-F7B66CBE0CEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-sf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAC88C3E-9A6D-43FC-AE3F-D1630D3B00EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-sf:-:*:*:*:*:*:*:*","matchCriteriaId":"A3C13F43-A756-4395-9FC9-CF4DF74B3393"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sefr-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4C41416B-7DC7-4CE1-B269-BAA9EE844C2E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sefr-a:-:*:*:*:*:*:*:*","matchCriteriaId":"509CD460-D28B-4267-8E6D-FAC4F2332AD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A8277A30-EB1D-44B0-8B86-0EB1F9FE1238"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-f:-:*:*:*:*:*:*:*","matchCriteriaId":"95E7BBBC-A310-4F66-874B-1A7A8ABA1BD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6326D9F2-F77C-4EBE-9238-93CE8977F7F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"403DBCD1-9A34-48CF-B610-62E6369118C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A4C3FE24-FCD0-4376-BF5A-58A9559EBE67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBD8D5E0-0545-47AA-9A16-566D7EC2CD8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"42D566FE-B728-499C-99AC-197C2A8B8647"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9825E801-7F77-479B-B8E6-751AAD67E8DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65FF4FE8-BC6B-4158-9C77-E43B01C382D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-g:-:*:*:*:*:*:*:*","matchCriteriaId":"0E19D0CC-9619-4F17-B7B8-CD94A9583682"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BB74893-3F83-4B5D-AA17-AA773C58C2E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"625C3534-DE49-4833-AC7D-4B12A3B7C4D3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3445CA19-640D-4493-A0C2-A36AC853D2DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-f:-:*:*:*:*:*:*:*","matchCriteriaId":"996E89B5-0F5D-49F1-8F1A-CFDD698B6709"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF6C8519-1FFD-4BD8-9FB5-BD8124B1DAA6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"2A880465-2345-4807-832A-C277A3B12224"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B40FE641-15F4-4BCB-9438-9D87504C36B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FCE31EC0-1E3C-404B-8202-451F7708DB85"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"93700262-0646-45A4-8D10-46F9F7167D78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6E7176-6F39-406C-BAD4-E244CA46E8CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"79E512EC-73A2-499F-8EF3-786DC0E2CAB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E95DFD86-177C-405C-B738-08A22770BFFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EA02E576-E217-4971-8E5F-A970C877F35D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"90A4FB92-627A-44BC-8ADC-BF1AC00DA889"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7DCB5B5-5C83-4C67-946B-71C705418FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"AF9C1975-29A8-44D9-998A-01770D5FE776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13swa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"07524755-F1AC-4185-9494-91C1361E3000"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13swa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C2EA1F0A-9282-4BBA-8752-FE0E14B5A9F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpe-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11D3CA26-0BB8-49E6-B2F7-0ABFD1036220"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpe-6:-:*:*:*:*:*:*:*","matchCriteriaId":"CE507AF6-C51D-41F9-B7D3-97F5E2C92EF9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpt-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"60436593-5D82-4956-AE33-31BBB0F03B54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpt-6:-:*:*:*:*:*:*:*","matchCriteriaId":"D73CE868-F4FF-4645-AD2C-5CC8064A1632"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12spe-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAE6D577-66CB-48FD-8B07-8ADCE788BAB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12spe-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B9D8065D-2076-4DFA-9156-486EC6DC3521"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5021B9F2-BE6F-4EC5-8820-CD7B79DB44F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"6BE72168-E2BE-4E5D-99A3-E5874FB027E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgq-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"039BEF08-D29A-441A-83F9-3918895446FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgq-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C9BF14BD-5E65-4C3C-ABD4-E7D26AF05D25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"22789C3E-DCF9-491F-9F3D-FCEFB9700655"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"55A8A11C-8FE3-4789-A517-F1E14FC2710B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-q-cpu6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A7A1BB17-DCB8-492F-B560-30BC66E3ED6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-q-cpu6:-:*:*:*:*:*:*:*","matchCriteriaId":"44FE8EFA-41DD-44FC-9786-3AFC6AB828D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D666C96E-79E9-4932-AA62-22B856379AD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9892D863-F361-4511-BB61-61398CB8360F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CC212365-8347-4152-B789-1919B7766469"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9E11E3D-B003-489B-BCF2-76CEB30EB6E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dst-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"473D1854-189A-4644-B3BA-69F812522F58"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dst-b:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF3E668-0CF8-404E-8A08-EB2CCB1D2489"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B2023BD6-2172-4F45-8D14-BF64FA9E345B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-in:-:*:*:*:*:*:*:*","matchCriteriaId":"F019FB2C-63BC-417A-81E1-E852C052007C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5ED2FBFD-5B1F-4CC7-8B5E-6C65FD5A9E7D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C2DB5BC9-8633-4148-9EF9-D9564B184722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssff-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A04CD567-D448-4C4A-AC98-E908726CD7D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssff-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"8CDF0E3C-8205-4179-B0BC-CDC00BE5C3D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999F91F7-3C2B-4807-93BF-7D4ADB5A7C16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"EA767312-A7E3-4BE5-AF2F-D2B69756160F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB34D33A-1361-4BAB-8603-31E1C0B0B8D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CD0EE294-07EE-4ACD-A189-2F48667BD901"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-anp6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"72FF16D1-A625-4A0D-8541-0C51DBDB9A64"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-anp6:-:*:*:*:*:*:*:*","matchCriteriaId":"1558880B-8A49-4212-AEA9-A525FB454E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B09A2193-C82B-4F5F-B058-ACF5BF590F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-c:-:*:*:*:*:*:*:*","matchCriteriaId":"5C78D0B4-958A-4874-8540-9C622BEC5444"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-ct_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"414D34DD-39B3-43E0-876F-B297897F3F29"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-ct:-:*:*:*:*:*:*:*","matchCriteriaId":"50943BA5-0DAC-4246-9287-CA9DD9D05F9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AECDD073-7DE1-48A3-ABD6-5635EABD7097"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0B9CEA83-ADAF-4659-88E9-D0056EB699BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"165ED5F8-50AB-468B-B07D-85A7E8B26EA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"7D1F99BB-1F02-4CA1-8C5A-A69F4674D4B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12sst-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B0736CC8-B905-403B-8BFD-141BF8613752"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12sst-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AF330665-9B9B-4B0C-92C8-427D4B7A77AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26F41B3C-3B97-4A1E-8AD5-21FBEC32FB18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CCBFB445-EBAF-4A9B-A2E7-9B88CF4A2EB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5127B859-8891-496B-BD31-112D1EE080B3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-in:-:*:*:*:*:*:*:*","matchCriteriaId":"FED457FD-AB0F-4829-9C4F-C00F9127E293"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB6A08EB-A53B-44BE-ADF2-C59ADD078EC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inl:-:*:*:*:*:*:*:*","matchCriteriaId":"30940045-B6F5-4AB8-A761-234A9049D48D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F46E654-5707-4D7E-A7E1-B0BE9CD73623"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C80067D5-61BA-48ED-B17C-5EAB04AB0CB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D4CF1A5E-9B2C-4BEA-A366-BC1897B2C184"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"A63737C8-F51D-48B9-A926-161175424379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E1793679-E7A5-430B-8DEC-20E74E05954A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntl:-:*:*:*:*:*:*:*","matchCriteriaId":"7B3555A1-5FFB-416D-ACDE-1458E655EE5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"404D7E94-878E-4600-9EB4-CE17667D2911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntr:-:*:*:*:*:*:*:*","matchCriteriaId":"34E1FE8C-4916-4BCB-BE13-FFFFD1EFC611"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dai-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AAEA8DAE-D366-491D-ADB9-F4BB78C4573F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dai-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"7CC667F4-B046-40FD-8F10-0BAD14B41430"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ddw-a6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2064B555-C880-4878-989A-2CC6568A76AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ddw-a6:-:*:*:*:*:*:*:*","matchCriteriaId":"2D56F5ED-B7B3-4B8D-83BC-0CB19BD8F66F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C0A7FEB4-6372-42BC-8A3E-19DE64450D7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"169EECF4-BA7F-47CB-80A4-848A79EB552A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgq-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"95476FBE-B4F7-42FE-A060-5CD460C6443F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgq-r:-:*:*:*:*:*:*:*","matchCriteriaId":"A5262CF8-A96F-4E95-A83A-663A60551A10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"88302A23-02AB-45D7-A3A5-BFD2691B1AF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"DC634195-B8D1-4410-8A36-54B528F5E818"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dhm-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E18662F3-F773-47CB-83A4-AD0B67A66CF8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dhm-6:-:*:*:*:*:*:*:*","matchCriteriaId":"1C586A8C-FF1B-4BF0-A8C1-C6A10C0EE16F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpd-a6m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E262D39E-CAB0-49DB-9533-CD16F0D4AB1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpd-a6m25:-:*:*:*:*:*:*:*","matchCriteriaId":"2A3966B3-FF26-41C6-BF93-FA31E1C09A84"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F72B7AA8-BBD5-4490-9184-E9CE3DFA2E95"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"7D03BF5A-FFE9-45B1-8C2C-C8128BCBF3D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-ar_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EFDD3D77-9464-464B-A977-625879DA6ABC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-ar:-:*:*:*:*:*:*:*","matchCriteriaId":"87EA78EF-87FB-4B52-8430-0F6042D4DD03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D3A7A28-2F1D-4ACB-9515-27FC791465E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6:-:*:*:*:*:*:*:*","matchCriteriaId":"51770E5F-7560-4D1E-BA72-4F94CA07E477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6-gd2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCA6DA60-4E67-4423-9F41-4A0EC3675746"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6-gd2:-:*:*:*:*:*:*:*","matchCriteriaId":"D54118C8-4C75-4C95-8055-6B072D66D8D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qbt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5AC0E6B1-94D2-4C2F-BBFF-97B6490B696B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qbt6:-:*:*:*:*:*:*:*","matchCriteriaId":"923D2191-4164-4DD2-8C20-DBE60FF4B3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0BA33430-2D60-4139-8CE8-B0DD45C749C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qr:-:*:*:*:*:*:*:*","matchCriteriaId":"170BD2F4-5084-4134-A307-6C7AFB82E6C3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D0E650C-AE7C-48E3-959E-11BB9FD45027"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C83564AB-8D23-4352-AF0D-30B408F54DD8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-u6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B04F1D85-B26C-4BED-AFD8-B9B4CDAA465C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-u6:-:*:*:*:*:*:*:*","matchCriteriaId":"E445164C-B4DB-44B9-9CE2-122BC6616563"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65E5E52B-2E68-4006-B10F-32000CCE419F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9FA07B5C-1194-42A4-AF6C-3C3B7F880477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2E1E04AF-DD68-4C7A-A73C-199F31ACB7BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9BDD13D-5287-4536-83C7-1ED806E8AD45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-i6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999BE14F-54EA-4A0B-ADEB-9D7338D00CA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-i6:-:*:*:*:*:*:*:*","matchCriteriaId":"6606E793-BF7E-4148-83E3-2A6DF823AC50"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9878B129-167D-4D3B-BF70-BE7B5D011EE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"80675EA0-674B-4BDF-B502-FAA90B4E07B1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-b6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11148105-FDED-413A-BAD3-3CCE29267334"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-b6:-:*:*:*:*:*:*:*","matchCriteriaId":"1762A2E5-9BCD-4832-9D6F-EFF6FC09A379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt46_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F571415A-618B-44FE-A4C8-D183317C85DC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt46:-:*:*:*:*:*:*:*","matchCriteriaId":"BA40A9FF-75AC-4B47-8C4C-DE571753F0F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B68134A-0D7B-4C09-87F7-E973113FA867"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt6:-:*:*:*:*:*:*:*","matchCriteriaId":"ECEEE89C-A717-497E-AE60-FECBCC856DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpu-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85FC2F68-71B8-44C1-9D03-6A4167E10979"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpu-6:-:*:*:*:*:*:*:*","matchCriteriaId":"5D5EE5C9-4E57-4C7B-A385-494AB2E45035"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dsc-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8F0C7DDF-BAA5-4639-90C1-25DB26F5075C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dsc-6:-:*:*:*:*:*:*:*","matchCriteriaId":"0FE3F996-E887-462F-9292-18B7DB6D45FD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12qch\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"19632406-A07D-4296-AD18-AFAA55441DDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12qch\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"5F2FE423-DE41-408F-BD8D-66D47FEAEBA6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B3801897-A401-4892-A4EE-FF5E3D724082"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae:-:*:*:*:*:*:*:*","matchCriteriaId":"A1AAFEFE-7162-4563-8B52-FD722A929608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae-5_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEC86047-62B1-4225-8EE7-D94081CE2763"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae-5:-:*:*:*:*:*:*:*","matchCriteriaId":"317170CC-173C-441F-A949-333638B2FA55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-5f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"818F20E9-05EC-4FB6-B921-091F381247AD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-5f:-:*:*:*:*:*:*:*","matchCriteriaId":"768D9AB1-4E20-49D6-9EEB-4DE51F9288A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"753E5810-B93A-4B6F-9C88-28FD1F259045"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F023A6FB-2560-4B88-AFD2-95804630A2F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB2C3E6A-1A6A-454C-9D04-97D3B5E44E59"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scq:-:*:*:*:*:*:*:*","matchCriteriaId":"AE0592CB-58A5-4CC6-BE47-BDC50F496962"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1512D28D-3435-4A6F-98D7-8ED74C1B8C5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"55F9B346-4C9D-4F23-ACB3-EC5B4C3271EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64A13C56-763C-4C6C-B39E-5D8DE5AD1669"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-w:-:*:*:*:*:*:*:*","matchCriteriaId":"F70FEFBF-F3AB-492E-9802-A5E804C6E1F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E4506A1E-68C8-4F90-8BBF-A97A135B794F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8B6C62F1-063F-4B9D-8FFB-2A32EE5FD7F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CF94E3-762B-45BC-8BCA-87B48EDB9566"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"9EE82B1F-8994-4E4F-A515-6357A1645129"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4036CD43-52D9-4759-8436-2C29921D0D39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C06348E2-5AB3-4DFD-A2DF-7BD64C12ABCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB766E78-6CA7-48A8-B7DD-3FF659111AB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"E61BA137-62D3-488E-842F-CE5F71A62916"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"159158B7-6172-4762-8523-3E9CA651FF68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"E31BC56C-BEAD-4CEA-8EA1-244074825CF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-14c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"37E4FA14-75E2-4F18-9CF2-7954067594A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-14c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"0DF63207-0C8B-4AE4-9C58-0B3906AF56A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-16c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"797C28CC-ECB1-473C-91FE-5B8C90F483E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-16c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC72465-7062-4111-AFFB-14751D981772"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-20c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E06E7506-52CC-46BA-8A54-748954E3CE9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-20c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"4F701465-E472-400F-AA8E-A23A1636458E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"38E0B686-1605-4D34-B98D-46CE5DAB5C57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"27886D70-CD59-451B-A22A-BDA9C216DA4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E2E7C775-A494-454A-98B8-A467DB06FEDD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"ED0E2C8F-D697-4108-9ED4-C6EAD305003C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9B1AD70-057A-489C-B8FE-974D345E26DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"45F512E8-77D1-4DAE-8B62-CDFC3F36C30E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FC4613BC-7233-47EF-A70A-010CB5FF1E66"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"C701DCE6-0EC7-4DE5-BFA6-5ED582D13C4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"24427B55-1AC8-4020-A6F3-C57C173DFBFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"F4301217-8703-4D98-A7FB-F45DB4C9EA59"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CD2B0693-E855-4143-89CD-0061040A2BF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"A88762D9-3E01-4B25-868B-173040EA440B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8ce-sp4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"43396497-7840-4BF3-B625-D1BFBE6AB60A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8ce-sp4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5FB32C1B-1A46-4976-8D71-53BFF8F1429C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"639B97B4-E339-43EA-9911-99721C406698"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C4ECEAB2-4D8A-447B-A622-E8E3282C1651"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sped-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F18CE69-1024-4AC4-85CA-16D6FFC4CAB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sped-f:-:*:*:*:*:*:*:*","matchCriteriaId":"ECB324E7-F72B-41C7-9E63-4E9AE39420EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spg-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FB4DEA6C-25F6-4374-952F-5BA98386FF01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spg-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"22E9404C-5FFC-485D-A94E-1F7C4F68B0FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1DD61F91-4407-4387-AF48-4FF97538F074"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"CA46A96E-0E1C-4AD0-A7BE-06A65C4DD75E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"73A298C7-5BE0-43CC-817D-1C7FAE38F543"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"15FE00C9-77B3-43B4-A548-9C4F0FA83ABD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C880CF4-019A-4270-830C-A0008854FB77"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"D01A53FA-F307-4B49-B803-DD7E3498BD00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B1D297B-735F-4715-8E1D-36C2551D5CDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DEB567A1-A336-4B2E-8B35-0EE3F5B37ECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln6tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A06CA5D7-4D15-4F8C-BD44-8CFD10675911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln6tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9766735D-CC06-446C-A6C9-C4A5671EA356"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46CDD49A-4C1A-428E-B2B1-8C15F3D7DE96"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"AF8F8046-D474-4A41-AC0C-93C43BAFDCA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C41502B0-419A-4EEE-A3D0-2226297E8DE5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-f:-:*:*:*:*:*:*:*","matchCriteriaId":"9D374750-F0F1-4F04-B127-7497DE767B19"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-ntf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1774E077-1D08-42B0-A24E-614EB4EAB7B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-ntf:-:*:*:*:*:*:*:*","matchCriteriaId":"77BFF598-DB0F-4696-9787-2216817F9DC5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BD1A08D9-3A35-44A2-9B62-04A16421E1C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-g:-:*:*:*:*:*:*:*","matchCriteriaId":"414CABC0-9708-4C42-AFEE-03296D916319"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"17A95DF1-0D00-4336-8685-ACE4CDEEAC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"872EACFA-9A11-4801-9D97-7875D32F2E5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-pt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7C5C3377-C72C-49D2-B9CA-C6CBF99375EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-pt:-:*:*:*:*:*:*:*","matchCriteriaId":"27DB6C75-ECB7-453F-9A1B-99A962A13E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EB67B3F4-7D78-4CA8-8F7E-3BAF483CB930"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"53FA6DCE-6515-46FF-A347-B6C429003DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"81620B39-4A78-4F55-B4DD-D83C4AB4FF7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"887FC02D-8065-44C9-A3B2-1FEEAF3EF56C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77487F7D-935D-423B-B434-89893474EE11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C067EC2-DA00-4D87-8903-C99E7058710D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-spln6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"282989D0-D5D0-4A89-9706-55289395BF27"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-spln6f:-:*:*:*:*:*:*:*","matchCriteriaId":"A450B280-D321-41D7-8B9D-B8F3C8B3B786"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12std-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"10F85E07-0BF2-4F58-8F3D-BBA7EE67AD56"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12std-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC355A7-ED7C-42DE-A7B5-76A21BD361EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ste-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E055588E-65F9-4B15-B01F-031C74BD4A1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ste-f:-:*:*:*:*:*:*:*","matchCriteriaId":"89049FC0-7786-4E8A-BF6A-56F70BCBADBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7B188DD-1C6B-4A5F-9E2B-61435693218E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E76F1D7E-DC1F-45E2-BF79-8A33D5670DF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E391C4E8-CAE8-41F9-8831-559E4DD66AF1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DAAA4AD0-D2B9-43E0-A77F-9A75E242FDDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-sys_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C12B7637-1E8F-44BF-939F-155701C182D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-sys:-:*:*:*:*:*:*:*","matchCriteriaId":"20712495-C1FB-4332-B5EB-B68CB951B05F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"21C67B23-0146-4E42-8380-BADCF0FDAF5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"01576524-4AE1-4CE5-8909-8A2BBE579638"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64BFAF49-C93E-40B1-B5C6-2C45102AD111"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"3CDBDBAC-14FF-46CF-8E72-C8BD9B66A475"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8DD20453-A699-4FAE-9144-CD35DCB1636B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"375F89CA-3F0E-4DA1-B044-93312B20561C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AB356E7-1F23-42A3-8348-9D95FF3C3B40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"C6C5E4B6-7AC4-4871-A43C-1233B84FD769"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4D5C7EBE-985F-40E8-920D-8E9A8C737B81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"C40F79C0-3501-416E-A2B3-9C70D651E6C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"916310B5-8364-499B-82B1-03816A75C709"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"834FE721-032F-462E-A12A-1FA38D1C24D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E38FA954-FA36-4B54-A06B-834CC2599B2A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"08D3196D-E172-44D5-9949-451500B51C10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97A64327-AC40-4DA6-9012-4AF88C73A758"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"8EF75784-1632-4F72-8B34-1B3B6A6331E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7CB43433-8039-437A-B819-77193A5C64F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"7370CC87-C0E3-4B7B-B01A-564764122E86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"062E8B5E-A345-4E19-8E91-F7B06B5752CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D7CCE200-88DC-42C8-953D-4E422013708F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30A9396C-B4B4-42B8-9316-BC096B04C458"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC3642F-DF65-4764-AFE1-96AF932266DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B78F8FE-0170-4CC6-8CAE-98C1A885F702"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"E906BDB2-075D-446D-A86C-B9D3B9E25216"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dac_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BE50492-07D8-4D1C-8AF9-763F25997CCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dac:-:*:*:*:*:*:*:*","matchCriteriaId":"D3600406-96B2-4E52-B5F9-9ABCED307EEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dai-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8633825D-939D-4826-A1BC-854ED2358A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dai-n:-:*:*:*:*:*:*:*","matchCriteriaId":"0C5967E7-B9A7-4F23-B966-51F5C82B2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2DBD8FD0-2033-4486-B19B-3A65F8B96F16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-l:-:*:*:*:*:*:*:*","matchCriteriaId":"94B75335-6871-4FA6-AC30-1C121C91195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"992113EF-3E48-4F43-888F-A072499405E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"3EFD3B3C-F46E-4B27-A16B-154DB9740ED4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgo-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61080B7E-47C7-4E4B-B9D4-E87F8AD13F7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgo-t:-:*:*:*:*:*:*:*","matchCriteriaId":"0093BCEF-E0F0-415B-8267-01B5D71F2E61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E07FCDD-A555-4FB1-8528-DC291A6B7989"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgq:-:*:*:*:*:*:*:*","matchCriteriaId":"D77FE66F-DB11-4B35-8A60-943FA5803F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"416018C7-D968-4697-BB23-7D7C3F56307B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-l:-:*:*:*:*:*:*:*","matchCriteriaId":"28A547F9-4267-421E-A569-D73F937D6CB4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E31A20BA-EF06-4BD6-B22B-E6C14C5394B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-m25:-:*:*:*:*:*:*:*","matchCriteriaId":"7FF70FFB-8D20-4C4F-90B3-8681F94A6C0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F0763501-BAEB-48FC-B74D-BCE5046C5011"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"05703141-3375-468F-8F03-AFF548E95A39"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-snr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1577F719-7CA4-4386-A22B-6BED1815EA2C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-snr:-:*:*:*:*:*:*:*","matchCriteriaId":"1610EF6F-D8A9-4AE4-AFD8-D8D82654E38E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-s_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7D9E2486-03BD-45DD-916A-AD72CA3E12CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-s:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD78F27-1418-46B2-95D7-7A2DA82FFD88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"540B3344-9C8B-40FB-AF8E-88AC654C928F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"21FB236D-9777-4318-AE9D-3D565992E6BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-hgx2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6753B838-73FA-4F3C-9851-EF3FCF6B4071"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-hgx2:-:*:*:*:*:*:*:*","matchCriteriaId":"20492DE1-0D08-4769-83FF-16985A6E90F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-ot-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C7554A27-12B6-4D35-BA9B-07F8BB2FD237"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-ot-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"1EFF8666-E52F-47ED-9330-11E36A75495C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"356257AB-4E25-40E0-B4E6-189CF1C9E958"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"8E309A80-F6FE-434D-B3EB-4593F18367A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5BB2814E-3A02-42B1-BDC9-416452258F18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"2C31C72A-AEF5-4F28-9EF8-00A19A39E7AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0CB2C0A8-13DE-4C20-AF87-8B7CF51890D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-i:-:*:*:*:*:*:*:*","matchCriteriaId":"F149C888-F3AF-49D4-BBBF-99ABC8E8CEDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F21135D9-BB90-47DC-B984-6E0843510DC8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-t:-:*:*:*:*:*:*:*","matchCriteriaId":"9780452F-4264-4069-9378-FE7F01D7ED1E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-tq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3567527E-5FC8-4E42-BFB3-4BF0FA7CF0FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-tq:-:*:*:*:*:*:*:*","matchCriteriaId":"03E3CB77-7874-4B9B-B6D9-69D42304D6BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"52D9057A-9494-41B2-9AE7-1E321BE1F556"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-n:-:*:*:*:*:*:*:*","matchCriteriaId":"8CEB1846-2BD2-4326-BD22-14DDD05BB7BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CE98E3AD-C668-422C-BD10-D7C813A38798"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F5553A6E-4BCB-4EC1-B002-EDDDD313F4E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"27BB425D-F131-4F4C-AAB9-A0E31E072A9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF59606-20D1-4E68-AE55-DA3F7101654F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dps-re_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F562BE69-049C-4C9F-8E6B-EF46193F4D30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dps-re:-:*:*:*:*:*:*:*","matchCriteriaId":"ED8E7045-1721-4629-B92C-F35C0B074245"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FD5A0214-AA78-4957-AD08-B545D672672E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-b:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF7F546-1D85-4F99-9CFE-6F997402028D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-bh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"39C8AE86-11D2-48C8-A068-10008D227EAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-bh:-:*:*:*:*:*:*:*","matchCriteriaId":"5F00FAD5-FBDF-4239-9B1C-C012B5AC546A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-br_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B9D103C-EA4C-439C-82E4-9B8C5AAD8E51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-br:-:*:*:*:*:*:*:*","matchCriteriaId":"7710C62C-BFC9-4D9B-8EB1-A41273C06BF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05760878-E696-425C-8363-C6303DD6388A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-l:-:*:*:*:*:*:*:*","matchCriteriaId":"4F14E33F-DCD7-49D4-B0F5-AF924A87CC53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF579C83-C768-453F-B7D9-27C2005146A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"749EF1B5-F6A3-493F-B920-8033847BF037"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D17A0787-A669-4566-BF40-4EC9131AA557"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu:-:*:*:*:*:*:*:*","matchCriteriaId":"609DE3AA-044C-4B20-8A27-A507F4A11279"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A6E571AC-93BD-4079-AC51-125778A009FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-r:-:*:*:*:*:*:*:*","matchCriteriaId":"2FF46B33-1765-44B9-A9B9-C3A97B5AD384"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-v_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78E18E61-4068-4162-88E3-47D44BAA8497"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-v:-:*:*:*:*:*:*:*","matchCriteriaId":"E125C5B7-7BB6-47EB-93A5-CA15FC082198"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-xll_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6A906F07-7207-4674-A494-06C4E5134DB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-xll:-:*:*:*:*:*:*:*","matchCriteriaId":"B3CB5CAA-C9D1-4508-BBE6-2546F6017715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-z\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"304B5920-89F2-4FFB-9F61-6BBAE035E462"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-z\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"4ED5B015-0DB1-4E55-8C22-6DCE0BCC00FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-ze\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"44F2BDAF-65AA-4845-BA04-BD0C3F1D09A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-ze\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"01852618-551E-4051-90E7-7A3386804A76"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpx-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6664EB3B-0C03-4435-8456-DA5CF230BD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpx-t:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB9F79B-70D5-4084-8DBF-E13CF76B77B7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"697C92B5-B730-41CB-B656-5FBEA314255D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc:-:*:*:*:*:*:*:*","matchCriteriaId":"5786F44D-9EE5-4C0B-9C01-F0D46762F7E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B4398AD-AA39-4044-A9B5-99481B8E2711"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6442E1D1-53D8-49F4-8D51-08CE45850A77"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsf-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"297D1AD5-0139-4405-8ED8-AF4F5F96D56B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsf-e:-:*:*:*:*:*:*:*","matchCriteriaId":"BBDD9667-CE5C-487D-BC40-506D3722AD4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-ts_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3C92890C-1FC8-4FD3-AAA7-38FC798C2C39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-ts:-:*:*:*:*:*:*:*","matchCriteriaId":"EA8F01F8-FA29-4E46-858F-149F94C8DBD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-tsq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F4E875ED-157A-496D-849F-5E11E736178E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-tsq:-:*:*:*:*:*:*:*","matchCriteriaId":"DECCF4B6-A0FD-419E-A61B-7BC023555E7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"132E6AA4-EEFA-41BC-9535-4CBC915DCDD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"27164AC7-6D07-4D0D-AE90-8FB4C2498E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu-cl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5276403F-DBEA-4929-B0A0-7E240C22762D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu-cl:-:*:*:*:*:*:*:*","matchCriteriaId":"A5E14473-022A-4472-8742-4BBB97A90047"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qph\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5597372A-F3D1-48C8-9C75-A3107D2F912A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qph\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"E534D7BB-B73D-45F8-AB1A-CDC55B05D237"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qpl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A46D5ED0-D590-4EC3-83BE-837ABB638A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qpl:-:*:*:*:*:*:*:*","matchCriteriaId":"8E668445-7698-42D3-87A8-C82FFAEDDA40"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11saa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"04EF0829-6E03-4AEF-A970-0E5F1C06FB05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11saa:-:*:*:*:*:*:*:*","matchCriteriaId":"97B2B57C-0599-4CD5-B886-B51907406530"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2AE7457A-733F-4714-A741-E37C6847D5F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae:-:*:*:*:*:*:*:*","matchCriteriaId":"450DA6E7-7E1B-4E3F-916D-A04E8A64C9E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8FC62932-8F3B-457D-AF1A-18F93007D765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DED254-4F7C-4BA3-BDB4-C20046F1801D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-m_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1349CFA0-2294-4EC3-ACCB-E202FBBC7F97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-m:-:*:*:*:*:*:*:*","matchCriteriaId":"DCC976BD-381E-452C-ABB6-E90F7D39FB31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D1FECC94-F089-4A55-A1E0-5CD2DA011DEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san:-:*:*:*:*:*:*:*","matchCriteriaId":"16146E8A-A13C-4347-82B1-AD2FD7EEE710"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35D0CE32-106C-485A-8B2B-111FCBCFFC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"BA94D270-1820-4325-ABAD-EF8B42D56DAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B8886ED3-DDFB-44C0-870A-EF5E6F923921"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat:-:*:*:*:*:*:*:*","matchCriteriaId":"F3F363C3-ACFB-4A15-9076-1C03E92DB138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B93A5C2-9662-44D1-8DFD-562C844DB611"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat-f:-:*:*:*:*:*:*:*","matchCriteriaId":"2F1C47C2-E481-40FF-BF6D-C327C1ABA050"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B448A736-AECF-4550-AB70-22A8BF030622"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3FCF6EF1-D3E3-40CA-8AE4-BFFF37964541"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4D1A46-7763-4FEF-B32E-29494755028E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C15EA79-AC77-4254-821E-DCBD4748E73C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61C8DCC0-DA05-44C2-BD5B-BA2BD2664A5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca:-:*:*:*:*:*:*:*","matchCriteriaId":"C2521B38-3BB4-4B96-AF7C-6BF429F0FC9C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ABD3DBBD-BF92-4BAC-ADC3-B3002571533D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"577067B9-0F45-4A40-A75F-C7FE9B2B8855"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"14FC8981-EE22-446C-B3BA-43D4EA25F275"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-w:-:*:*:*:*:*:*:*","matchCriteriaId":"683EB125-0F49-4199-9244-F17ECA6F6C4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C89DE7EC-9EB2-40B0-80F5-8BF3527B74FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"C89CC49B-01DE-4888-B0E4-B311C0F3F789"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sce-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5739500-AB10-4CE2-95E2-F65EA2D2B779"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sce-f:-:*:*:*:*:*:*:*","matchCriteriaId":"4BF53152-845A-4736-8FB0-C672D8A83F68"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D70CE1AD-78BF-432A-84BC-5FD6BE4B6E5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6E9B23E2-2E68-4E1D-A8B5-BAFB00DFB4BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46071A5E-2291-4621-914F-3CBB3437036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"071A5B7E-6525-44DF-A612-DB63312AA3A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0042216F-C5B6-4478-83D2-229E24ABF2FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"D1528A2C-3983-4CF9-B365-7F307B93E466"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB27048F-10BC-436B-A139-C33F861C3846"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"98595EB1-0B54-4E09-BAB1-4A37BCBB941A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"82DE3F62-F590-4293-8588-E47204D083AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"586D8457-A684-4410-A48A-C5545F5B2003"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F63FE7EC-D7C5-43EE-9053-AE364588E98C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3B7B927B-1B10-41CC-8C8E-0DA456082C63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-ln8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"849E1220-EC92-41B9-B27A-8B9E4EA04F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-ln8f:-:*:*:*:*:*:*:*","matchCriteriaId":"D0176160-C4E3-435E-8DDD-E992044C500B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDEC4239-2014-4479-A810-932B2B68AF4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq:-:*:*:*:*:*:*:*","matchCriteriaId":"19DB281A-F2B0-48D9-83B9-21CB651D34E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB9C837A-E11A-4135-AE80-0CC6B910B380"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"83A3CC6C-B6DA-4C5F-97FF-B7075C2D1936"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85D6B8BD-291B-4753-98C0-8629C962B6C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-l:-:*:*:*:*:*:*:*","matchCriteriaId":"F49DCD87-5179-4AB0-B859-79CE26145125"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30EF7DA2-51AC-4064-B679-DBE1A869C0F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"EA86A993-5A42-416E-B91A-54DC1719776F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3A35A0FA-76EA-411F-850A-A36AC20D2E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8FB564A1-E87A-4CAD-A8E8-5A22B0165B61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FBAC3A63-BC83-4B2D-808B-7ED330764644"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"03512A43-F226-4E93-8D38-5C3513AD5478"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E4854AD-2561-47BA-8248-E5F045FAB070"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"7A5ED2C4-0267-4F6C-BD29-9E0CEF01339E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB406DAD-3EFF-4934-A1E0-0CABEEBD1012"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"F45F4322-46AA-4865-808A-90FBE12386C8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-4c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA85522C-E77A-4BF4-ABDE-3FE7D8E64D1C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-4c:-:*:*:*:*:*:*:*","matchCriteriaId":"8C4FE5EB-4CB5-449F-8BB5-DD7BEE5CD39C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DCA3FA9E-71C5-4B9A-8C25-EADA4EF89FE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"4008F053-1E0C-477B-964F-9435801D09C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-18c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6AA3FC73-9A4B-4292-8819-2F469343D824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-18c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E70CB-BF44-4DE8-BA2F-47283586FA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-8c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2EEB618F-65C0-4AF7-BFC5-B33714346728"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-8c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"39BD8B01-9630-463C-870C-76EC7FE2D325"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-12c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B3E9CA8-314E-4C07-AEC6-255A0B02122B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-12c:-:*:*:*:*:*:*:*","matchCriteriaId":"B9B43F7A-EF17-498A-8AEA-F4E98547DCDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-14c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03E64734-7D31-4676-B04D-9FE1A05AA2AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-14c:-:*:*:*:*:*:*:*","matchCriteriaId":"4D2667BB-FE14-469F-9CC6-EB44B5B45DF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"240EEEC9-91DC-48C9-A4A6-C753F2C1756B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"83B921DB-EF3B-4E6C-B67A-6E57EF2CCB1C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F7ED116-0803-4FEB-BDF2-AA77619E0BB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"25EA425D-7D25-44BA-A6E1-210349DC4AC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEE6ADCA-47F2-4A4A-9B68-65932856C66A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D5D77AED-1F86-4C4E-80D1-473C65DA3EF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"29DB0C5D-892E-4C44-92D9-A5B414A04C1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"97A5A305-FFE9-4F2C-94F9-9B4E8ED255EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6653554-89E5-4F10-93DC-BAD4337D0DC1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"807D44E4-85DA-4F3D-BD0D-7393ABBDE9D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C967A95-9CA1-4EB5-B153-AAFFE7626823"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC0B8F1-EAFB-44E0-B3B5-8A8D5EBD51E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"941D9F12-9CC3-482C-BE92-A7F920819331"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"3C5DDB30-1E22-42C1-8F9E-381004F9DDB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"895FF0B9-7EEA-467E-80AA-560A4B0793D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"59D0561D-78DE-47B7-B8E5-E1D6F9BB73B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4371A185-BF71-49C7-9318-B0AD11B4AE69"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"C1ECBB36-CA02-4A8F-AC62-97C695E067C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f-01_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB9A43BC-5D86-427A-99D0-B19DAB2D94F7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f-01:-:*:*:*:*:*:*:*","matchCriteriaId":"5F8CDF9F-2650-46A6-AC3A-5FC61C942E87"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E01FBF7-605E-469B-8B5A-6B26332CB704"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D935CA76-84EB-4B3D-A4EF-6BE8F8ED750E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A9819485-E143-481A-A058-420ECFF3C75B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA40B6EF-E65E-4494-A368-41966BCAE70C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C125AF3D-A650-499E-85BB-6DAB33EC7C4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"F58D8FAC-A913-431F-86FA-E7FF585684A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-12c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"33925DDC-A825-4029-A034-9BFF0C62F7A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-12c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"3F8AA874-B736-4C30-BC48-8BDF1A21463D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B6A7F79F-3632-424C-888A-314549607C14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"B4B8CFE3-D081-4A65-8A5E-BEA397F9195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cn-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8EFF4246-365E-4C50-B1CD-4F7EC0A281F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cn-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"0D58AEE8-3390-490C-A04F-9A3675FA7E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cnt-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BA3304CB-E384-4A41-91C1-23023907B52D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cnt-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"EB50C171-3075-4A7C-97B9-6C48AE5E1222"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"41005504-CE28-4228-8B06-512E2083F276"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"BF949680-3AE1-4806-8A96-B7F50E9CAE0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0619F3CD-CC67-4827-AE3D-DD9CA646555E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"8CC6354D-DBB1-457C-B9C9-FAF2265BAE5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"265BCB39-7942-417E-AD82-D903C9E410E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"5556FAA3-B53C-494A-8AB7-4942FE0E3757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"71F71EA7-FE29-4DF6-A092-98A4019C12EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"EAF047A7-2B8F-44DB-9D2E-AEA638E3CCBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-8c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"927581C8-56FC-4EC2-9781-22F764BAE269"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-8c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"D9379DEA-1052-4A46-831F-A3F45CDF51C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18630E63-C300-41AC-8729-4418C2A6DC6B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-t:-:*:*:*:*:*:*:*","matchCriteriaId":"93841CE8-D876-44A3-A530-959CDB90FA7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"377B2DF6-3E30-43C1-8268-B41B967C43AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"D6440101-3C85-427B-A930-014CCDA79CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78FD0BEE-D475-48B9-9125-DA0B043063B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B2EAD8C3-4C86-41EA-94C2-8A025BD11C96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spg-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF338C11-81EA-4D1E-8785-2EDB6BFBB17C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spg-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0D4C8250-1682-4360-828F-8E7EE072CE6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"92B129E9-A4F6-4643-9FB9-443FCDD764AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctf:-:*:*:*:*:*:*:*","matchCriteriaId":"0DABCA06-C8F1-4A20-9F85-69B49B3C5095"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"867CE591-8F70-4FA4-850C-B2490B7C19E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctpf:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF784B2-347A-4A62-9CC3-6A01624D0F07"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0F7BFD4D-CB73-460B-9E11-486817129495"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"069F2E47-05DA-4676-9A11-B5059130720A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ED404BD7-9873-485F-ABC4-D27470ED113A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"372B1F73-010B-4E12-A643-336741265B23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5956F7D-ADB1-4B1F-B5E7-60E68DC13E14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1023FE03-0D76-4F33-ADC3-4502BD8AAE79"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4BA06E-A3CD-42E4-96BC-F16BCA654F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"09E13FF0-04D4-41CD-97B8-1860028F8F8F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"482E5372-9001-42F5-A800-DECB62D6218D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tpf:-:*:*:*:*:*:*:*","matchCriteriaId":"6D4232C6-8C0B-41B1-AF69-A4E584756777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B7D9E669-D0F7-41C8-9467-7CEE659F9818"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"F0BEF4BD-0962-4DC0-9329-5C28DAE78B93"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2903AFD1-DD53-45B9-AC45-EE4318953190"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0998B7F1-CD28-4E07-8BA0-53EEEE9A25CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1E277DCF-D312-405B-87ED-8F2C849D1972"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra:-:*:*:*:*:*:*:*","matchCriteriaId":"FD640185-AC03-4235-A8BF-F71473A3D21B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"25863AED-0930-4B92-9543-B3ECDB41F6E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E90E4534-1E54-4731-AFBF-5742274AAE1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-rf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26854260-D5B1-4896-BCC4-BDC300EC74F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"88A40C12-CDC6-4065-A65F-1ABB411BF12E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sri-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"671629CA-F04B-451F-8BE1-34E0AA5FE73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sri-if:-:*:*:*:*:*:*:*","matchCriteriaId":"92C0DDA9-ED3B-4DC8-B19E-19B9283A2C12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8C9D99F-51EF-436B-A632-6A287929C1E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"900E0C75-C843-4327-BAF2-F8077281D87E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87C66CF8-B9F6-4804-884B-0F99EDEF54A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"161177BA-5C2B-47DF-B900-568D0665020A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-vf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"06A5E49A-5E22-4FC9-B669-C107F528EFBA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-vf:-:*:*:*:*:*:*:*","matchCriteriaId":"FB7EC704-0887-4743-AD5B-F9CF6EEE4B29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssa-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0892BBDA-B31B-4558-9C51-B129A4B0F9FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssa-f:-:*:*:*:*:*:*:*","matchCriteriaId":"48D2E9CD-71D4-4556-A0F2-2C3B7FB8A77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05BCD88A-F10A-4F1D-B129-E6E34329EF1B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7B72F70A-B33E-4382-81DA-3864C2E14D41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sse-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"09C66363-58E4-4B8F-8D76-A5E61C40820F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sse-f:-:*:*:*:*:*:*:*","matchCriteriaId":"FC57F4A1-10F8-4926-A446-D2B8F05B8008"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3E763AED-58A3-4B45-BEE8-F0DBD2273C30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"95CD6DEE-E000-42C2-825B-C29E3F7D725C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05731059-73C8-4A9F-B651-62937B728767"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E7BE07CB-DED5-4810-9D04-884478CA1532"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A2479843-DDFF-4B53-A42F-6E715D36D040"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D6430B42-E04A-4CEF-8318-074536119201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"67C4F018-28D7-4432-A5C2-7F04A1186EE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"184762F2-E3A2-46F7-AC09-00DED69C7A4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5B898C1E-1D08-445F-96E7-CC9C30AC264C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D07E7DBE-010F-4F21-8B4D-18DE8BF59D9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"321E79A8-251C-4CDF-8D82-B8AECE80B377"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"54CCEFD5-FE80-42A5-8ED1-BEE9BCAA21AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DDA317E8-5F90-4C3E-B2DB-5BB843F7036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"063C19C8-9A26-4457-A969-0172FA2E2BE4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2574D409-99F0-4B5A-A083-F70A67641D7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FDF932E7-ABDF-4541-B032-D013D881A25D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssi-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EE805506-31AB-4A37-BB72-46E279AB2824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssi-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"00A6A4DB-ED52-4DF1-809D-ADCA9F8324A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"98116A5B-3572-4FC5-A2B5-17AA4A8B7D22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl:-:*:*:*:*:*:*:*","matchCriteriaId":"0DA4B4D9-59CF-43D3-ACBE-8091C257C8FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-cf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7155E1B1-3F93-4A45-A0DD-E3207567C2A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-cf:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA01B7B-0A5F-48AC-811C-BB6EB4C78719"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DB8E9380-7211-4291-8A20-B824788DD361"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F59AC9E2-69C0-42EF-82D3-F304D4918E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6135023F-487A-494D-93BD-00B6B1AB5FE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"84671D8E-00A2-4AC1-9B7E-9B7BB5188B3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"51BE935C-26D0-40D3-BD89-E687FB03D822"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm:-:*:*:*:*:*:*:*","matchCriteriaId":"E28641A6-F24E-493D-B57B-954DA91F47B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AC8C1870-205D-4274-AC1E-97520C8D84DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1EC19D26-080D-4B5A-A41C-253D00036608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9024100A-B534-4767-AD82-6D68B35F528D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"36D80443-7089-4484-B9F5-029BAFF1A5BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AF85C30-B3D3-4AA0-BB47-8514B07AA9E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-001:-:*:*:*:*:*:*:*","matchCriteriaId":"EDF406B5-6051-429F-B4BA-B5FCC3438E2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7509A40-6C8A-4158-A291-08423AF67D8D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"B3311514-CCB7-423F-9CD7-A0AF63E5EC4A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B9F9EDD4-B350-47A8-968D-0CA7807D1656"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E16D25E7-A713-4B72-B386-A6DFD024AA5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF8C94B5-5FA5-4C5B-B6CB-3D77C0E9B309"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"0000DB52-9B92-45B5-BB63-4C694E3714D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AD96DBC3-6110-48D0-A88A-46379D24AAD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-001:-:*:*:*:*:*:*:*","matchCriteriaId":"5D35739F-DF6C-47A1-A4FB-B3415F33AD55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"48BC8AA2-8DF0-4B73-9AF6-476F20C9805B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"D97BA507-5721-4360-BBF2-65D94C038C51"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77D5EBA8-4A56-4E31-85C4-E257BB87EDD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D376009A-CE57-4389-837A-C1933B95FC4F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"252C49DA-308D-4CD1-8E6E-BC63F6246DD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"D25709E2-5B71-428A-8D67-2963903C12BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"679DC010-4BBD-4BB7-B3E6-7ACB466B3039"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-001:-:*:*:*:*:*:*:*","matchCriteriaId":"8CED7FE1-ACF5-4FDF-8942-A1F3DF583242"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CAAC39-7134-42A3-A1F1-D4E28C7B8CB6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"0A9F87DA-EDA8-47FB-8574-F3BFE24C7D03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B1C89DDB-53B4-4C64-9DE8-1D355E625B38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"68216C46-DBCB-4666-AE4A-4EC895571367"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"636DF182-2C81-4E3D-A574-D8954178E876"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq:-:*:*:*:*:*:*:*","matchCriteriaId":"8573A582-A52A-4006-99F0-D42C3AE5B722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D6798F23-3EFB-4E50-B008-4387EA7BD64B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"03CC1ABD-321B-4680-AFCC-5E4AD6E1A903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C525E969-B16D-4B77-B26A-8DB59E2C3E94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7A7D90D9-531C-4904-BEB5-35CED4F4670A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AC7954D-DD60-4681-811F-E283D1945990"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4:-:*:*:*:*:*:*:*","matchCriteriaId":"4DA13087-4F08-484F-8083-104A48E533C7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"918880F9-7E0D-4EE9-A3F2-6076CF56FDCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5D258D3F-A52F-4E7F-9883-CC48A49A31D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A44B5078-FF02-44D9-993E-9920D6CB69B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"90CB1E05-C42D-43F9-95F5-258C87A9A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-4tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCAD1C84-44A4-4DF3-B986-CC74B9BE1D07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-4tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6089DFBF-A190-4A4C-9DD8-1DA4D539A5F1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EC58D65B-87D2-4EEF-9869-B8843EF7DD39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6CDDDC18-753F-496F-9953-5B91ED1CC0F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8B851DE0-7AB2-446B-97FA-B01258045317"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"3A180D6C-1A5B-41E0-A4CA-99CD49CBF585"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB458920-62A4-46BB-A9D1-D8DEAAF031CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"25DA80D6-C893-4B91-94ED-9FE4403DC6E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0E796E38-6EE5-407F-B461-A44E47A3DE23"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"A003C87A-7055-497C-B320-DF15F0D112D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"897E7B81-6038-4F64-8B7D-F0099DF2BB88"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5C338781-88C1-476A-A3C9-2018016BF2EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDD7E679-7040-454D-A158-7AAB9364AA78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"E34FEF2D-51C2-4FC9-AC2A-7A40BDA5EDA8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2476AEA6-1961-48B9-91C7-39668153AD49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"59F6BF1F-A8EC-4A61-9BBC-0B46877BE366"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35F1718A-6782-42C3-9CBF-506D8C5FBD76"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"830F9903-EF91-48E0-ACEB-76C629886680"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A611E64F-3E3F-4B7F-AC97-B138B864A3E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"F5FE79CD-C7B6-458E-82F0-1D6DBA9AC2B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"32FB8458-08DB-4EF0-AC9D-D3E6059CD697"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"7493C93F-A80C-4F19-BA3E-BB0C7FE95BE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"158059FE-ECB1-47D9-9C28-9544D006833B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"09B2349B-0BDF-4B73-91D8-756D81900C5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0EB394CD-C7B8-4967-8846-E59E904BA0BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"ECBDA83D-46FC-42E6-AA22-EA312946352C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB93281C-B13A-40C2-88E5-199AB3FE3E26"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D58DB7DA-B8C4-4E37-BAFE-574CA01A9691"}]}]}],"references":[{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-33412","sourceIdentifier":"cve@mitre.org","published":"2023-12-07T18:15:07.440","lastModified":"2026-07-09T01:18:23.233","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targeting vulnerable cgi endpoints."},{"lang":"es","value":"La interfaz web en la implementación de Baseboard Management Controller (BMC) de Intelligent Platform Management Interface (IPMI) en dispositivos basados en Supermicro X11 y M11, con versiones de firmware anteriores a la 3.17.02, permite a usuarios remotos autenticados ejecutar comandos arbitrarios a través de una solicitud manipulada dirigida a endpoints cgi vulnerables."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB4C5A73-CF7A-4891-90A0-ECC1BEEEC8F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA419264-0203-4851-83E2-6C8D9EC10CC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B119A07-8996-4EF8-9BCA-6F0EFC78ABA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"47CE6672-50D3-4F34-86A9-75B81CDF2A9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A61610F5-C653-4731-8B42-8C70BDF7505E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC8BBC2-9D1B-4242-A850-48BA13F3BEC3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A7BE31C-1C28-4937-BB45-46C978ADC335"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"704A622A-9144-4673-8DF2-651B7C70450B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c\\+-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03497EA2-5051-4B65-A851-C95DD0C45C84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c\\+-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C183B42C-0B42-4C80-9FB2-0191B06A754B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8865673-289A-4E7F-8DA5-C707957AE5D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg:-:*:*:*:*:*:*:*","matchCriteriaId":"43A67415-C05D-46F8-8C82-381A4763610C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA8F7797-378F-4BB0-A172-D79E01891F5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300:-:*:*:*:*:*:*:*","matchCriteriaId":"F049DED7-6A11-4B35-9318-7CBF9A4669DD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"62CE5298-8933-42C7-9538-0CF7152E086E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBB5FD13-BCEB-4E0C-999A-B8DC68073B9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FCDC20AD-D292-472D-A725-C99D90D696D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf:-:*:*:*:*:*:*:*","matchCriteriaId":"0670C747-49E6-4358-9989-CBF08D20BDD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9C918A3A-2BCD-4F62-9EBA-13C8F3C016F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"29A2FC6A-8873-4B9F-A1B4-B88429A135F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"861476F5-E684-41AE-9E33-62D22A18B064"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf:-:*:*:*:*:*:*:*","matchCriteriaId":"1AC82579-210A-40F5-A12E-2829FF0B2DA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E3B530C-3664-4EE6-B15F-4031E91893C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"595457C2-0C73-457F-B571-B9B694062D7E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13dee_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97C2F1CB-98A2-487C-8E9D-75CCF36B1C5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13dee:-:*:*:*:*:*:*:*","matchCriteriaId":"3411564B-FCE5-4819-B226-65F7B3152E32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13det_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2FBB7068-B11B-43FD-8866-71F3484248EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13det:-:*:*:*:*:*:*:*","matchCriteriaId":"67D98A72-B2DE-40C8-9491-B7543677A266"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13see-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DD8AAC7B-19F3-43D4-89AD-A5F717374067"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13see-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B1B07E94-29D2-4DAA-9B34-3573FEE22C7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13seg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B0D0D78-832E-41E6-84B8-C651C94749EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13seg:-:*:*:*:*:*:*:*","matchCriteriaId":"B6F157CA-D9A4-4EFA-8C0E-D644E9E3C8A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6BB12538-3CEC-4A7C-8E9A-DE7E5079E426"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"DA579368-7624-46E8-93A4-596A18538BD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu-d_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6552B70F-94CA-4AEC-9519-D2952A0B3B3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu-d:-:*:*:*:*:*:*:*","matchCriteriaId":"7E0F442E-B787-43EA-8FC7-078935708514"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-om_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"66D2261E-3CFE-40A8-8C80-DE4B0F70CA33"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-om:-:*:*:*:*:*:*:*","matchCriteriaId":"B93C26E1-EC4A-4B55-BC6C-4DBB3B29F548"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B066F428-4D87-4233-8C49-475ACEE4A861"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsh:-:*:*:*:*:*:*:*","matchCriteriaId":"89B92EB3-1B95-4095-BBEA-B1DBDB3B0FA2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sae-mf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B275D084-1081-4891-B8A4-CFEDA687593C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sae-mf:-:*:*:*:*:*:*:*","matchCriteriaId":"F556ECED-E349-4D22-B5E6-FC7D5E70BEAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B22FBD4-BA6A-418D-A835-93B61F08B085"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"87E5769F-2994-4D71-BA3F-F84600F888A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0B25B157-9AB1-4FBA-8500-01AC35A91911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6A6CDD62-FD70-4219-A8B3-3C0F01C3F1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13srd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87BA83AC-0BE8-4E0A-9A55-6B7E976153BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13srd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"675A5F85-E7EF-40B4-A7B0-1C4FA83E20F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C5522D20-411D-4673-AEFF-91F872050CCF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssf:-:*:*:*:*:*:*:*","matchCriteriaId":"63215A82-9A56-4901-B5AE-90633D64E1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65CFBF7E-4450-495A-8E29-BB814EE5474E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssh:-:*:*:*:*:*:*:*","matchCriteriaId":"10D2DCA1-183A-48FE-8F59-B1A67B0576DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"772C085F-F428-48EE-B559-B77B891BBCB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-n:-:*:*:*:*:*:*:*","matchCriteriaId":"364216C0-0D65-40A9-B35B-36B1A9228A56"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A37D71E-3B24-4890-975F-B1807ED531A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F06F7E1B-6235-4B48-88AA-B9833AE75862"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"098BEC3C-6859-454A-B466-CCD975C6EE12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-g:-:*:*:*:*:*:*:*","matchCriteriaId":"005B9DC1-4115-4773-8F45-F4FB555A03D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF2A14DE-1F9F-4D01-9CB4-977C8D71597A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"5C340BFE-2FB0-4BF6-A2B2-B8526DBB1D63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssw_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"917A23DF-FCEF-4FB6-ACDD-8077A2091816"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssw:-:*:*:*:*:*:*:*","matchCriteriaId":"0A611C4A-57C2-48A2-B3E8-4AC46242CD31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BC575B82-D63B-4FBE-A18D-BA9A7615F66E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-n:-:*:*:*:*:*:*:*","matchCriteriaId":"FB3B6BEB-65D4-4D08-A2A0-5B91C5C93757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"50B780CA-71F0-479F-B1C3-4573129883E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"8F0AA1B7-A15E-4570-A47A-4734DAAFC9F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dai-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3450B80D-F902-4A9B-AC94-474C6A1BEA06"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dai-t:-:*:*:*:*:*:*:*","matchCriteriaId":"75EA52CF-A1A2-4A09-849A-423F6E47A485"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13ddw-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4FAFFA34-4335-4A0E-BEAE-A9502CD47265"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13ddw-a:-:*:*:*:*:*:*:*","matchCriteriaId":"558BAD24-8C02-4A7C-B10F-48059C810579"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"571760F1-A792-4319-9592-19368FF462FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oa:-:*:*:*:*:*:*:*","matchCriteriaId":"5FAD54D8-480C-4BBA-8A17-5557BDA7CED0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oad_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B4903E9B-8C41-42C2-95FB-8171EA6D6C3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oad:-:*:*:*:*:*:*:*","matchCriteriaId":"D661D4FC-874B-4020-B03B-A7DC3B82B0E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-pvc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6C305075-2344-408D-A569-7457434C8A9A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-pvc:-:*:*:*:*:*:*:*","matchCriteriaId":"BD036B36-43BA-451C-B371-A04C41FBEB65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"606D0988-D3C0-47CE-A8F4-5440243416AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF5517B-B6C5-47CA-929F-D4B95827A902"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2D119D5D-AC6F-4606-9075-807201258470"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deh:-:*:*:*:*:*:*:*","matchCriteriaId":"852917B3-AFF7-4465-873C-5D5A10F7966D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6E28F78-6BD7-4E2B-8BA3-2637FEB09DBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei:-:*:*:*:*:*:*:*","matchCriteriaId":"A18D05BE-FE30-4041-A250-1F26825C591C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9AB27667-74A7-493E-8B98-4B1836779245"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei-t:-:*:*:*:*:*:*:*","matchCriteriaId":"841C9D0B-F0AF-411F-BA06-2432BA24B275"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dem_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AF9BD95-9BA9-4949-A7D5-028BE528E81F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dem:-:*:*:*:*:*:*:*","matchCriteriaId":"E3A34C5B-89B4-4DC2-A8CE-9257B450D79E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13det-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"76182A30-365B-4183-A3D6-24B43A1DD5A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13det-b:-:*:*:*:*:*:*:*","matchCriteriaId":"EBFC9589-DF31-4D9C-B50E-11503F99C618"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00D7B8E2-ECC7-433C-9BF8-30DB2DD9C904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"70E0611D-F0DA-44DB-8D43-C9249B6106DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dsf-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"979A6750-1575-4E5F-B440-620D8623F0A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dsf-a:-:*:*:*:*:*:*:*","matchCriteriaId":"CE647392-5307-4D6B-BAC0-4533BC4A4801"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13qeh\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FAB88534-4CDD-463E-8004-688F16BA3C03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13qeh\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6560D7C5-8D62-4634-8E2C-CB293BCE3126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7BE8C5BC-7C49-4139-9D21-78463D7DC775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae:-:*:*:*:*:*:*:*","matchCriteriaId":"F36733DC-9633-41C9-BEB6-AA1630FCB9DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"45F2F46A-C272-4187-BC92-248F7BEE5DCB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B6AE36E6-C235-4524-A5AA-C26AD5B8AEC7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9FE5298-F64E-4333-A870-C9D916562250"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c:-:*:*:*:*:*:*:*","matchCriteriaId":"74BCA069-8DFA-4441-AA2E-2861C01A4A6E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1460E0F4-1786-4C80-AAD3-0DC3229B0863"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"2B2C7E3F-7E79-409C-AA7B-29361EB96516"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B35449E-A228-46C0-8FB4-AC1052ADDB7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E8F060-82A0-49AF-AC11-69ED96403CA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0554C8B7-A7C4-4850-9C2E-3DCAB3530AD0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"9551D604-528B-4942-B207-37E851F64690"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00FC5F1A-ACB3-4F63-B276-B92EAE871ACC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h:-:*:*:*:*:*:*:*","matchCriteriaId":"87F176BE-5099-49B2-B658-7A8F2BFF793E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7BF68EB-AFC5-49C7-BF62-416E7EFD638D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"3378D8AA-EB40-4F73-83CD-765FA4A4DC6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1729755B-724B-4D01-B858-60216C580CD6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l:-:*:*:*:*:*:*:*","matchCriteriaId":"96CBF59E-7865-41A5-8952-512FD13F1CD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2390C99E-41A6-4A56-B89E-15041AEEF467"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"66765BAD-8F07-492C-8740-25FBC4DB0DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DAA5324E-0383-4022-9E85-36DEF93C3CC4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saq:-:*:*:*:*:*:*:*","matchCriteriaId":"4B8AD410-AF0F-42E0-B60A-71BCBB6BC3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"764B379D-46A1-49FA-9BB7-C024F3F165CC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7C2F5EDC-CFD5-41F5-9EAF-FB5CB6E9764F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00ED42A1-6577-48D3-ABF0-B3ECA79023F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AE3C2846-5816-4773-B73D-4B36A6B24542"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0C33B135-B212-4F75-A0B5-615CB437B782"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"A97110CA-8623-4EF4-90DE-9356D5E9311F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B994482-2AC4-40DE-92BB-81D50EC62073"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"909438EF-7652-4184-9DB8-CB2E45B300A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sedw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97AA39B0-E63B-4CCE-82D2-092A075D6490"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sedw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"46BE300F-CE76-45F4-BFBF-6CA857E593CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A793DE0A-83C2-4EC1-AE60-C77F2BBDD73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-f:-:*:*:*:*:*:*:*","matchCriteriaId":"241D4911-2240-42CD-8F52-F7B66CBE0CEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-sf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAC88C3E-9A6D-43FC-AE3F-D1630D3B00EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-sf:-:*:*:*:*:*:*:*","matchCriteriaId":"A3C13F43-A756-4395-9FC9-CF4DF74B3393"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sefr-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4C41416B-7DC7-4CE1-B269-BAA9EE844C2E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sefr-a:-:*:*:*:*:*:*:*","matchCriteriaId":"509CD460-D28B-4267-8E6D-FAC4F2332AD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A8277A30-EB1D-44B0-8B86-0EB1F9FE1238"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-f:-:*:*:*:*:*:*:*","matchCriteriaId":"95E7BBBC-A310-4F66-874B-1A7A8ABA1BD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6326D9F2-F77C-4EBE-9238-93CE8977F7F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"403DBCD1-9A34-48CF-B610-62E6369118C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A4C3FE24-FCD0-4376-BF5A-58A9559EBE67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBD8D5E0-0545-47AA-9A16-566D7EC2CD8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"42D566FE-B728-499C-99AC-197C2A8B8647"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9825E801-7F77-479B-B8E6-751AAD67E8DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65FF4FE8-BC6B-4158-9C77-E43B01C382D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-g:-:*:*:*:*:*:*:*","matchCriteriaId":"0E19D0CC-9619-4F17-B7B8-CD94A9583682"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BB74893-3F83-4B5D-AA17-AA773C58C2E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"625C3534-DE49-4833-AC7D-4B12A3B7C4D3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3445CA19-640D-4493-A0C2-A36AC853D2DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-f:-:*:*:*:*:*:*:*","matchCriteriaId":"996E89B5-0F5D-49F1-8F1A-CFDD698B6709"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF6C8519-1FFD-4BD8-9FB5-BD8124B1DAA6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"2A880465-2345-4807-832A-C277A3B12224"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B40FE641-15F4-4BCB-9438-9D87504C36B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FCE31EC0-1E3C-404B-8202-451F7708DB85"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"93700262-0646-45A4-8D10-46F9F7167D78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6E7176-6F39-406C-BAD4-E244CA46E8CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"79E512EC-73A2-499F-8EF3-786DC0E2CAB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E95DFD86-177C-405C-B738-08A22770BFFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EA02E576-E217-4971-8E5F-A970C877F35D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"90A4FB92-627A-44BC-8ADC-BF1AC00DA889"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7DCB5B5-5C83-4C67-946B-71C705418FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"AF9C1975-29A8-44D9-998A-01770D5FE776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13swa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"07524755-F1AC-4185-9494-91C1361E3000"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13swa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C2EA1F0A-9282-4BBA-8752-FE0E14B5A9F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpe-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11D3CA26-0BB8-49E6-B2F7-0ABFD1036220"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpe-6:-:*:*:*:*:*:*:*","matchCriteriaId":"CE507AF6-C51D-41F9-B7D3-97F5E2C92EF9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpt-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"60436593-5D82-4956-AE33-31BBB0F03B54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpt-6:-:*:*:*:*:*:*:*","matchCriteriaId":"D73CE868-F4FF-4645-AD2C-5CC8064A1632"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12spe-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAE6D577-66CB-48FD-8B07-8ADCE788BAB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12spe-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B9D8065D-2076-4DFA-9156-486EC6DC3521"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5021B9F2-BE6F-4EC5-8820-CD7B79DB44F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"6BE72168-E2BE-4E5D-99A3-E5874FB027E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgq-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"039BEF08-D29A-441A-83F9-3918895446FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgq-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C9BF14BD-5E65-4C3C-ABD4-E7D26AF05D25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"22789C3E-DCF9-491F-9F3D-FCEFB9700655"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"55A8A11C-8FE3-4789-A517-F1E14FC2710B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-q-cpu6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A7A1BB17-DCB8-492F-B560-30BC66E3ED6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-q-cpu6:-:*:*:*:*:*:*:*","matchCriteriaId":"44FE8EFA-41DD-44FC-9786-3AFC6AB828D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D666C96E-79E9-4932-AA62-22B856379AD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9892D863-F361-4511-BB61-61398CB8360F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CC212365-8347-4152-B789-1919B7766469"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9E11E3D-B003-489B-BCF2-76CEB30EB6E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dst-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"473D1854-189A-4644-B3BA-69F812522F58"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dst-b:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF3E668-0CF8-404E-8A08-EB2CCB1D2489"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B2023BD6-2172-4F45-8D14-BF64FA9E345B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-in:-:*:*:*:*:*:*:*","matchCriteriaId":"F019FB2C-63BC-417A-81E1-E852C052007C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5ED2FBFD-5B1F-4CC7-8B5E-6C65FD5A9E7D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C2DB5BC9-8633-4148-9EF9-D9564B184722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssff-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A04CD567-D448-4C4A-AC98-E908726CD7D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssff-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"8CDF0E3C-8205-4179-B0BC-CDC00BE5C3D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999F91F7-3C2B-4807-93BF-7D4ADB5A7C16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"EA767312-A7E3-4BE5-AF2F-D2B69756160F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB34D33A-1361-4BAB-8603-31E1C0B0B8D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CD0EE294-07EE-4ACD-A189-2F48667BD901"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-anp6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"72FF16D1-A625-4A0D-8541-0C51DBDB9A64"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-anp6:-:*:*:*:*:*:*:*","matchCriteriaId":"1558880B-8A49-4212-AEA9-A525FB454E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B09A2193-C82B-4F5F-B058-ACF5BF590F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-c:-:*:*:*:*:*:*:*","matchCriteriaId":"5C78D0B4-958A-4874-8540-9C622BEC5444"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-ct_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"414D34DD-39B3-43E0-876F-B297897F3F29"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-ct:-:*:*:*:*:*:*:*","matchCriteriaId":"50943BA5-0DAC-4246-9287-CA9DD9D05F9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AECDD073-7DE1-48A3-ABD6-5635EABD7097"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0B9CEA83-ADAF-4659-88E9-D0056EB699BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"165ED5F8-50AB-468B-B07D-85A7E8B26EA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"7D1F99BB-1F02-4CA1-8C5A-A69F4674D4B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12sst-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B0736CC8-B905-403B-8BFD-141BF8613752"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12sst-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AF330665-9B9B-4B0C-92C8-427D4B7A77AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26F41B3C-3B97-4A1E-8AD5-21FBEC32FB18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CCBFB445-EBAF-4A9B-A2E7-9B88CF4A2EB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5127B859-8891-496B-BD31-112D1EE080B3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-in:-:*:*:*:*:*:*:*","matchCriteriaId":"FED457FD-AB0F-4829-9C4F-C00F9127E293"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB6A08EB-A53B-44BE-ADF2-C59ADD078EC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inl:-:*:*:*:*:*:*:*","matchCriteriaId":"30940045-B6F5-4AB8-A761-234A9049D48D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F46E654-5707-4D7E-A7E1-B0BE9CD73623"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C80067D5-61BA-48ED-B17C-5EAB04AB0CB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D4CF1A5E-9B2C-4BEA-A366-BC1897B2C184"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"A63737C8-F51D-48B9-A926-161175424379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E1793679-E7A5-430B-8DEC-20E74E05954A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntl:-:*:*:*:*:*:*:*","matchCriteriaId":"7B3555A1-5FFB-416D-ACDE-1458E655EE5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"404D7E94-878E-4600-9EB4-CE17667D2911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntr:-:*:*:*:*:*:*:*","matchCriteriaId":"34E1FE8C-4916-4BCB-BE13-FFFFD1EFC611"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dai-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AAEA8DAE-D366-491D-ADB9-F4BB78C4573F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dai-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"7CC667F4-B046-40FD-8F10-0BAD14B41430"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ddw-a6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2064B555-C880-4878-989A-2CC6568A76AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ddw-a6:-:*:*:*:*:*:*:*","matchCriteriaId":"2D56F5ED-B7B3-4B8D-83BC-0CB19BD8F66F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C0A7FEB4-6372-42BC-8A3E-19DE64450D7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"169EECF4-BA7F-47CB-80A4-848A79EB552A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgq-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"95476FBE-B4F7-42FE-A060-5CD460C6443F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgq-r:-:*:*:*:*:*:*:*","matchCriteriaId":"A5262CF8-A96F-4E95-A83A-663A60551A10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"88302A23-02AB-45D7-A3A5-BFD2691B1AF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"DC634195-B8D1-4410-8A36-54B528F5E818"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dhm-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E18662F3-F773-47CB-83A4-AD0B67A66CF8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dhm-6:-:*:*:*:*:*:*:*","matchCriteriaId":"1C586A8C-FF1B-4BF0-A8C1-C6A10C0EE16F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpd-a6m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E262D39E-CAB0-49DB-9533-CD16F0D4AB1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpd-a6m25:-:*:*:*:*:*:*:*","matchCriteriaId":"2A3966B3-FF26-41C6-BF93-FA31E1C09A84"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F72B7AA8-BBD5-4490-9184-E9CE3DFA2E95"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"7D03BF5A-FFE9-45B1-8C2C-C8128BCBF3D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-ar_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EFDD3D77-9464-464B-A977-625879DA6ABC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-ar:-:*:*:*:*:*:*:*","matchCriteriaId":"87EA78EF-87FB-4B52-8430-0F6042D4DD03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D3A7A28-2F1D-4ACB-9515-27FC791465E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6:-:*:*:*:*:*:*:*","matchCriteriaId":"51770E5F-7560-4D1E-BA72-4F94CA07E477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6-gd2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCA6DA60-4E67-4423-9F41-4A0EC3675746"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6-gd2:-:*:*:*:*:*:*:*","matchCriteriaId":"D54118C8-4C75-4C95-8055-6B072D66D8D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qbt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5AC0E6B1-94D2-4C2F-BBFF-97B6490B696B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qbt6:-:*:*:*:*:*:*:*","matchCriteriaId":"923D2191-4164-4DD2-8C20-DBE60FF4B3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0BA33430-2D60-4139-8CE8-B0DD45C749C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qr:-:*:*:*:*:*:*:*","matchCriteriaId":"170BD2F4-5084-4134-A307-6C7AFB82E6C3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D0E650C-AE7C-48E3-959E-11BB9FD45027"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C83564AB-8D23-4352-AF0D-30B408F54DD8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-u6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B04F1D85-B26C-4BED-AFD8-B9B4CDAA465C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-u6:-:*:*:*:*:*:*:*","matchCriteriaId":"E445164C-B4DB-44B9-9CE2-122BC6616563"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65E5E52B-2E68-4006-B10F-32000CCE419F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9FA07B5C-1194-42A4-AF6C-3C3B7F880477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2E1E04AF-DD68-4C7A-A73C-199F31ACB7BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9BDD13D-5287-4536-83C7-1ED806E8AD45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-i6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999BE14F-54EA-4A0B-ADEB-9D7338D00CA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-i6:-:*:*:*:*:*:*:*","matchCriteriaId":"6606E793-BF7E-4148-83E3-2A6DF823AC50"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9878B129-167D-4D3B-BF70-BE7B5D011EE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"80675EA0-674B-4BDF-B502-FAA90B4E07B1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-b6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11148105-FDED-413A-BAD3-3CCE29267334"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-b6:-:*:*:*:*:*:*:*","matchCriteriaId":"1762A2E5-9BCD-4832-9D6F-EFF6FC09A379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt46_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F571415A-618B-44FE-A4C8-D183317C85DC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt46:-:*:*:*:*:*:*:*","matchCriteriaId":"BA40A9FF-75AC-4B47-8C4C-DE571753F0F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B68134A-0D7B-4C09-87F7-E973113FA867"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt6:-:*:*:*:*:*:*:*","matchCriteriaId":"ECEEE89C-A717-497E-AE60-FECBCC856DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpu-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85FC2F68-71B8-44C1-9D03-6A4167E10979"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpu-6:-:*:*:*:*:*:*:*","matchCriteriaId":"5D5EE5C9-4E57-4C7B-A385-494AB2E45035"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dsc-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8F0C7DDF-BAA5-4639-90C1-25DB26F5075C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dsc-6:-:*:*:*:*:*:*:*","matchCriteriaId":"0FE3F996-E887-462F-9292-18B7DB6D45FD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12qch\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"19632406-A07D-4296-AD18-AFAA55441DDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12qch\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"5F2FE423-DE41-408F-BD8D-66D47FEAEBA6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B3801897-A401-4892-A4EE-FF5E3D724082"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae:-:*:*:*:*:*:*:*","matchCriteriaId":"A1AAFEFE-7162-4563-8B52-FD722A929608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae-5_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEC86047-62B1-4225-8EE7-D94081CE2763"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae-5:-:*:*:*:*:*:*:*","matchCriteriaId":"317170CC-173C-441F-A949-333638B2FA55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-5f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"818F20E9-05EC-4FB6-B921-091F381247AD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-5f:-:*:*:*:*:*:*:*","matchCriteriaId":"768D9AB1-4E20-49D6-9EEB-4DE51F9288A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"753E5810-B93A-4B6F-9C88-28FD1F259045"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F023A6FB-2560-4B88-AFD2-95804630A2F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB2C3E6A-1A6A-454C-9D04-97D3B5E44E59"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scq:-:*:*:*:*:*:*:*","matchCriteriaId":"AE0592CB-58A5-4CC6-BE47-BDC50F496962"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1512D28D-3435-4A6F-98D7-8ED74C1B8C5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"55F9B346-4C9D-4F23-ACB3-EC5B4C3271EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64A13C56-763C-4C6C-B39E-5D8DE5AD1669"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-w:-:*:*:*:*:*:*:*","matchCriteriaId":"F70FEFBF-F3AB-492E-9802-A5E804C6E1F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E4506A1E-68C8-4F90-8BBF-A97A135B794F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8B6C62F1-063F-4B9D-8FFB-2A32EE5FD7F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CF94E3-762B-45BC-8BCA-87B48EDB9566"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"9EE82B1F-8994-4E4F-A515-6357A1645129"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4036CD43-52D9-4759-8436-2C29921D0D39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C06348E2-5AB3-4DFD-A2DF-7BD64C12ABCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB766E78-6CA7-48A8-B7DD-3FF659111AB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"E61BA137-62D3-488E-842F-CE5F71A62916"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"159158B7-6172-4762-8523-3E9CA651FF68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"E31BC56C-BEAD-4CEA-8EA1-244074825CF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-14c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"37E4FA14-75E2-4F18-9CF2-7954067594A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-14c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"0DF63207-0C8B-4AE4-9C58-0B3906AF56A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-16c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"797C28CC-ECB1-473C-91FE-5B8C90F483E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-16c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC72465-7062-4111-AFFB-14751D981772"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-20c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E06E7506-52CC-46BA-8A54-748954E3CE9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-20c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"4F701465-E472-400F-AA8E-A23A1636458E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"38E0B686-1605-4D34-B98D-46CE5DAB5C57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"27886D70-CD59-451B-A22A-BDA9C216DA4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E2E7C775-A494-454A-98B8-A467DB06FEDD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"ED0E2C8F-D697-4108-9ED4-C6EAD305003C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9B1AD70-057A-489C-B8FE-974D345E26DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"45F512E8-77D1-4DAE-8B62-CDFC3F36C30E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FC4613BC-7233-47EF-A70A-010CB5FF1E66"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"C701DCE6-0EC7-4DE5-BFA6-5ED582D13C4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"24427B55-1AC8-4020-A6F3-C57C173DFBFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"F4301217-8703-4D98-A7FB-F45DB4C9EA59"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CD2B0693-E855-4143-89CD-0061040A2BF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"A88762D9-3E01-4B25-868B-173040EA440B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8ce-sp4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"43396497-7840-4BF3-B625-D1BFBE6AB60A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8ce-sp4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5FB32C1B-1A46-4976-8D71-53BFF8F1429C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"639B97B4-E339-43EA-9911-99721C406698"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C4ECEAB2-4D8A-447B-A622-E8E3282C1651"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sped-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F18CE69-1024-4AC4-85CA-16D6FFC4CAB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sped-f:-:*:*:*:*:*:*:*","matchCriteriaId":"ECB324E7-F72B-41C7-9E63-4E9AE39420EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spg-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FB4DEA6C-25F6-4374-952F-5BA98386FF01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spg-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"22E9404C-5FFC-485D-A94E-1F7C4F68B0FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1DD61F91-4407-4387-AF48-4FF97538F074"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"CA46A96E-0E1C-4AD0-A7BE-06A65C4DD75E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"73A298C7-5BE0-43CC-817D-1C7FAE38F543"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"15FE00C9-77B3-43B4-A548-9C4F0FA83ABD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C880CF4-019A-4270-830C-A0008854FB77"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"D01A53FA-F307-4B49-B803-DD7E3498BD00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B1D297B-735F-4715-8E1D-36C2551D5CDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DEB567A1-A336-4B2E-8B35-0EE3F5B37ECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln6tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A06CA5D7-4D15-4F8C-BD44-8CFD10675911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln6tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9766735D-CC06-446C-A6C9-C4A5671EA356"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46CDD49A-4C1A-428E-B2B1-8C15F3D7DE96"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"AF8F8046-D474-4A41-AC0C-93C43BAFDCA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C41502B0-419A-4EEE-A3D0-2226297E8DE5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-f:-:*:*:*:*:*:*:*","matchCriteriaId":"9D374750-F0F1-4F04-B127-7497DE767B19"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-ntf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1774E077-1D08-42B0-A24E-614EB4EAB7B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-ntf:-:*:*:*:*:*:*:*","matchCriteriaId":"77BFF598-DB0F-4696-9787-2216817F9DC5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BD1A08D9-3A35-44A2-9B62-04A16421E1C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-g:-:*:*:*:*:*:*:*","matchCriteriaId":"414CABC0-9708-4C42-AFEE-03296D916319"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"17A95DF1-0D00-4336-8685-ACE4CDEEAC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"872EACFA-9A11-4801-9D97-7875D32F2E5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-pt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7C5C3377-C72C-49D2-B9CA-C6CBF99375EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-pt:-:*:*:*:*:*:*:*","matchCriteriaId":"27DB6C75-ECB7-453F-9A1B-99A962A13E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EB67B3F4-7D78-4CA8-8F7E-3BAF483CB930"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"53FA6DCE-6515-46FF-A347-B6C429003DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"81620B39-4A78-4F55-B4DD-D83C4AB4FF7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"887FC02D-8065-44C9-A3B2-1FEEAF3EF56C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77487F7D-935D-423B-B434-89893474EE11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C067EC2-DA00-4D87-8903-C99E7058710D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-spln6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"282989D0-D5D0-4A89-9706-55289395BF27"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-spln6f:-:*:*:*:*:*:*:*","matchCriteriaId":"A450B280-D321-41D7-8B9D-B8F3C8B3B786"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12std-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"10F85E07-0BF2-4F58-8F3D-BBA7EE67AD56"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12std-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC355A7-ED7C-42DE-A7B5-76A21BD361EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ste-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E055588E-65F9-4B15-B01F-031C74BD4A1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ste-f:-:*:*:*:*:*:*:*","matchCriteriaId":"89049FC0-7786-4E8A-BF6A-56F70BCBADBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7B188DD-1C6B-4A5F-9E2B-61435693218E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E76F1D7E-DC1F-45E2-BF79-8A33D5670DF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E391C4E8-CAE8-41F9-8831-559E4DD66AF1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DAAA4AD0-D2B9-43E0-A77F-9A75E242FDDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-sys_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C12B7637-1E8F-44BF-939F-155701C182D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-sys:-:*:*:*:*:*:*:*","matchCriteriaId":"20712495-C1FB-4332-B5EB-B68CB951B05F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"21C67B23-0146-4E42-8380-BADCF0FDAF5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"01576524-4AE1-4CE5-8909-8A2BBE579638"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64BFAF49-C93E-40B1-B5C6-2C45102AD111"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"3CDBDBAC-14FF-46CF-8E72-C8BD9B66A475"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8DD20453-A699-4FAE-9144-CD35DCB1636B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"375F89CA-3F0E-4DA1-B044-93312B20561C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AB356E7-1F23-42A3-8348-9D95FF3C3B40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"C6C5E4B6-7AC4-4871-A43C-1233B84FD769"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4D5C7EBE-985F-40E8-920D-8E9A8C737B81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"C40F79C0-3501-416E-A2B3-9C70D651E6C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"916310B5-8364-499B-82B1-03816A75C709"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"834FE721-032F-462E-A12A-1FA38D1C24D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E38FA954-FA36-4B54-A06B-834CC2599B2A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"08D3196D-E172-44D5-9949-451500B51C10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97A64327-AC40-4DA6-9012-4AF88C73A758"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"8EF75784-1632-4F72-8B34-1B3B6A6331E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7CB43433-8039-437A-B819-77193A5C64F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"7370CC87-C0E3-4B7B-B01A-564764122E86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"062E8B5E-A345-4E19-8E91-F7B06B5752CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D7CCE200-88DC-42C8-953D-4E422013708F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30A9396C-B4B4-42B8-9316-BC096B04C458"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC3642F-DF65-4764-AFE1-96AF932266DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B78F8FE-0170-4CC6-8CAE-98C1A885F702"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"E906BDB2-075D-446D-A86C-B9D3B9E25216"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dac_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BE50492-07D8-4D1C-8AF9-763F25997CCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dac:-:*:*:*:*:*:*:*","matchCriteriaId":"D3600406-96B2-4E52-B5F9-9ABCED307EEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dai-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8633825D-939D-4826-A1BC-854ED2358A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dai-n:-:*:*:*:*:*:*:*","matchCriteriaId":"0C5967E7-B9A7-4F23-B966-51F5C82B2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2DBD8FD0-2033-4486-B19B-3A65F8B96F16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-l:-:*:*:*:*:*:*:*","matchCriteriaId":"94B75335-6871-4FA6-AC30-1C121C91195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"992113EF-3E48-4F43-888F-A072499405E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"3EFD3B3C-F46E-4B27-A16B-154DB9740ED4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgo-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61080B7E-47C7-4E4B-B9D4-E87F8AD13F7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgo-t:-:*:*:*:*:*:*:*","matchCriteriaId":"0093BCEF-E0F0-415B-8267-01B5D71F2E61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E07FCDD-A555-4FB1-8528-DC291A6B7989"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgq:-:*:*:*:*:*:*:*","matchCriteriaId":"D77FE66F-DB11-4B35-8A60-943FA5803F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"416018C7-D968-4697-BB23-7D7C3F56307B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-l:-:*:*:*:*:*:*:*","matchCriteriaId":"28A547F9-4267-421E-A569-D73F937D6CB4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E31A20BA-EF06-4BD6-B22B-E6C14C5394B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-m25:-:*:*:*:*:*:*:*","matchCriteriaId":"7FF70FFB-8D20-4C4F-90B3-8681F94A6C0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F0763501-BAEB-48FC-B74D-BCE5046C5011"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"05703141-3375-468F-8F03-AFF548E95A39"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-snr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1577F719-7CA4-4386-A22B-6BED1815EA2C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-snr:-:*:*:*:*:*:*:*","matchCriteriaId":"1610EF6F-D8A9-4AE4-AFD8-D8D82654E38E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-s_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7D9E2486-03BD-45DD-916A-AD72CA3E12CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-s:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD78F27-1418-46B2-95D7-7A2DA82FFD88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"540B3344-9C8B-40FB-AF8E-88AC654C928F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"21FB236D-9777-4318-AE9D-3D565992E6BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-hgx2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6753B838-73FA-4F3C-9851-EF3FCF6B4071"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-hgx2:-:*:*:*:*:*:*:*","matchCriteriaId":"20492DE1-0D08-4769-83FF-16985A6E90F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-ot-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C7554A27-12B6-4D35-BA9B-07F8BB2FD237"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-ot-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"1EFF8666-E52F-47ED-9330-11E36A75495C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"356257AB-4E25-40E0-B4E6-189CF1C9E958"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"8E309A80-F6FE-434D-B3EB-4593F18367A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5BB2814E-3A02-42B1-BDC9-416452258F18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"2C31C72A-AEF5-4F28-9EF8-00A19A39E7AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0CB2C0A8-13DE-4C20-AF87-8B7CF51890D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-i:-:*:*:*:*:*:*:*","matchCriteriaId":"F149C888-F3AF-49D4-BBBF-99ABC8E8CEDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F21135D9-BB90-47DC-B984-6E0843510DC8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-t:-:*:*:*:*:*:*:*","matchCriteriaId":"9780452F-4264-4069-9378-FE7F01D7ED1E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-tq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3567527E-5FC8-4E42-BFB3-4BF0FA7CF0FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-tq:-:*:*:*:*:*:*:*","matchCriteriaId":"03E3CB77-7874-4B9B-B6D9-69D42304D6BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"52D9057A-9494-41B2-9AE7-1E321BE1F556"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-n:-:*:*:*:*:*:*:*","matchCriteriaId":"8CEB1846-2BD2-4326-BD22-14DDD05BB7BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CE98E3AD-C668-422C-BD10-D7C813A38798"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F5553A6E-4BCB-4EC1-B002-EDDDD313F4E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"27BB425D-F131-4F4C-AAB9-A0E31E072A9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF59606-20D1-4E68-AE55-DA3F7101654F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dps-re_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F562BE69-049C-4C9F-8E6B-EF46193F4D30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dps-re:-:*:*:*:*:*:*:*","matchCriteriaId":"ED8E7045-1721-4629-B92C-F35C0B074245"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FD5A0214-AA78-4957-AD08-B545D672672E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-b:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF7F546-1D85-4F99-9CFE-6F997402028D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-bh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"39C8AE86-11D2-48C8-A068-10008D227EAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-bh:-:*:*:*:*:*:*:*","matchCriteriaId":"5F00FAD5-FBDF-4239-9B1C-C012B5AC546A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-br_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B9D103C-EA4C-439C-82E4-9B8C5AAD8E51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-br:-:*:*:*:*:*:*:*","matchCriteriaId":"7710C62C-BFC9-4D9B-8EB1-A41273C06BF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05760878-E696-425C-8363-C6303DD6388A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-l:-:*:*:*:*:*:*:*","matchCriteriaId":"4F14E33F-DCD7-49D4-B0F5-AF924A87CC53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF579C83-C768-453F-B7D9-27C2005146A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"749EF1B5-F6A3-493F-B920-8033847BF037"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D17A0787-A669-4566-BF40-4EC9131AA557"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu:-:*:*:*:*:*:*:*","matchCriteriaId":"609DE3AA-044C-4B20-8A27-A507F4A11279"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A6E571AC-93BD-4079-AC51-125778A009FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-r:-:*:*:*:*:*:*:*","matchCriteriaId":"2FF46B33-1765-44B9-A9B9-C3A97B5AD384"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-v_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78E18E61-4068-4162-88E3-47D44BAA8497"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-v:-:*:*:*:*:*:*:*","matchCriteriaId":"E125C5B7-7BB6-47EB-93A5-CA15FC082198"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-xll_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6A906F07-7207-4674-A494-06C4E5134DB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-xll:-:*:*:*:*:*:*:*","matchCriteriaId":"B3CB5CAA-C9D1-4508-BBE6-2546F6017715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-z\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"304B5920-89F2-4FFB-9F61-6BBAE035E462"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-z\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"4ED5B015-0DB1-4E55-8C22-6DCE0BCC00FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-ze\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"44F2BDAF-65AA-4845-BA04-BD0C3F1D09A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-ze\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"01852618-551E-4051-90E7-7A3386804A76"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpx-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6664EB3B-0C03-4435-8456-DA5CF230BD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpx-t:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB9F79B-70D5-4084-8DBF-E13CF76B77B7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"697C92B5-B730-41CB-B656-5FBEA314255D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc:-:*:*:*:*:*:*:*","matchCriteriaId":"5786F44D-9EE5-4C0B-9C01-F0D46762F7E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B4398AD-AA39-4044-A9B5-99481B8E2711"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6442E1D1-53D8-49F4-8D51-08CE45850A77"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsf-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"297D1AD5-0139-4405-8ED8-AF4F5F96D56B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsf-e:-:*:*:*:*:*:*:*","matchCriteriaId":"BBDD9667-CE5C-487D-BC40-506D3722AD4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-ts_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3C92890C-1FC8-4FD3-AAA7-38FC798C2C39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-ts:-:*:*:*:*:*:*:*","matchCriteriaId":"EA8F01F8-FA29-4E46-858F-149F94C8DBD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-tsq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F4E875ED-157A-496D-849F-5E11E736178E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-tsq:-:*:*:*:*:*:*:*","matchCriteriaId":"DECCF4B6-A0FD-419E-A61B-7BC023555E7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"132E6AA4-EEFA-41BC-9535-4CBC915DCDD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"27164AC7-6D07-4D0D-AE90-8FB4C2498E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu-cl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5276403F-DBEA-4929-B0A0-7E240C22762D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu-cl:-:*:*:*:*:*:*:*","matchCriteriaId":"A5E14473-022A-4472-8742-4BBB97A90047"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qph\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5597372A-F3D1-48C8-9C75-A3107D2F912A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qph\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"E534D7BB-B73D-45F8-AB1A-CDC55B05D237"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qpl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A46D5ED0-D590-4EC3-83BE-837ABB638A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qpl:-:*:*:*:*:*:*:*","matchCriteriaId":"8E668445-7698-42D3-87A8-C82FFAEDDA40"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11saa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"04EF0829-6E03-4AEF-A970-0E5F1C06FB05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11saa:-:*:*:*:*:*:*:*","matchCriteriaId":"97B2B57C-0599-4CD5-B886-B51907406530"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2AE7457A-733F-4714-A741-E37C6847D5F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae:-:*:*:*:*:*:*:*","matchCriteriaId":"450DA6E7-7E1B-4E3F-916D-A04E8A64C9E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8FC62932-8F3B-457D-AF1A-18F93007D765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DED254-4F7C-4BA3-BDB4-C20046F1801D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-m_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1349CFA0-2294-4EC3-ACCB-E202FBBC7F97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-m:-:*:*:*:*:*:*:*","matchCriteriaId":"DCC976BD-381E-452C-ABB6-E90F7D39FB31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D1FECC94-F089-4A55-A1E0-5CD2DA011DEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san:-:*:*:*:*:*:*:*","matchCriteriaId":"16146E8A-A13C-4347-82B1-AD2FD7EEE710"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35D0CE32-106C-485A-8B2B-111FCBCFFC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"BA94D270-1820-4325-ABAD-EF8B42D56DAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B8886ED3-DDFB-44C0-870A-EF5E6F923921"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat:-:*:*:*:*:*:*:*","matchCriteriaId":"F3F363C3-ACFB-4A15-9076-1C03E92DB138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B93A5C2-9662-44D1-8DFD-562C844DB611"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat-f:-:*:*:*:*:*:*:*","matchCriteriaId":"2F1C47C2-E481-40FF-BF6D-C327C1ABA050"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B448A736-AECF-4550-AB70-22A8BF030622"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3FCF6EF1-D3E3-40CA-8AE4-BFFF37964541"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4D1A46-7763-4FEF-B32E-29494755028E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C15EA79-AC77-4254-821E-DCBD4748E73C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61C8DCC0-DA05-44C2-BD5B-BA2BD2664A5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca:-:*:*:*:*:*:*:*","matchCriteriaId":"C2521B38-3BB4-4B96-AF7C-6BF429F0FC9C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ABD3DBBD-BF92-4BAC-ADC3-B3002571533D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"577067B9-0F45-4A40-A75F-C7FE9B2B8855"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"14FC8981-EE22-446C-B3BA-43D4EA25F275"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-w:-:*:*:*:*:*:*:*","matchCriteriaId":"683EB125-0F49-4199-9244-F17ECA6F6C4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C89DE7EC-9EB2-40B0-80F5-8BF3527B74FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"C89CC49B-01DE-4888-B0E4-B311C0F3F789"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sce-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5739500-AB10-4CE2-95E2-F65EA2D2B779"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sce-f:-:*:*:*:*:*:*:*","matchCriteriaId":"4BF53152-845A-4736-8FB0-C672D8A83F68"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D70CE1AD-78BF-432A-84BC-5FD6BE4B6E5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6E9B23E2-2E68-4E1D-A8B5-BAFB00DFB4BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46071A5E-2291-4621-914F-3CBB3437036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"071A5B7E-6525-44DF-A612-DB63312AA3A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0042216F-C5B6-4478-83D2-229E24ABF2FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"D1528A2C-3983-4CF9-B365-7F307B93E466"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB27048F-10BC-436B-A139-C33F861C3846"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"98595EB1-0B54-4E09-BAB1-4A37BCBB941A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"82DE3F62-F590-4293-8588-E47204D083AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"586D8457-A684-4410-A48A-C5545F5B2003"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F63FE7EC-D7C5-43EE-9053-AE364588E98C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3B7B927B-1B10-41CC-8C8E-0DA456082C63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-ln8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"849E1220-EC92-41B9-B27A-8B9E4EA04F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-ln8f:-:*:*:*:*:*:*:*","matchCriteriaId":"D0176160-C4E3-435E-8DDD-E992044C500B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDEC4239-2014-4479-A810-932B2B68AF4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq:-:*:*:*:*:*:*:*","matchCriteriaId":"19DB281A-F2B0-48D9-83B9-21CB651D34E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB9C837A-E11A-4135-AE80-0CC6B910B380"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"83A3CC6C-B6DA-4C5F-97FF-B7075C2D1936"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85D6B8BD-291B-4753-98C0-8629C962B6C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-l:-:*:*:*:*:*:*:*","matchCriteriaId":"F49DCD87-5179-4AB0-B859-79CE26145125"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30EF7DA2-51AC-4064-B679-DBE1A869C0F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"EA86A993-5A42-416E-B91A-54DC1719776F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3A35A0FA-76EA-411F-850A-A36AC20D2E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8FB564A1-E87A-4CAD-A8E8-5A22B0165B61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FBAC3A63-BC83-4B2D-808B-7ED330764644"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"03512A43-F226-4E93-8D38-5C3513AD5478"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E4854AD-2561-47BA-8248-E5F045FAB070"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"7A5ED2C4-0267-4F6C-BD29-9E0CEF01339E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB406DAD-3EFF-4934-A1E0-0CABEEBD1012"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"F45F4322-46AA-4865-808A-90FBE12386C8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-4c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA85522C-E77A-4BF4-ABDE-3FE7D8E64D1C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-4c:-:*:*:*:*:*:*:*","matchCriteriaId":"8C4FE5EB-4CB5-449F-8BB5-DD7BEE5CD39C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DCA3FA9E-71C5-4B9A-8C25-EADA4EF89FE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"4008F053-1E0C-477B-964F-9435801D09C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-18c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6AA3FC73-9A4B-4292-8819-2F469343D824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-18c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E70CB-BF44-4DE8-BA2F-47283586FA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-8c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2EEB618F-65C0-4AF7-BFC5-B33714346728"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-8c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"39BD8B01-9630-463C-870C-76EC7FE2D325"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-12c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B3E9CA8-314E-4C07-AEC6-255A0B02122B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-12c:-:*:*:*:*:*:*:*","matchCriteriaId":"B9B43F7A-EF17-498A-8AEA-F4E98547DCDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-14c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03E64734-7D31-4676-B04D-9FE1A05AA2AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-14c:-:*:*:*:*:*:*:*","matchCriteriaId":"4D2667BB-FE14-469F-9CC6-EB44B5B45DF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"240EEEC9-91DC-48C9-A4A6-C753F2C1756B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"83B921DB-EF3B-4E6C-B67A-6E57EF2CCB1C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F7ED116-0803-4FEB-BDF2-AA77619E0BB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"25EA425D-7D25-44BA-A6E1-210349DC4AC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEE6ADCA-47F2-4A4A-9B68-65932856C66A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D5D77AED-1F86-4C4E-80D1-473C65DA3EF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"29DB0C5D-892E-4C44-92D9-A5B414A04C1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"97A5A305-FFE9-4F2C-94F9-9B4E8ED255EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6653554-89E5-4F10-93DC-BAD4337D0DC1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"807D44E4-85DA-4F3D-BD0D-7393ABBDE9D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C967A95-9CA1-4EB5-B153-AAFFE7626823"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC0B8F1-EAFB-44E0-B3B5-8A8D5EBD51E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"941D9F12-9CC3-482C-BE92-A7F920819331"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"3C5DDB30-1E22-42C1-8F9E-381004F9DDB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"895FF0B9-7EEA-467E-80AA-560A4B0793D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"59D0561D-78DE-47B7-B8E5-E1D6F9BB73B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4371A185-BF71-49C7-9318-B0AD11B4AE69"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"C1ECBB36-CA02-4A8F-AC62-97C695E067C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f-01_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB9A43BC-5D86-427A-99D0-B19DAB2D94F7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f-01:-:*:*:*:*:*:*:*","matchCriteriaId":"5F8CDF9F-2650-46A6-AC3A-5FC61C942E87"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E01FBF7-605E-469B-8B5A-6B26332CB704"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D935CA76-84EB-4B3D-A4EF-6BE8F8ED750E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A9819485-E143-481A-A058-420ECFF3C75B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA40B6EF-E65E-4494-A368-41966BCAE70C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C125AF3D-A650-499E-85BB-6DAB33EC7C4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"F58D8FAC-A913-431F-86FA-E7FF585684A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-12c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"33925DDC-A825-4029-A034-9BFF0C62F7A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-12c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"3F8AA874-B736-4C30-BC48-8BDF1A21463D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B6A7F79F-3632-424C-888A-314549607C14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"B4B8CFE3-D081-4A65-8A5E-BEA397F9195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cn-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8EFF4246-365E-4C50-B1CD-4F7EC0A281F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cn-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"0D58AEE8-3390-490C-A04F-9A3675FA7E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cnt-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BA3304CB-E384-4A41-91C1-23023907B52D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cnt-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"EB50C171-3075-4A7C-97B9-6C48AE5E1222"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"41005504-CE28-4228-8B06-512E2083F276"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"BF949680-3AE1-4806-8A96-B7F50E9CAE0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0619F3CD-CC67-4827-AE3D-DD9CA646555E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"8CC6354D-DBB1-457C-B9C9-FAF2265BAE5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"265BCB39-7942-417E-AD82-D903C9E410E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"5556FAA3-B53C-494A-8AB7-4942FE0E3757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"71F71EA7-FE29-4DF6-A092-98A4019C12EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"EAF047A7-2B8F-44DB-9D2E-AEA638E3CCBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-8c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"927581C8-56FC-4EC2-9781-22F764BAE269"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-8c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"D9379DEA-1052-4A46-831F-A3F45CDF51C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18630E63-C300-41AC-8729-4418C2A6DC6B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-t:-:*:*:*:*:*:*:*","matchCriteriaId":"93841CE8-D876-44A3-A530-959CDB90FA7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"377B2DF6-3E30-43C1-8268-B41B967C43AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"D6440101-3C85-427B-A930-014CCDA79CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78FD0BEE-D475-48B9-9125-DA0B043063B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B2EAD8C3-4C86-41EA-94C2-8A025BD11C96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spg-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF338C11-81EA-4D1E-8785-2EDB6BFBB17C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spg-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0D4C8250-1682-4360-828F-8E7EE072CE6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"92B129E9-A4F6-4643-9FB9-443FCDD764AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctf:-:*:*:*:*:*:*:*","matchCriteriaId":"0DABCA06-C8F1-4A20-9F85-69B49B3C5095"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"867CE591-8F70-4FA4-850C-B2490B7C19E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctpf:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF784B2-347A-4A62-9CC3-6A01624D0F07"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0F7BFD4D-CB73-460B-9E11-486817129495"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"069F2E47-05DA-4676-9A11-B5059130720A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ED404BD7-9873-485F-ABC4-D27470ED113A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"372B1F73-010B-4E12-A643-336741265B23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5956F7D-ADB1-4B1F-B5E7-60E68DC13E14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1023FE03-0D76-4F33-ADC3-4502BD8AAE79"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4BA06E-A3CD-42E4-96BC-F16BCA654F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"09E13FF0-04D4-41CD-97B8-1860028F8F8F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"482E5372-9001-42F5-A800-DECB62D6218D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tpf:-:*:*:*:*:*:*:*","matchCriteriaId":"6D4232C6-8C0B-41B1-AF69-A4E584756777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B7D9E669-D0F7-41C8-9467-7CEE659F9818"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"F0BEF4BD-0962-4DC0-9329-5C28DAE78B93"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2903AFD1-DD53-45B9-AC45-EE4318953190"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0998B7F1-CD28-4E07-8BA0-53EEEE9A25CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1E277DCF-D312-405B-87ED-8F2C849D1972"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra:-:*:*:*:*:*:*:*","matchCriteriaId":"FD640185-AC03-4235-A8BF-F71473A3D21B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"25863AED-0930-4B92-9543-B3ECDB41F6E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E90E4534-1E54-4731-AFBF-5742274AAE1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-rf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26854260-D5B1-4896-BCC4-BDC300EC74F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"88A40C12-CDC6-4065-A65F-1ABB411BF12E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sri-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"671629CA-F04B-451F-8BE1-34E0AA5FE73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sri-if:-:*:*:*:*:*:*:*","matchCriteriaId":"92C0DDA9-ED3B-4DC8-B19E-19B9283A2C12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8C9D99F-51EF-436B-A632-6A287929C1E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"900E0C75-C843-4327-BAF2-F8077281D87E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87C66CF8-B9F6-4804-884B-0F99EDEF54A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"161177BA-5C2B-47DF-B900-568D0665020A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-vf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"06A5E49A-5E22-4FC9-B669-C107F528EFBA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-vf:-:*:*:*:*:*:*:*","matchCriteriaId":"FB7EC704-0887-4743-AD5B-F9CF6EEE4B29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssa-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0892BBDA-B31B-4558-9C51-B129A4B0F9FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssa-f:-:*:*:*:*:*:*:*","matchCriteriaId":"48D2E9CD-71D4-4556-A0F2-2C3B7FB8A77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05BCD88A-F10A-4F1D-B129-E6E34329EF1B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7B72F70A-B33E-4382-81DA-3864C2E14D41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sse-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"09C66363-58E4-4B8F-8D76-A5E61C40820F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sse-f:-:*:*:*:*:*:*:*","matchCriteriaId":"FC57F4A1-10F8-4926-A446-D2B8F05B8008"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3E763AED-58A3-4B45-BEE8-F0DBD2273C30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"95CD6DEE-E000-42C2-825B-C29E3F7D725C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05731059-73C8-4A9F-B651-62937B728767"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E7BE07CB-DED5-4810-9D04-884478CA1532"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A2479843-DDFF-4B53-A42F-6E715D36D040"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D6430B42-E04A-4CEF-8318-074536119201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"67C4F018-28D7-4432-A5C2-7F04A1186EE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"184762F2-E3A2-46F7-AC09-00DED69C7A4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5B898C1E-1D08-445F-96E7-CC9C30AC264C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D07E7DBE-010F-4F21-8B4D-18DE8BF59D9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"321E79A8-251C-4CDF-8D82-B8AECE80B377"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"54CCEFD5-FE80-42A5-8ED1-BEE9BCAA21AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DDA317E8-5F90-4C3E-B2DB-5BB843F7036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"063C19C8-9A26-4457-A969-0172FA2E2BE4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2574D409-99F0-4B5A-A083-F70A67641D7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FDF932E7-ABDF-4541-B032-D013D881A25D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssi-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EE805506-31AB-4A37-BB72-46E279AB2824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssi-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"00A6A4DB-ED52-4DF1-809D-ADCA9F8324A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"98116A5B-3572-4FC5-A2B5-17AA4A8B7D22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl:-:*:*:*:*:*:*:*","matchCriteriaId":"0DA4B4D9-59CF-43D3-ACBE-8091C257C8FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-cf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7155E1B1-3F93-4A45-A0DD-E3207567C2A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-cf:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA01B7B-0A5F-48AC-811C-BB6EB4C78719"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DB8E9380-7211-4291-8A20-B824788DD361"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F59AC9E2-69C0-42EF-82D3-F304D4918E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6135023F-487A-494D-93BD-00B6B1AB5FE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"84671D8E-00A2-4AC1-9B7E-9B7BB5188B3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"51BE935C-26D0-40D3-BD89-E687FB03D822"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm:-:*:*:*:*:*:*:*","matchCriteriaId":"E28641A6-F24E-493D-B57B-954DA91F47B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AC8C1870-205D-4274-AC1E-97520C8D84DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1EC19D26-080D-4B5A-A41C-253D00036608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9024100A-B534-4767-AD82-6D68B35F528D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"36D80443-7089-4484-B9F5-029BAFF1A5BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AF85C30-B3D3-4AA0-BB47-8514B07AA9E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-001:-:*:*:*:*:*:*:*","matchCriteriaId":"EDF406B5-6051-429F-B4BA-B5FCC3438E2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7509A40-6C8A-4158-A291-08423AF67D8D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"B3311514-CCB7-423F-9CD7-A0AF63E5EC4A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B9F9EDD4-B350-47A8-968D-0CA7807D1656"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E16D25E7-A713-4B72-B386-A6DFD024AA5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF8C94B5-5FA5-4C5B-B6CB-3D77C0E9B309"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"0000DB52-9B92-45B5-BB63-4C694E3714D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AD96DBC3-6110-48D0-A88A-46379D24AAD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-001:-:*:*:*:*:*:*:*","matchCriteriaId":"5D35739F-DF6C-47A1-A4FB-B3415F33AD55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"48BC8AA2-8DF0-4B73-9AF6-476F20C9805B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"D97BA507-5721-4360-BBF2-65D94C038C51"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77D5EBA8-4A56-4E31-85C4-E257BB87EDD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D376009A-CE57-4389-837A-C1933B95FC4F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"252C49DA-308D-4CD1-8E6E-BC63F6246DD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"D25709E2-5B71-428A-8D67-2963903C12BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"679DC010-4BBD-4BB7-B3E6-7ACB466B3039"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-001:-:*:*:*:*:*:*:*","matchCriteriaId":"8CED7FE1-ACF5-4FDF-8942-A1F3DF583242"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CAAC39-7134-42A3-A1F1-D4E28C7B8CB6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"0A9F87DA-EDA8-47FB-8574-F3BFE24C7D03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B1C89DDB-53B4-4C64-9DE8-1D355E625B38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"68216C46-DBCB-4666-AE4A-4EC895571367"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"636DF182-2C81-4E3D-A574-D8954178E876"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq:-:*:*:*:*:*:*:*","matchCriteriaId":"8573A582-A52A-4006-99F0-D42C3AE5B722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D6798F23-3EFB-4E50-B008-4387EA7BD64B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"03CC1ABD-321B-4680-AFCC-5E4AD6E1A903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C525E969-B16D-4B77-B26A-8DB59E2C3E94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7A7D90D9-531C-4904-BEB5-35CED4F4670A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AC7954D-DD60-4681-811F-E283D1945990"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4:-:*:*:*:*:*:*:*","matchCriteriaId":"4DA13087-4F08-484F-8083-104A48E533C7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"918880F9-7E0D-4EE9-A3F2-6076CF56FDCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5D258D3F-A52F-4E7F-9883-CC48A49A31D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A44B5078-FF02-44D9-993E-9920D6CB69B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"90CB1E05-C42D-43F9-95F5-258C87A9A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-4tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCAD1C84-44A4-4DF3-B986-CC74B9BE1D07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-4tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6089DFBF-A190-4A4C-9DD8-1DA4D539A5F1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EC58D65B-87D2-4EEF-9869-B8843EF7DD39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6CDDDC18-753F-496F-9953-5B91ED1CC0F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8B851DE0-7AB2-446B-97FA-B01258045317"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"3A180D6C-1A5B-41E0-A4CA-99CD49CBF585"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB458920-62A4-46BB-A9D1-D8DEAAF031CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"25DA80D6-C893-4B91-94ED-9FE4403DC6E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0E796E38-6EE5-407F-B461-A44E47A3DE23"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"A003C87A-7055-497C-B320-DF15F0D112D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"897E7B81-6038-4F64-8B7D-F0099DF2BB88"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5C338781-88C1-476A-A3C9-2018016BF2EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDD7E679-7040-454D-A158-7AAB9364AA78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"E34FEF2D-51C2-4FC9-AC2A-7A40BDA5EDA8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2476AEA6-1961-48B9-91C7-39668153AD49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"59F6BF1F-A8EC-4A61-9BBC-0B46877BE366"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35F1718A-6782-42C3-9CBF-506D8C5FBD76"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"830F9903-EF91-48E0-ACEB-76C629886680"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A611E64F-3E3F-4B7F-AC97-B138B864A3E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"F5FE79CD-C7B6-458E-82F0-1D6DBA9AC2B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"32FB8458-08DB-4EF0-AC9D-D3E6059CD697"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"7493C93F-A80C-4F19-BA3E-BB0C7FE95BE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"158059FE-ECB1-47D9-9C28-9544D006833B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"09B2349B-0BDF-4B73-91D8-756D81900C5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0EB394CD-C7B8-4967-8846-E59E904BA0BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"ECBDA83D-46FC-42E6-AA22-EA312946352C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB93281C-B13A-40C2-88E5-199AB3FE3E26"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D58DB7DA-B8C4-4E37-BAFE-574CA01A9691"}]}]}],"references":[{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-33413","sourceIdentifier":"cve@mitre.org","published":"2023-12-07T18:15:07.497","lastModified":"2026-07-09T01:18:23.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The configuration functionality in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions through 3.17.02, allows remote authenticated users to execute arbitrary commands."},{"lang":"es","value":"La funcionalidad de configuración en la implementación de Baseboard Management Controller (BMC) de Intelligent Platform Management Interface (IPMI) en dispositivos basados en Supermicro X11 y M11, con versiones de firmware hasta la 3.17.02, permite a los usuarios autenticados remotamente ejecutar comandos arbitrarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB4C5A73-CF7A-4891-90A0-ECC1BEEEC8F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA419264-0203-4851-83E2-6C8D9EC10CC4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-4ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B119A07-8996-4EF8-9BCA-6F0EFC78ABA9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-4ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"47CE6672-50D3-4F34-86A9-75B81CDF2A9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A61610F5-C653-4731-8B42-8C70BDF7505E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC8BBC2-9D1B-4242-A850-48BA13F3BEC3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8ct-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A7BE31C-1C28-4937-BB45-46C978ADC335"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8ct-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"704A622A-9144-4673-8DF2-651B7C70450B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:m11sdv-8c\\+-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03497EA2-5051-4B65-A851-C95DD0C45C84"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:m11sdv-8c\\+-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C183B42C-0B42-4C80-9FB2-0191B06A754B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8865673-289A-4E7F-8DA5-C707957AE5D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg:-:*:*:*:*:*:*:*","matchCriteriaId":"43A67415-C05D-46F8-8C82-381A4763610C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA8F7797-378F-4BB0-A172-D79E01891F5B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300:-:*:*:*:*:*:*:*","matchCriteriaId":"F049DED7-6A11-4B35-9318-7CBF9A4669DD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pg300f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"62CE5298-8933-42C7-9538-0CF7152E086E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pg300f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBB5FD13-BCEB-4E0C-999A-B8DC68073B9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FCDC20AD-D292-472D-A725-C99D90D696D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf:-:*:*:*:*:*:*:*","matchCriteriaId":"0670C747-49E6-4358-9989-CBF08D20BDD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-pgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9C918A3A-2BCD-4F62-9EBA-13C8F3C016F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-pgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"29A2FC6A-8873-4B9F-A1B4-B88429A135F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"861476F5-E684-41AE-9E33-62D22A18B064"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf:-:*:*:*:*:*:*:*","matchCriteriaId":"1AC82579-210A-40F5-A12E-2829FF0B2DA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:c9x299-rpgf-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E3B530C-3664-4EE6-B15F-4031E91893C2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:c9x299-rpgf-l:-:*:*:*:*:*:*:*","matchCriteriaId":"595457C2-0C73-457F-B571-B9B694062D7E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13dee_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97C2F1CB-98A2-487C-8E9D-75CCF36B1C5A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13dee:-:*:*:*:*:*:*:*","matchCriteriaId":"3411564B-FCE5-4819-B226-65F7B3152E32"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13det_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2FBB7068-B11B-43FD-8866-71F3484248EE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13det:-:*:*:*:*:*:*:*","matchCriteriaId":"67D98A72-B2DE-40C8-9491-B7543677A266"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13see-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DD8AAC7B-19F3-43D4-89AD-A5F717374067"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13see-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B1B07E94-29D2-4DAA-9B34-3573FEE22C7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b13seg_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B0D0D78-832E-41E6-84B8-C651C94749EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b13seg:-:*:*:*:*:*:*:*","matchCriteriaId":"B6F157CA-D9A4-4EFA-8C0E-D644E9E3C8A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6BB12538-3CEC-4A7C-8E9A-DE7E5079E426"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"DA579368-7624-46E8-93A4-596A18538BD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-o-cpu-d_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6552B70F-94CA-4AEC-9519-D2952A0B3B3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-o-cpu-d:-:*:*:*:*:*:*:*","matchCriteriaId":"7E0F442E-B787-43EA-8FC7-078935708514"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsg-om_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"66D2261E-3CFE-40A8-8C80-DE4B0F70CA33"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsg-om:-:*:*:*:*:*:*:*","matchCriteriaId":"B93C26E1-EC4A-4B55-BC6C-4DBB3B29F548"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13dsh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B066F428-4D87-4233-8C49-475ACEE4A861"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13dsh:-:*:*:*:*:*:*:*","matchCriteriaId":"89B92EB3-1B95-4095-BBEA-B1DBDB3B0FA2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sae-mf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B275D084-1081-4891-B8A4-CFEDA687593C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sae-mf:-:*:*:*:*:*:*:*","matchCriteriaId":"F556ECED-E349-4D22-B5E6-FC7D5E70BEAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B22FBD4-BA6A-418D-A835-93B61F08B085"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"87E5769F-2994-4D71-BA3F-F84600F888A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0B25B157-9AB1-4FBA-8500-01AC35A91911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6A6CDD62-FD70-4219-A8B3-3C0F01C3F1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13srd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87BA83AC-0BE8-4E0A-9A55-6B7E976153BE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13srd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"675A5F85-E7EF-40B4-A7B0-1C4FA83E20F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C5522D20-411D-4673-AEFF-91F872050CCF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssf:-:*:*:*:*:*:*:*","matchCriteriaId":"63215A82-9A56-4901-B5AE-90633D64E1C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65CFBF7E-4450-495A-8E29-BB814EE5474E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssh:-:*:*:*:*:*:*:*","matchCriteriaId":"10D2DCA1-183A-48FE-8F59-B1A67B0576DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"772C085F-F428-48EE-B559-B77B891BBCB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-n:-:*:*:*:*:*:*:*","matchCriteriaId":"364216C0-0D65-40A9-B35B-36B1A9228A56"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1A37D71E-3B24-4890-975F-B1807ED531A7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F06F7E1B-6235-4B48-88AA-B9833AE75862"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"098BEC3C-6859-454A-B466-CCD975C6EE12"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-g:-:*:*:*:*:*:*:*","matchCriteriaId":"005B9DC1-4115-4773-8F45-F4FB555A03D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13sst-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF2A14DE-1F9F-4D01-9CB4-977C8D71597A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13sst-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"5C340BFE-2FB0-4BF6-A2B2-B8526DBB1D63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13ssw_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"917A23DF-FCEF-4FB6-ACDD-8077A2091816"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13ssw:-:*:*:*:*:*:*:*","matchCriteriaId":"0A611C4A-57C2-48A2-B3E8-4AC46242CD31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BC575B82-D63B-4FBE-A18D-BA9A7615F66E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-n:-:*:*:*:*:*:*:*","matchCriteriaId":"FB3B6BEB-65D4-4D08-A2A0-5B91C5C93757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h13svw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"50B780CA-71F0-479F-B1C3-4573129883E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h13svw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"8F0AA1B7-A15E-4570-A47A-4734DAAFC9F0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dai-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3450B80D-F902-4A9B-AC94-474C6A1BEA06"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dai-t:-:*:*:*:*:*:*:*","matchCriteriaId":"75EA52CF-A1A2-4A09-849A-423F6E47A485"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13ddw-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4FAFFA34-4335-4A0E-BEAE-A9502CD47265"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13ddw-a:-:*:*:*:*:*:*:*","matchCriteriaId":"558BAD24-8C02-4A7C-B10F-48059C810579"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"571760F1-A792-4319-9592-19368FF462FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oa:-:*:*:*:*:*:*:*","matchCriteriaId":"5FAD54D8-480C-4BBA-8A17-5557BDA7CED0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-oad_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B4903E9B-8C41-42C2-95FB-8171EA6D6C3F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-oad:-:*:*:*:*:*:*:*","matchCriteriaId":"D661D4FC-874B-4020-B03B-A7DC3B82B0E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-pvc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6C305075-2344-408D-A569-7457434C8A9A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-pvc:-:*:*:*:*:*:*:*","matchCriteriaId":"BD036B36-43BA-451C-B371-A04C41FBEB65"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"606D0988-D3C0-47CE-A8F4-5440243416AE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF5517B-B6C5-47CA-929F-D4B95827A902"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13deh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2D119D5D-AC6F-4606-9075-807201258470"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13deh:-:*:*:*:*:*:*:*","matchCriteriaId":"852917B3-AFF7-4465-873C-5D5A10F7966D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6E28F78-6BD7-4E2B-8BA3-2637FEB09DBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei:-:*:*:*:*:*:*:*","matchCriteriaId":"A18D05BE-FE30-4041-A250-1F26825C591C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dei-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9AB27667-74A7-493E-8B98-4B1836779245"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dei-t:-:*:*:*:*:*:*:*","matchCriteriaId":"841C9D0B-F0AF-411F-BA06-2432BA24B275"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dem_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AF9BD95-9BA9-4949-A7D5-028BE528E81F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dem:-:*:*:*:*:*:*:*","matchCriteriaId":"E3A34C5B-89B4-4DC2-A8CE-9257B450D79E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13det-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"76182A30-365B-4183-A3D6-24B43A1DD5A1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13det-b:-:*:*:*:*:*:*:*","matchCriteriaId":"EBFC9589-DF31-4D9C-B50E-11503F99C618"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00D7B8E2-ECC7-433C-9BF8-30DB2DD9C904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"70E0611D-F0DA-44DB-8D43-C9249B6106DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13dsf-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"979A6750-1575-4E5F-B440-620D8623F0A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13dsf-a:-:*:*:*:*:*:*:*","matchCriteriaId":"CE647392-5307-4D6B-BAC0-4533BC4A4801"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13qeh\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FAB88534-4CDD-463E-8004-688F16BA3C03"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13qeh\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6560D7C5-8D62-4634-8E2C-CB293BCE3126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7BE8C5BC-7C49-4139-9D21-78463D7DC775"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae:-:*:*:*:*:*:*:*","matchCriteriaId":"F36733DC-9633-41C9-BEB6-AA1630FCB9DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"45F2F46A-C272-4187-BC92-248F7BEE5DCB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B6AE36E6-C235-4524-A5AA-C26AD5B8AEC7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9FE5298-F64E-4333-A870-C9D916562250"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c:-:*:*:*:*:*:*:*","matchCriteriaId":"74BCA069-8DFA-4441-AA2E-2861C01A4A6E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1460E0F4-1786-4C80-AAD3-0DC3229B0863"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"2B2C7E3F-7E79-409C-AA7B-29361EB96516"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B35449E-A228-46C0-8FB4-AC1052ADDB7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e:-:*:*:*:*:*:*:*","matchCriteriaId":"F3E8F060-82A0-49AF-AC11-69ED96403CA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0554C8B7-A7C4-4850-9C2E-3DCAB3530AD0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"9551D604-528B-4942-B207-37E851F64690"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00FC5F1A-ACB3-4F63-B276-B92EAE871ACC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h:-:*:*:*:*:*:*:*","matchCriteriaId":"87F176BE-5099-49B2-B658-7A8F2BFF793E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7BF68EB-AFC5-49C7-BF62-416E7EFD638D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"3378D8AA-EB40-4F73-83CD-765FA4A4DC6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1729755B-724B-4D01-B858-60216C580CD6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l:-:*:*:*:*:*:*:*","matchCriteriaId":"96CBF59E-7865-41A5-8952-512FD13F1CD1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13san-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2390C99E-41A6-4A56-B89E-15041AEEF467"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13san-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"66765BAD-8F07-492C-8740-25FBC4DB0DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DAA5324E-0383-4022-9E85-36DEF93C3CC4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saq:-:*:*:*:*:*:*:*","matchCriteriaId":"4B8AD410-AF0F-42E0-B60A-71BCBB6BC3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"764B379D-46A1-49FA-9BB7-C024F3F165CC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7C2F5EDC-CFD5-41F5-9EAF-FB5CB6E9764F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sav-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"00ED42A1-6577-48D3-ABF0-B3ECA79023F1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sav-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AE3C2846-5816-4773-B73D-4B36A6B24542"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0C33B135-B212-4F75-A0B5-615CB437B782"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"A97110CA-8623-4EF4-90DE-9356D5E9311F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13saz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B994482-2AC4-40DE-92BB-81D50EC62073"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13saz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"909438EF-7652-4184-9DB8-CB2E45B300A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sedw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97AA39B0-E63B-4CCE-82D2-092A075D6490"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sedw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"46BE300F-CE76-45F4-BFBF-6CA857E593CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A793DE0A-83C2-4EC1-AE60-C77F2BBDD73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-f:-:*:*:*:*:*:*:*","matchCriteriaId":"241D4911-2240-42CD-8F52-F7B66CBE0CEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13seed-sf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAC88C3E-9A6D-43FC-AE3F-D1630D3B00EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13seed-sf:-:*:*:*:*:*:*:*","matchCriteriaId":"A3C13F43-A756-4395-9FC9-CF4DF74B3393"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sefr-a_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4C41416B-7DC7-4CE1-B269-BAA9EE844C2E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sefr-a:-:*:*:*:*:*:*:*","matchCriteriaId":"509CD460-D28B-4267-8E6D-FAC4F2332AD2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A8277A30-EB1D-44B0-8B86-0EB1F9FE1238"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-f:-:*:*:*:*:*:*:*","matchCriteriaId":"95E7BBBC-A310-4F66-874B-1A7A8ABA1BD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sei-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6326D9F2-F77C-4EBE-9238-93CE8977F7F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sei-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"403DBCD1-9A34-48CF-B610-62E6369118C9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A4C3FE24-FCD0-4376-BF5A-58A9559EBE67"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BBD8D5E0-0545-47AA-9A16-566D7EC2CD8C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sem-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"42D566FE-B728-499C-99AC-197C2A8B8647"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sem-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9825E801-7F77-479B-B8E6-751AAD67E8DE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65FF4FE8-BC6B-4158-9C77-E43B01C382D3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-g:-:*:*:*:*:*:*:*","matchCriteriaId":"0E19D0CC-9619-4F17-B7B8-CD94A9583682"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13set-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BB74893-3F83-4B5D-AA17-AA773C58C2E5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13set-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"625C3534-DE49-4833-AC7D-4B12A3B7C4D3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3445CA19-640D-4493-A0C2-A36AC853D2DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-f:-:*:*:*:*:*:*:*","matchCriteriaId":"996E89B5-0F5D-49F1-8F1A-CFDD698B6709"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sew-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF6C8519-1FFD-4BD8-9FB5-BD8124B1DAA6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sew-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"2A880465-2345-4807-832A-C277A3B12224"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13sra-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B40FE641-15F4-4BCB-9438-9D87504C36B5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13sra-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FCE31EC0-1E3C-404B-8202-451F7708DB85"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"93700262-0646-45A4-8D10-46F9F7167D78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"5F6E7176-6F39-406C-BAD4-E244CA46E8CD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"79E512EC-73A2-499F-8EF3-786DC0E2CAB7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E95DFD86-177C-405C-B738-08A22770BFFD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EA02E576-E217-4971-8E5F-A970C877F35D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"90A4FB92-627A-44BC-8ADC-BF1AC00DA889"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13srn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7DCB5B5-5C83-4C67-946B-71C705418FFC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13srn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"AF9C1975-29A8-44D9-998A-01770D5FE776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x13swa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"07524755-F1AC-4185-9494-91C1361E3000"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x13swa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C2EA1F0A-9282-4BBA-8752-FE0E14B5A9F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpe-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11D3CA26-0BB8-49E6-B2F7-0ABFD1036220"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpe-6:-:*:*:*:*:*:*:*","matchCriteriaId":"CE507AF6-C51D-41F9-B7D3-97F5E2C92EF9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12dpt-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"60436593-5D82-4956-AE33-31BBB0F03B54"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12dpt-6:-:*:*:*:*:*:*:*","matchCriteriaId":"D73CE868-F4FF-4645-AD2C-5CC8064A1632"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:b12spe-cpu-25g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EAE6D577-66CB-48FD-8B07-8ADCE788BAB2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:b12spe-cpu-25g:-:*:*:*:*:*:*:*","matchCriteriaId":"B9D8065D-2076-4DFA-9156-486EC6DC3521"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5021B9F2-BE6F-4EC5-8820-CD7B79DB44F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"6BE72168-E2BE-4E5D-99A3-E5874FB027E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dgq-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"039BEF08-D29A-441A-83F9-3918895446FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dgq-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C9BF14BD-5E65-4C3C-ABD4-E7D26AF05D25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-o-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"22789C3E-DCF9-491F-9F3D-FCEFB9700655"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-o-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"55A8A11C-8FE3-4789-A517-F1E14FC2710B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsg-q-cpu6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A7A1BB17-DCB8-492F-B560-30BC66E3ED6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsg-q-cpu6:-:*:*:*:*:*:*:*","matchCriteriaId":"44FE8EFA-41DD-44FC-9786-3AFC6AB828D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D666C96E-79E9-4932-AA62-22B856379AD7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9892D863-F361-4511-BB61-61398CB8360F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CC212365-8347-4152-B789-1919B7766469"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9E11E3D-B003-489B-BCF2-76CEB30EB6E4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dst-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"473D1854-189A-4644-B3BA-69F812522F58"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dst-b:-:*:*:*:*:*:*:*","matchCriteriaId":"8DF3E668-0CF8-404E-8A08-EB2CCB1D2489"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B2023BD6-2172-4F45-8D14-BF64FA9E345B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-in:-:*:*:*:*:*:*:*","matchCriteriaId":"F019FB2C-63BC-417A-81E1-E852C052007C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12dsu-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5ED2FBFD-5B1F-4CC7-8B5E-6C65FD5A9E7D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12dsu-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C2DB5BC9-8633-4148-9EF9-D9564B184722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssff-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A04CD567-D448-4C4A-AC98-E908726CD7D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssff-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"8CDF0E3C-8205-4179-B0BC-CDC00BE5C3D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999F91F7-3C2B-4807-93BF-7D4ADB5A7C16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"EA767312-A7E3-4BE5-AF2F-D2B69756160F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB34D33A-1361-4BAB-8603-31E1C0B0B8D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CD0EE294-07EE-4ACD-A189-2F48667BD901"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssg-anp6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"72FF16D1-A625-4A0D-8541-0C51DBDB9A64"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssg-anp6:-:*:*:*:*:*:*:*","matchCriteriaId":"1558880B-8A49-4212-AEA9-A525FB454E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B09A2193-C82B-4F5F-B058-ACF5BF590F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-c:-:*:*:*:*:*:*:*","matchCriteriaId":"5C78D0B4-958A-4874-8540-9C622BEC5444"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-ct_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"414D34DD-39B3-43E0-876F-B297897F3F29"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-ct:-:*:*:*:*:*:*:*","matchCriteriaId":"50943BA5-0DAC-4246-9287-CA9DD9D05F9F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AECDD073-7DE1-48A3-ABD6-5635EABD7097"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0B9CEA83-ADAF-4659-88E9-D0056EB699BC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssl-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"165ED5F8-50AB-468B-B07D-85A7E8B26EA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssl-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"7D1F99BB-1F02-4CA1-8C5A-A69F4674D4B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12sst-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B0736CC8-B905-403B-8BFD-141BF8613752"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12sst-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"AF330665-9B9B-4B0C-92C8-427D4B7A77AE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26F41B3C-3B97-4A1E-8AD5-21FBEC32FB18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"CCBFB445-EBAF-4A9B-A2E7-9B88CF4A2EB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-in_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5127B859-8891-496B-BD31-112D1EE080B3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-in:-:*:*:*:*:*:*:*","matchCriteriaId":"FED457FD-AB0F-4829-9C4F-C00F9127E293"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB6A08EB-A53B-44BE-ADF2-C59ADD078EC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inl:-:*:*:*:*:*:*:*","matchCriteriaId":"30940045-B6F5-4AB8-A761-234A9049D48D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-inr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F46E654-5707-4D7E-A7E1-B0BE9CD73623"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-inr:-:*:*:*:*:*:*:*","matchCriteriaId":"C80067D5-61BA-48ED-B17C-5EAB04AB0CB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D4CF1A5E-9B2C-4BEA-A366-BC1897B2C184"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"A63737C8-F51D-48B9-A926-161175424379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E1793679-E7A5-430B-8DEC-20E74E05954A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntl:-:*:*:*:*:*:*:*","matchCriteriaId":"7B3555A1-5FFB-416D-ACDE-1458E655EE5C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:h12ssw-ntr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"404D7E94-878E-4600-9EB4-CE17667D2911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:h12ssw-ntr:-:*:*:*:*:*:*:*","matchCriteriaId":"34E1FE8C-4916-4BCB-BE13-FFFFD1EFC611"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dai-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AAEA8DAE-D366-491D-ADB9-F4BB78C4573F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dai-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"7CC667F4-B046-40FD-8F10-0BAD14B41430"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ddw-a6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2064B555-C880-4878-989A-2CC6568A76AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ddw-a6:-:*:*:*:*:*:*:*","matchCriteriaId":"2D56F5ED-B7B3-4B8D-83BC-0CB19BD8F66F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgo-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C0A7FEB4-6372-42BC-8A3E-19DE64450D7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgo-6:-:*:*:*:*:*:*:*","matchCriteriaId":"169EECF4-BA7F-47CB-80A4-848A79EB552A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgq-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"95476FBE-B4F7-42FE-A060-5CD460C6443F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgq-r:-:*:*:*:*:*:*:*","matchCriteriaId":"A5262CF8-A96F-4E95-A83A-663A60551A10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dgu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"88302A23-02AB-45D7-A3A5-BFD2691B1AF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dgu:-:*:*:*:*:*:*:*","matchCriteriaId":"DC634195-B8D1-4410-8A36-54B528F5E818"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dhm-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E18662F3-F773-47CB-83A4-AD0B67A66CF8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dhm-6:-:*:*:*:*:*:*:*","matchCriteriaId":"1C586A8C-FF1B-4BF0-A8C1-C6A10C0EE16F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpd-a6m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E262D39E-CAB0-49DB-9533-CD16F0D4AB1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpd-a6m25:-:*:*:*:*:*:*:*","matchCriteriaId":"2A3966B3-FF26-41C6-BF93-FA31E1C09A84"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpfr-an6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F72B7AA8-BBD5-4490-9184-E9CE3DFA2E95"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpfr-an6:-:*:*:*:*:*:*:*","matchCriteriaId":"7D03BF5A-FFE9-45B1-8C2C-C8128BCBF3D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-ar_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EFDD3D77-9464-464B-A977-625879DA6ABC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-ar:-:*:*:*:*:*:*:*","matchCriteriaId":"87EA78EF-87FB-4B52-8430-0F6042D4DD03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D3A7A28-2F1D-4ACB-9515-27FC791465E8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6:-:*:*:*:*:*:*:*","matchCriteriaId":"51770E5F-7560-4D1E-BA72-4F94CA07E477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-oa6-gd2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCA6DA60-4E67-4423-9F41-4A0EC3675746"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-oa6-gd2:-:*:*:*:*:*:*:*","matchCriteriaId":"D54118C8-4C75-4C95-8055-6B072D66D8D4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qbt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5AC0E6B1-94D2-4C2F-BBFF-97B6490B696B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qbt6:-:*:*:*:*:*:*:*","matchCriteriaId":"923D2191-4164-4DD2-8C20-DBE60FF4B3BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0BA33430-2D60-4139-8CE8-B0DD45C749C7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qr:-:*:*:*:*:*:*:*","matchCriteriaId":"170BD2F4-5084-4134-A307-6C7AFB82E6C3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-qt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0D0E650C-AE7C-48E3-959E-11BB9FD45027"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-qt6:-:*:*:*:*:*:*:*","matchCriteriaId":"C83564AB-8D23-4352-AF0D-30B408F54DD8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpg-u6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B04F1D85-B26C-4BED-AFD8-B9B4CDAA465C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpg-u6:-:*:*:*:*:*:*:*","matchCriteriaId":"E445164C-B4DB-44B9-9CE2-122BC6616563"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-n6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"65E5E52B-2E68-4006-B10F-32000CCE419F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-n6:-:*:*:*:*:*:*:*","matchCriteriaId":"9FA07B5C-1194-42A4-AF6C-3C3B7F880477"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpi-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2E1E04AF-DD68-4C7A-A73C-199F31ACB7BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpi-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"A9BDD13D-5287-4536-83C7-1ED806E8AD45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-i6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"999BE14F-54EA-4A0B-ADEB-9D7338D00CA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-i6:-:*:*:*:*:*:*:*","matchCriteriaId":"6606E793-BF7E-4148-83E3-2A6DF823AC50"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpl-nt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9878B129-167D-4D3B-BF70-BE7B5D011EE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpl-nt6:-:*:*:*:*:*:*:*","matchCriteriaId":"80675EA0-674B-4BDF-B502-FAA90B4E07B1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-b6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"11148105-FDED-413A-BAD3-3CCE29267334"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-b6:-:*:*:*:*:*:*:*","matchCriteriaId":"1762A2E5-9BCD-4832-9D6F-EFF6FC09A379"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt46_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F571415A-618B-44FE-A4C8-D183317C85DC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt46:-:*:*:*:*:*:*:*","matchCriteriaId":"BA40A9FF-75AC-4B47-8C4C-DE571753F0F9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpt-pt6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B68134A-0D7B-4C09-87F7-E973113FA867"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpt-pt6:-:*:*:*:*:*:*:*","matchCriteriaId":"ECEEE89C-A717-497E-AE60-FECBCC856DC0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dpu-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85FC2F68-71B8-44C1-9D03-6A4167E10979"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dpu-6:-:*:*:*:*:*:*:*","matchCriteriaId":"5D5EE5C9-4E57-4C7B-A385-494AB2E45035"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12dsc-6_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8F0C7DDF-BAA5-4639-90C1-25DB26F5075C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12dsc-6:-:*:*:*:*:*:*:*","matchCriteriaId":"0FE3F996-E887-462F-9292-18B7DB6D45FD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12qch\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"19632406-A07D-4296-AD18-AFAA55441DDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12qch\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"5F2FE423-DE41-408F-BD8D-66D47FEAEBA6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B3801897-A401-4892-A4EE-FF5E3D724082"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae:-:*:*:*:*:*:*:*","matchCriteriaId":"A1AAFEFE-7162-4563-8B52-FD722A929608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sae-5_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEC86047-62B1-4225-8EE7-D94081CE2763"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sae-5:-:*:*:*:*:*:*:*","matchCriteriaId":"317170CC-173C-441F-A949-333638B2FA55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-5f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"818F20E9-05EC-4FB6-B921-091F381247AD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-5f:-:*:*:*:*:*:*:*","matchCriteriaId":"768D9AB1-4E20-49D6-9EEB-4DE51F9288A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"753E5810-B93A-4B6F-9C88-28FD1F259045"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F023A6FB-2560-4B88-AFD2-95804630A2F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB2C3E6A-1A6A-454C-9D04-97D3B5E44E59"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scq:-:*:*:*:*:*:*:*","matchCriteriaId":"AE0592CB-58A5-4CC6-BE47-BDC50F496962"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1512D28D-3435-4A6F-98D7-8ED74C1B8C5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"55F9B346-4C9D-4F23-ACB3-EC5B4C3271EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scv-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64A13C56-763C-4C6C-B39E-5D8DE5AD1669"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scv-w:-:*:*:*:*:*:*:*","matchCriteriaId":"F70FEFBF-F3AB-492E-9802-A5E804C6E1F2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E4506A1E-68C8-4F90-8BBF-A97A135B794F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8B6C62F1-063F-4B9D-8FFB-2A32EE5FD7F4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CF94E3-762B-45BC-8BCA-87B48EDB9566"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"9EE82B1F-8994-4E4F-A515-6357A1645129"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12scz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4036CD43-52D9-4759-8436-2C29921D0D39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12scz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"C06348E2-5AB3-4DFD-A2DF-7BD64C12ABCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB766E78-6CA7-48A8-B7DD-3FF659111AB4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"E61BA137-62D3-488E-842F-CE5F71A62916"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-10c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"159158B7-6172-4762-8523-3E9CA651FF68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-10c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"E31BC56C-BEAD-4CEA-8EA1-244074825CF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-14c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"37E4FA14-75E2-4F18-9CF2-7954067594A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-14c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"0DF63207-0C8B-4AE4-9C58-0B3906AF56A5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-16c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"797C28CC-ECB1-473C-91FE-5B8C90F483E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-16c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC72465-7062-4111-AFFB-14751D981772"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-20c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E06E7506-52CC-46BA-8A54-748954E3CE9E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-20c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"4F701465-E472-400F-AA8E-A23A1636458E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"38E0B686-1605-4D34-B98D-46CE5DAB5C57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"27886D70-CD59-451B-A22A-BDA9C216DA4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E2E7C775-A494-454A-98B8-A467DB06FEDD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"ED0E2C8F-D697-4108-9ED4-C6EAD305003C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-4c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E9B1AD70-057A-489C-B8FE-974D345E26DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-4c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"45F512E8-77D1-4DAE-8B62-CDFC3F36C30E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-sp6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FC4613BC-7233-47EF-A70A-010CB5FF1E66"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-sp6f:-:*:*:*:*:*:*:*","matchCriteriaId":"C701DCE6-0EC7-4DE5-BFA6-5ED582D13C4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"24427B55-1AC8-4020-A6F3-C57C173DFBFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt4f:-:*:*:*:*:*:*:*","matchCriteriaId":"F4301217-8703-4D98-A7FB-F45DB4C9EA59"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8c-spt8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CD2B0693-E855-4143-89CD-0061040A2BF9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8c-spt8f:-:*:*:*:*:*:*:*","matchCriteriaId":"A88762D9-3E01-4B25-868B-173040EA440B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sdv-8ce-sp4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"43396497-7840-4BF3-B625-D1BFBE6AB60A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sdv-8ce-sp4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5FB32C1B-1A46-4976-8D71-53BFF8F1429C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"639B97B4-E339-43EA-9911-99721C406698"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"C4ECEAB2-4D8A-447B-A622-E8E3282C1651"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sped-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F18CE69-1024-4AC4-85CA-16D6FFC4CAB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sped-f:-:*:*:*:*:*:*:*","matchCriteriaId":"ECB324E7-F72B-41C7-9E63-4E9AE39420EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spg-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FB4DEA6C-25F6-4374-952F-5BA98386FF01"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spg-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"22E9404C-5FFC-485D-A94E-1F7C4F68B0FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1DD61F91-4407-4387-AF48-4FF97538F074"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"CA46A96E-0E1C-4AD0-A7BE-06A65C4DD75E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"73A298C7-5BE0-43CC-817D-1C7FAE38F543"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"15FE00C9-77B3-43B4-A548-9C4F0FA83ABD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C880CF4-019A-4270-830C-A0008854FB77"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"D01A53FA-F307-4B49-B803-DD7E3498BD00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2B1D297B-735F-4715-8E1D-36C2551D5CDE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DEB567A1-A336-4B2E-8B35-0EE3F5B37ECD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-ln6tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A06CA5D7-4D15-4F8C-BD44-8CFD10675911"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-ln6tf:-:*:*:*:*:*:*:*","matchCriteriaId":"9766735D-CC06-446C-A6C9-C4A5671EA356"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46CDD49A-4C1A-428E-B2B1-8C15F3D7DE96"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"AF8F8046-D474-4A41-AC0C-93C43BAFDCA5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C41502B0-419A-4EEE-A3D0-2226297E8DE5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-f:-:*:*:*:*:*:*:*","matchCriteriaId":"9D374750-F0F1-4F04-B127-7497DE767B19"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spo-ntf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1774E077-1D08-42B0-A24E-614EB4EAB7B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spo-ntf:-:*:*:*:*:*:*:*","matchCriteriaId":"77BFF598-DB0F-4696-9787-2216817F9DC5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-g_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BD1A08D9-3A35-44A2-9B62-04A16421E1C6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-g:-:*:*:*:*:*:*:*","matchCriteriaId":"414CABC0-9708-4C42-AFEE-03296D916319"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-gc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"17A95DF1-0D00-4336-8685-ACE4CDEEAC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-gc:-:*:*:*:*:*:*:*","matchCriteriaId":"872EACFA-9A11-4801-9D97-7875D32F2E5E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spt-pt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7C5C3377-C72C-49D2-B9CA-C6CBF99375EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spt-pt:-:*:*:*:*:*:*:*","matchCriteriaId":"27DB6C75-ECB7-453F-9A1B-99A962A13E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EB67B3F4-7D78-4CA8-8F7E-3BAF483CB930"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"53FA6DCE-6515-46FF-A347-B6C429003DEB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"81620B39-4A78-4F55-B4DD-D83C4AB4FF7C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"887FC02D-8065-44C9-A3B2-1FEEAF3EF56C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77487F7D-935D-423B-B434-89893474EE11"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C067EC2-DA00-4D87-8903-C99E7058710D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12spz-spln6f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"282989D0-D5D0-4A89-9706-55289395BF27"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12spz-spln6f:-:*:*:*:*:*:*:*","matchCriteriaId":"A450B280-D321-41D7-8B9D-B8F3C8B3B786"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12std-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"10F85E07-0BF2-4F58-8F3D-BBA7EE67AD56"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12std-f:-:*:*:*:*:*:*:*","matchCriteriaId":"BEC355A7-ED7C-42DE-A7B5-76A21BD361EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12ste-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E055588E-65F9-4B15-B01F-031C74BD4A1A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12ste-f:-:*:*:*:*:*:*:*","matchCriteriaId":"89049FC0-7786-4E8A-BF6A-56F70BCBADBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7B188DD-1C6B-4A5F-9E2B-61435693218E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E76F1D7E-DC1F-45E2-BF79-8A33D5670DF1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E391C4E8-CAE8-41F9-8831-559E4DD66AF1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"DAAA4AD0-D2B9-43E0-A77F-9A75E242FDDB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12sth-sys_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C12B7637-1E8F-44BF-939F-155701C182D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12sth-sys:-:*:*:*:*:*:*:*","matchCriteriaId":"20712495-C1FB-4332-B5EB-B68CB951B05F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"21C67B23-0146-4E42-8380-BADCF0FDAF5F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"01576524-4AE1-4CE5-8909-8A2BBE579638"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"64BFAF49-C93E-40B1-B5C6-2C45102AD111"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"3CDBDBAC-14FF-46CF-8E72-C8BD9B66A475"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8DD20453-A699-4FAE-9144-CD35DCB1636B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"375F89CA-3F0E-4DA1-B044-93312B20561C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AB356E7-1F23-42A3-8348-9D95FF3C3B40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"C6C5E4B6-7AC4-4871-A43C-1233B84FD769"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4D5C7EBE-985F-40E8-920D-8E9A8C737B81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"C40F79C0-3501-416E-A2B3-9C70D651E6C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"916310B5-8364-499B-82B1-03816A75C709"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"834FE721-032F-462E-A12A-1FA38D1C24D9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E38FA954-FA36-4B54-A06B-834CC2599B2A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"08D3196D-E172-44D5-9949-451500B51C10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"97A64327-AC40-4DA6-9012-4AF88C73A758"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"8EF75784-1632-4F72-8B34-1B3B6A6331E9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7CB43433-8039-437A-B819-77193A5C64F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"7370CC87-C0E3-4B7B-B01A-564764122E86"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"062E8B5E-A345-4E19-8E91-F7B06B5752CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D7CCE200-88DC-42C8-953D-4E422013708F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30A9396C-B4B4-42B8-9316-BC096B04C458"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC3642F-DF65-4764-AFE1-96AF932266DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x12stw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B78F8FE-0170-4CC6-8CAE-98C1A885F702"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x12stw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"E906BDB2-075D-446D-A86C-B9D3B9E25216"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dac_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4BE50492-07D8-4D1C-8AF9-763F25997CCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dac:-:*:*:*:*:*:*:*","matchCriteriaId":"D3600406-96B2-4E52-B5F9-9ABCED307EEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dai-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8633825D-939D-4826-A1BC-854ED2358A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dai-n:-:*:*:*:*:*:*:*","matchCriteriaId":"0C5967E7-B9A7-4F23-B966-51F5C82B2529"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2DBD8FD0-2033-4486-B19B-3A65F8B96F16"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-l:-:*:*:*:*:*:*:*","matchCriteriaId":"94B75335-6871-4FA6-AC30-1C121C91195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ddw-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"992113EF-3E48-4F43-888F-A072499405E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ddw-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"3EFD3B3C-F46E-4B27-A16B-154DB9740ED4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgo-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61080B7E-47C7-4E4B-B9D4-E87F8AD13F7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgo-t:-:*:*:*:*:*:*:*","matchCriteriaId":"0093BCEF-E0F0-415B-8267-01B5D71F2E61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dgq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6E07FCDD-A555-4FB1-8528-DC291A6B7989"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dgq:-:*:*:*:*:*:*:*","matchCriteriaId":"D77FE66F-DB11-4B35-8A60-943FA5803F14"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"416018C7-D968-4697-BB23-7D7C3F56307B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-l:-:*:*:*:*:*:*:*","matchCriteriaId":"28A547F9-4267-421E-A569-D73F937D6CB4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpd-m25_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E31A20BA-EF06-4BD6-B22B-E6C14C5394B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpd-m25:-:*:*:*:*:*:*:*","matchCriteriaId":"7FF70FFB-8D20-4C4F-90B3-8681F94A6C0E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F0763501-BAEB-48FC-B74D-BCE5046C5011"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"05703141-3375-468F-8F03-AFF548E95A39"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpff-snr_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1577F719-7CA4-4386-A22B-6BED1815EA2C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpff-snr:-:*:*:*:*:*:*:*","matchCriteriaId":"1610EF6F-D8A9-4AE4-AFD8-D8D82654E38E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-s_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7D9E2486-03BD-45DD-916A-AD72CA3E12CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-s:-:*:*:*:*:*:*:*","matchCriteriaId":"DAD78F27-1418-46B2-95D7-7A2DA82FFD88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpfr-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"540B3344-9C8B-40FB-AF8E-88AC654C928F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpfr-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"21FB236D-9777-4318-AE9D-3D565992E6BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-hgx2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6753B838-73FA-4F3C-9851-EF3FCF6B4071"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-hgx2:-:*:*:*:*:*:*:*","matchCriteriaId":"20492DE1-0D08-4769-83FF-16985A6E90F7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-ot-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C7554A27-12B6-4D35-BA9B-07F8BB2FD237"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-ot-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"1EFF8666-E52F-47ED-9330-11E36A75495C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-qt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"356257AB-4E25-40E0-B4E6-189CF1C9E958"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-qt:-:*:*:*:*:*:*:*","matchCriteriaId":"8E309A80-F6FE-434D-B3EB-4593F18367A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpg-sn_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5BB2814E-3A02-42B1-BDC9-416452258F18"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpg-sn:-:*:*:*:*:*:*:*","matchCriteriaId":"2C31C72A-AEF5-4F28-9EF8-00A19A39E7AA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0CB2C0A8-13DE-4C20-AF87-8B7CF51890D7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-i:-:*:*:*:*:*:*:*","matchCriteriaId":"F149C888-F3AF-49D4-BBBF-99ABC8E8CEDE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F21135D9-BB90-47DC-B984-6E0843510DC8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-t:-:*:*:*:*:*:*:*","matchCriteriaId":"9780452F-4264-4069-9378-FE7F01D7ED1E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dph-tq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3567527E-5FC8-4E42-BFB3-4BF0FA7CF0FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dph-tq:-:*:*:*:*:*:*:*","matchCriteriaId":"03E3CB77-7874-4B9B-B6D9-69D42304D6BE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-n_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"52D9057A-9494-41B2-9AE7-1E321BE1F556"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-n:-:*:*:*:*:*:*:*","matchCriteriaId":"8CEB1846-2BD2-4326-BD22-14DDD05BB7BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpi-nt_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CE98E3AD-C668-422C-BD10-D7C813A38798"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpi-nt:-:*:*:*:*:*:*:*","matchCriteriaId":"F5553A6E-4BCB-4EC1-B002-EDDDD313F4E1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpl-i_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"27BB425D-F131-4F4C-AAB9-A0E31E072A9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpl-i:-:*:*:*:*:*:*:*","matchCriteriaId":"0EF59606-20D1-4E68-AE55-DA3F7101654F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dps-re_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F562BE69-049C-4C9F-8E6B-EF46193F4D30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dps-re:-:*:*:*:*:*:*:*","matchCriteriaId":"ED8E7045-1721-4629-B92C-F35C0B074245"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-b_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FD5A0214-AA78-4957-AD08-B545D672672E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-b:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF7F546-1D85-4F99-9CFE-6F997402028D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-bh_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"39C8AE86-11D2-48C8-A068-10008D227EAB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-bh:-:*:*:*:*:*:*:*","matchCriteriaId":"5F00FAD5-FBDF-4239-9B1C-C012B5AC546A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-br_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1B9D103C-EA4C-439C-82E4-9B8C5AAD8E51"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-br:-:*:*:*:*:*:*:*","matchCriteriaId":"7710C62C-BFC9-4D9B-8EB1-A41273C06BF4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05760878-E696-425C-8363-C6303DD6388A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-l:-:*:*:*:*:*:*:*","matchCriteriaId":"4F14E33F-DCD7-49D4-B0F5-AF924A87CC53"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpt-ps_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF579C83-C768-453F-B7D9-27C2005146A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpt-ps:-:*:*:*:*:*:*:*","matchCriteriaId":"749EF1B5-F6A3-493F-B920-8033847BF037"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D17A0787-A669-4566-BF40-4EC9131AA557"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu:-:*:*:*:*:*:*:*","matchCriteriaId":"609DE3AA-044C-4B20-8A27-A507F4A11279"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-r_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A6E571AC-93BD-4079-AC51-125778A009FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-r:-:*:*:*:*:*:*:*","matchCriteriaId":"2FF46B33-1765-44B9-A9B9-C3A97B5AD384"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-v_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78E18E61-4068-4162-88E3-47D44BAA8497"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-v:-:*:*:*:*:*:*:*","matchCriteriaId":"E125C5B7-7BB6-47EB-93A5-CA15FC082198"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-xll_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6A906F07-7207-4674-A494-06C4E5134DB0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-xll:-:*:*:*:*:*:*:*","matchCriteriaId":"B3CB5CAA-C9D1-4508-BBE6-2546F6017715"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-z\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"304B5920-89F2-4FFB-9F61-6BBAE035E462"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-z\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"4ED5B015-0DB1-4E55-8C22-6DCE0BCC00FB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpu-ze\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"44F2BDAF-65AA-4845-BA04-BD0C3F1D09A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpu-ze\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"01852618-551E-4051-90E7-7A3386804A76"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dpx-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6664EB3B-0C03-4435-8456-DA5CF230BD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dpx-t:-:*:*:*:*:*:*:*","matchCriteriaId":"3DB9F79B-70D5-4084-8DBF-E13CF76B77B7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"697C92B5-B730-41CB-B656-5FBEA314255D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc:-:*:*:*:*:*:*:*","matchCriteriaId":"5786F44D-9EE5-4C0B-9C01-F0D46762F7E2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsc\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3B4398AD-AA39-4044-A9B5-99481B8E2711"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsc\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"6442E1D1-53D8-49F4-8D51-08CE45850A77"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsf-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"297D1AD5-0139-4405-8ED8-AF4F5F96D56B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsf-e:-:*:*:*:*:*:*:*","matchCriteriaId":"BBDD9667-CE5C-487D-BC40-506D3722AD4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-ts_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3C92890C-1FC8-4FD3-AAA7-38FC798C2C39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-ts:-:*:*:*:*:*:*:*","matchCriteriaId":"EA8F01F8-FA29-4E46-858F-149F94C8DBD4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11dsn-tsq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F4E875ED-157A-496D-849F-5E11E736178E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11dsn-tsq:-:*:*:*:*:*:*:*","matchCriteriaId":"DECCF4B6-A0FD-419E-A61B-7BC023555E7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"132E6AA4-EEFA-41BC-9535-4CBC915DCDD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu:-:*:*:*:*:*:*:*","matchCriteriaId":"27164AC7-6D07-4D0D-AE90-8FB4C2498E6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11opi-cpu-cl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5276403F-DBEA-4929-B0A0-7E240C22762D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11opi-cpu-cl:-:*:*:*:*:*:*:*","matchCriteriaId":"A5E14473-022A-4472-8742-4BBB97A90047"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qph\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5597372A-F3D1-48C8-9C75-A3107D2F912A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qph\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"E534D7BB-B73D-45F8-AB1A-CDC55B05D237"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11qpl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A46D5ED0-D590-4EC3-83BE-837ABB638A71"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11qpl:-:*:*:*:*:*:*:*","matchCriteriaId":"8E668445-7698-42D3-87A8-C82FFAEDDA40"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11saa_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"04EF0829-6E03-4AEF-A970-0E5F1C06FB05"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11saa:-:*:*:*:*:*:*:*","matchCriteriaId":"97B2B57C-0599-4CD5-B886-B51907406530"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2AE7457A-733F-4714-A741-E37C6847D5F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae:-:*:*:*:*:*:*:*","matchCriteriaId":"450DA6E7-7E1B-4E3F-916D-A04E8A64C9E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8FC62932-8F3B-457D-AF1A-18F93007D765"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DED254-4F7C-4BA3-BDB4-C20046F1801D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sae-m_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1349CFA0-2294-4EC3-ACCB-E202FBBC7F97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sae-m:-:*:*:*:*:*:*:*","matchCriteriaId":"DCC976BD-381E-452C-ABB6-E90F7D39FB31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D1FECC94-F089-4A55-A1E0-5CD2DA011DEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san:-:*:*:*:*:*:*:*","matchCriteriaId":"16146E8A-A13C-4347-82B1-AD2FD7EEE710"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11san-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35D0CE32-106C-485A-8B2B-111FCBCFFC20"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11san-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"BA94D270-1820-4325-ABAD-EF8B42D56DAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B8886ED3-DDFB-44C0-870A-EF5E6F923921"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat:-:*:*:*:*:*:*:*","matchCriteriaId":"F3F363C3-ACFB-4A15-9076-1C03E92DB138"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sat-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B93A5C2-9662-44D1-8DFD-562C844DB611"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sat-f:-:*:*:*:*:*:*:*","matchCriteriaId":"2F1C47C2-E481-40FF-BF6D-C327C1ABA050"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B448A736-AECF-4550-AB70-22A8BF030622"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3FCF6EF1-D3E3-40CA-8AE4-BFFF37964541"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sba-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4D1A46-7763-4FEF-B32E-29494755028E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sba-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"2C15EA79-AC77-4254-821E-DCBD4748E73C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"61C8DCC0-DA05-44C2-BD5B-BA2BD2664A5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca:-:*:*:*:*:*:*:*","matchCriteriaId":"C2521B38-3BB4-4B96-AF7C-6BF429F0FC9C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ABD3DBBD-BF92-4BAC-ADC3-B3002571533D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-f:-:*:*:*:*:*:*:*","matchCriteriaId":"577067B9-0F45-4A40-A75F-C7FE9B2B8855"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sca-w_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"14FC8981-EE22-446C-B3BA-43D4EA25F275"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sca-w:-:*:*:*:*:*:*:*","matchCriteriaId":"683EB125-0F49-4199-9244-F17ECA6F6C4C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C89DE7EC-9EB2-40B0-80F5-8BF3527B74FE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"C89CC49B-01DE-4888-B0E4-B311C0F3F789"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sce-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5739500-AB10-4CE2-95E2-F65EA2D2B779"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sce-f:-:*:*:*:*:*:*:*","matchCriteriaId":"4BF53152-845A-4736-8FB0-C672D8A83F68"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D70CE1AD-78BF-432A-84BC-5FD6BE4B6E5C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6E9B23E2-2E68-4E1D-A8B5-BAFB00DFB4BF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sch-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"46071A5E-2291-4621-914F-3CBB3437036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sch-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"071A5B7E-6525-44DF-A612-DB63312AA3A9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0042216F-C5B6-4478-83D2-229E24ABF2FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"D1528A2C-3983-4CF9-B365-7F307B93E466"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB27048F-10BC-436B-A139-C33F861C3846"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-if:-:*:*:*:*:*:*:*","matchCriteriaId":"98595EB1-0B54-4E09-BAB1-4A37BCBB941A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scl-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"82DE3F62-F590-4293-8588-E47204D083AF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scl-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"586D8457-A684-4410-A48A-C5545F5B2003"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F63FE7EC-D7C5-43EE-9053-AE364588E98C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"3B7B927B-1B10-41CC-8C8E-0DA456082C63"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scm-ln8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"849E1220-EC92-41B9-B27A-8B9E4EA04F6A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scm-ln8f:-:*:*:*:*:*:*:*","matchCriteriaId":"D0176160-C4E3-435E-8DDD-E992044C500B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDEC4239-2014-4479-A810-932B2B68AF4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq:-:*:*:*:*:*:*:*","matchCriteriaId":"19DB281A-F2B0-48D9-83B9-21CB651D34E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB9C837A-E11A-4135-AE80-0CC6B910B380"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"83A3CC6C-B6DA-4C5F-97FF-B7075C2D1936"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"85D6B8BD-291B-4753-98C0-8629C962B6C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-l:-:*:*:*:*:*:*:*","matchCriteriaId":"F49DCD87-5179-4AB0-B859-79CE26145125"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"30EF7DA2-51AC-4064-B679-DBE1A869C0F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"EA86A993-5A42-416E-B91A-54DC1719776F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3A35A0FA-76EA-411F-850A-A36AC20D2E1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"8FB564A1-E87A-4CAD-A8E8-5A22B0165B61"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"FBAC3A63-BC83-4B2D-808B-7ED330764644"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"03512A43-F226-4E93-8D38-5C3513AD5478"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11scz-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E4854AD-2561-47BA-8248-E5F045FAB070"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11scz-q:-:*:*:*:*:*:*:*","matchCriteriaId":"7A5ED2C4-0267-4F6C-BD29-9E0CEF01339E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB406DAD-3EFF-4934-A1E0-0CABEEBD1012"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"F45F4322-46AA-4865-808A-90FBE12386C8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-4c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CA85522C-E77A-4BF4-ABDE-3FE7D8E64D1C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-4c:-:*:*:*:*:*:*:*","matchCriteriaId":"8C4FE5EB-4CB5-449F-8BB5-DD7BEE5CD39C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdc-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DCA3FA9E-71C5-4B9A-8C25-EADA4EF89FE7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdc-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"4008F053-1E0C-477B-964F-9435801D09C4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-18c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6AA3FC73-9A4B-4292-8819-2F469343D824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-18c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E70CB-BF44-4DE8-BA2F-47283586FA9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdd-8c-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2EEB618F-65C0-4AF7-BFC5-B33714346728"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdd-8c-f:-:*:*:*:*:*:*:*","matchCriteriaId":"39BD8B01-9630-463C-870C-76EC7FE2D325"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-12c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4B3E9CA8-314E-4C07-AEC6-255A0B02122B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-12c:-:*:*:*:*:*:*:*","matchCriteriaId":"B9B43F7A-EF17-498A-8AEA-F4E98547DCDA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-14c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"03E64734-7D31-4676-B04D-9FE1A05AA2AC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-14c:-:*:*:*:*:*:*:*","matchCriteriaId":"4D2667BB-FE14-469F-9CC6-EB44B5B45DF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-16c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"240EEEC9-91DC-48C9-A4A6-C753F2C1756B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-16c:-:*:*:*:*:*:*:*","matchCriteriaId":"83B921DB-EF3B-4E6C-B67A-6E57EF2CCB1C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sds-8c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2F7ED116-0803-4FEB-BDF2-AA77619E0BB8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sds-8c:-:*:*:*:*:*:*:*","matchCriteriaId":"25EA425D-7D25-44BA-A6E1-210349DC4AC2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CEE6ADCA-47F2-4A4A-9B68-65932856C66A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D5D77AED-1F86-4C4E-80D1-473C65DA3EF3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-12c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"29DB0C5D-892E-4C44-92D9-A5B414A04C1D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-12c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"97A5A305-FFE9-4F2C-94F9-9B4E8ED255EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"E6653554-89E5-4F10-93DC-BAD4337D0DC1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"807D44E4-85DA-4F3D-BD0D-7393ABBDE9D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1C967A95-9CA1-4EB5-B153-AAFFE7626823"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"DDC0B8F1-EAFB-44E0-B3B5-8A8D5EBD51E5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-16c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"941D9F12-9CC3-482C-BE92-A7F920819331"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-16c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"3C5DDB30-1E22-42C1-8F9E-381004F9DDB5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"895FF0B9-7EEA-467E-80AA-560A4B0793D4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"59D0561D-78DE-47B7-B8E5-E1D6F9BB73B9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"4371A185-BF71-49C7-9318-B0AD11B4AE69"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"C1ECBB36-CA02-4A8F-AC62-97C695E067C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-4c-tp8f-01_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CB9A43BC-5D86-427A-99D0-B19DAB2D94F7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-4c-tp8f-01:-:*:*:*:*:*:*:*","matchCriteriaId":"5F8CDF9F-2650-46A6-AC3A-5FC61C942E87"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c\\+-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9E01FBF7-605E-469B-8B5A-6B26332CB704"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c\\+-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"D935CA76-84EB-4B3D-A4EF-6BE8F8ED750E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tln2f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A9819485-E143-481A-A058-420ECFF3C75B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tln2f:-:*:*:*:*:*:*:*","matchCriteriaId":"CA40B6EF-E65E-4494-A368-41966BCAE70C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdv-8c-tp8f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C125AF3D-A650-499E-85BB-6DAB33EC7C4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdv-8c-tp8f:-:*:*:*:*:*:*:*","matchCriteriaId":"F58D8FAC-A913-431F-86FA-E7FF585684A6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-12c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"33925DDC-A825-4029-A034-9BFF0C62F7A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-12c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"3F8AA874-B736-4C30-BC48-8BDF1A21463D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B6A7F79F-3632-424C-888A-314549607C14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"B4B8CFE3-D081-4A65-8A5E-BEA397F9195C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cn-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8EFF4246-365E-4C50-B1CD-4F7EC0A281F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cn-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"0D58AEE8-3390-490C-A04F-9A3675FA7E6F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-14cnt-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BA3304CB-E384-4A41-91C1-23023907B52D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-14cnt-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"EB50C171-3075-4A7C-97B9-6C48AE5E1222"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"41005504-CE28-4228-8B06-512E2083F276"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"BF949680-3AE1-4806-8A96-B7F50E9CAE0B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-16c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0619F3CD-CC67-4827-AE3D-DD9CA646555E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-16c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"8CC6354D-DBB1-457C-B9C9-FAF2265BAE5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"265BCB39-7942-417E-AD82-D903C9E410E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"5556FAA3-B53C-494A-8AB7-4942FE0E3757"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-4c-tp13f\\+_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"71F71EA7-FE29-4DF6-A092-98A4019C12EC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-4c-tp13f\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"EAF047A7-2B8F-44DB-9D2E-AEA638E3CCBC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sdw-8c-tp13f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"927581C8-56FC-4EC2-9781-22F764BAE269"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sdw-8c-tp13f:-:*:*:*:*:*:*:*","matchCriteriaId":"D9379DEA-1052-4A46-831F-A3F45CDF51C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-t_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18630E63-C300-41AC-8729-4418C2A6DC6B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-t:-:*:*:*:*:*:*:*","matchCriteriaId":"93841CE8-D876-44A3-A530-959CDB90FA7B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spa-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"377B2DF6-3E30-43C1-8268-B41B967C43AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spa-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"D6440101-3C85-427B-A930-014CCDA79CCD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"78FD0BEE-D475-48B9-9125-DA0B043063B0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"B2EAD8C3-4C86-41EA-94C2-8A025BD11C96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spg-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DF338C11-81EA-4D1E-8785-2EDB6BFBB17C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spg-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0D4C8250-1682-4360-828F-8E7EE072CE6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"92B129E9-A4F6-4643-9FB9-443FCDD764AB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctf:-:*:*:*:*:*:*:*","matchCriteriaId":"0DABCA06-C8F1-4A20-9F85-69B49B3C5095"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sph-nctpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"867CE591-8F70-4FA4-850C-B2490B7C19E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sph-nctpf:-:*:*:*:*:*:*:*","matchCriteriaId":"ABF784B2-347A-4A62-9CC3-6A01624D0F07"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spi-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0F7BFD4D-CB73-460B-9E11-486817129495"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spi-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"069F2E47-05DA-4676-9A11-B5059130720A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"ED404BD7-9873-485F-ABC4-D27470ED113A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"372B1F73-010B-4E12-A643-336741265B23"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B5956F7D-ADB1-4B1F-B5E7-60E68DC13E14"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1023FE03-0D76-4F33-ADC3-4502BD8AAE79"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5C4BA06E-A3CD-42E4-96BC-F16BCA654F75"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"09E13FF0-04D4-41CD-97B8-1860028F8F8F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spm-tpf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"482E5372-9001-42F5-A800-DECB62D6218D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spm-tpf:-:*:*:*:*:*:*:*","matchCriteriaId":"6D4232C6-8C0B-41B1-AF69-A4E584756777"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B7D9E669-D0F7-41C8-9467-7CEE659F9818"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"F0BEF4BD-0962-4DC0-9329-5C28DAE78B93"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11spw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2903AFD1-DD53-45B9-AC45-EE4318953190"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11spw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"0998B7F1-CD28-4E07-8BA0-53EEEE9A25CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1E277DCF-D312-405B-87ED-8F2C849D1972"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra:-:*:*:*:*:*:*:*","matchCriteriaId":"FD640185-AC03-4235-A8BF-F71473A3D21B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"25863AED-0930-4B92-9543-B3ECDB41F6E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E90E4534-1E54-4731-AFBF-5742274AAE1B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sra-rf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"26854260-D5B1-4896-BCC4-BDC300EC74F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sra-rf:-:*:*:*:*:*:*:*","matchCriteriaId":"88A40C12-CDC6-4065-A65F-1ABB411BF12E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sri-if_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"671629CA-F04B-451F-8BE1-34E0AA5FE73C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sri-if:-:*:*:*:*:*:*:*","matchCriteriaId":"92C0DDA9-ED3B-4DC8-B19E-19B9283A2C12"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F8C9D99F-51EF-436B-A632-6A287929C1E2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"900E0C75-C843-4327-BAF2-F8077281D87E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"87C66CF8-B9F6-4804-884B-0F99EDEF54A0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"161177BA-5C2B-47DF-B900-568D0665020A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11srm-vf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"06A5E49A-5E22-4FC9-B669-C107F528EFBA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11srm-vf:-:*:*:*:*:*:*:*","matchCriteriaId":"FB7EC704-0887-4743-AD5B-F9CF6EEE4B29"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssa-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0892BBDA-B31B-4558-9C51-B129A4B0F9FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssa-f:-:*:*:*:*:*:*:*","matchCriteriaId":"48D2E9CD-71D4-4556-A0F2-2C3B7FB8A77E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssd-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05BCD88A-F10A-4F1D-B129-E6E34329EF1B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssd-f:-:*:*:*:*:*:*:*","matchCriteriaId":"7B72F70A-B33E-4382-81DA-3864C2E14D41"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11sse-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"09C66363-58E4-4B8F-8D76-A5E61C40820F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11sse-f:-:*:*:*:*:*:*:*","matchCriteriaId":"FC57F4A1-10F8-4926-A446-D2B8F05B8008"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ctf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"3E763AED-58A3-4B45-BEE8-F0DBD2273C30"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ctf:-:*:*:*:*:*:*:*","matchCriteriaId":"95CD6DEE-E000-42C2-825B-C29E3F7D725C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"05731059-73C8-4A9F-B651-62937B728767"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-f:-:*:*:*:*:*:*:*","matchCriteriaId":"E7BE07CB-DED5-4810-9D04-884478CA1532"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A2479843-DDFF-4B53-A42F-6E715D36D040"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D6430B42-E04A-4CEF-8318-074536119201"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"67C4F018-28D7-4432-A5C2-7F04A1186EE0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"184762F2-E3A2-46F7-AC09-00DED69C7A4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"5B898C1E-1D08-445F-96E7-CC9C30AC264C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585:-:*:*:*:*:*:*:*","matchCriteriaId":"D07E7DBE-010F-4F21-8B4D-18DE8BF59D9B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-gtf-1585l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"321E79A8-251C-4CDF-8D82-B8AECE80B377"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-gtf-1585l:-:*:*:*:*:*:*:*","matchCriteriaId":"54CCEFD5-FE80-42A5-8ED1-BEE9BCAA21AB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DDA317E8-5F90-4C3E-B2DB-5BB843F7036D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"063C19C8-9A26-4457-A969-0172FA2E2BE4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssh-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2574D409-99F0-4B5A-A083-F70A67641D7E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssh-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"FDF932E7-ABDF-4541-B032-D013D881A25D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssi-ln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EE805506-31AB-4A37-BB72-46E279AB2824"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssi-ln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"00A6A4DB-ED52-4DF1-809D-ADCA9F8324A1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"98116A5B-3572-4FC5-A2B5-17AA4A8B7D22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl:-:*:*:*:*:*:*:*","matchCriteriaId":"0DA4B4D9-59CF-43D3-ACBE-8091C257C8FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-cf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7155E1B1-3F93-4A45-A0DD-E3207567C2A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-cf:-:*:*:*:*:*:*:*","matchCriteriaId":"0FA01B7B-0A5F-48AC-811C-BB6EB4C78719"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"DB8E9380-7211-4291-8A20-B824788DD361"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-f:-:*:*:*:*:*:*:*","matchCriteriaId":"F59AC9E2-69C0-42EF-82D3-F304D4918E8D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssl-nf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"6135023F-487A-494D-93BD-00B6B1AB5FE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssl-nf:-:*:*:*:*:*:*:*","matchCriteriaId":"84671D8E-00A2-4AC1-9B7E-9B7BB5188B3C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"51BE935C-26D0-40D3-BD89-E687FB03D822"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm:-:*:*:*:*:*:*:*","matchCriteriaId":"E28641A6-F24E-493D-B57B-954DA91F47B4"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssm-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AC8C1870-205D-4274-AC1E-97520C8D84DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssm-f:-:*:*:*:*:*:*:*","matchCriteriaId":"1EC19D26-080D-4B5A-A41C-253D00036608"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"9024100A-B534-4767-AD82-6D68B35F528D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"36D80443-7089-4484-B9F5-029BAFF1A5BB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"7AF85C30-B3D3-4AA0-BB47-8514B07AA9E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-001:-:*:*:*:*:*:*:*","matchCriteriaId":"EDF406B5-6051-429F-B4BA-B5FCC3438E2E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"F7509A40-6C8A-4158-A291-08423AF67D8D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"B3311514-CCB7-423F-9CD7-A0AF63E5EC4A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B9F9EDD4-B350-47A8-968D-0CA7807D1656"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"E16D25E7-A713-4B72-B386-A6DFD024AA5A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AF8C94B5-5FA5-4C5B-B6CB-3D77C0E9B309"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"0000DB52-9B92-45B5-BB63-4C694E3714D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AD96DBC3-6110-48D0-A88A-46379D24AAD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-001:-:*:*:*:*:*:*:*","matchCriteriaId":"5D35739F-DF6C-47A1-A4FB-B3415F33AD55"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"48BC8AA2-8DF0-4B73-9AF6-476F20C9805B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"D97BA507-5721-4360-BBF2-65D94C038C51"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"77D5EBA8-4A56-4E31-85C4-E257BB87EDD5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D376009A-CE57-4389-837A-C1933B95FC4F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"252C49DA-308D-4CD1-8E6E-BC63F6246DD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"D25709E2-5B71-428A-8D67-2963903C12BD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-001_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"679DC010-4BBD-4BB7-B3E6-7ACB466B3039"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-001:-:*:*:*:*:*:*:*","matchCriteriaId":"8CED7FE1-ACF5-4FDF-8942-A1F3DF583242"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-vdc_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"18CAAC39-7134-42A3-A1F1-D4E28C7B8CB6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-vdc:-:*:*:*:*:*:*:*","matchCriteriaId":"0A9F87DA-EDA8-47FB-8574-F3BFE24C7D03"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"B1C89DDB-53B4-4C64-9DE8-1D355E625B38"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"68216C46-DBCB-4666-AE4A-4EC895571367"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"636DF182-2C81-4E3D-A574-D8954178E876"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq:-:*:*:*:*:*:*:*","matchCriteriaId":"8573A582-A52A-4006-99F0-D42C3AE5B722"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssq-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"D6798F23-3EFB-4E50-B008-4387EA7BD64B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssq-l:-:*:*:*:*:*:*:*","matchCriteriaId":"03CC1ABD-321B-4680-AFCC-5E4AD6E1A903"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-lvds_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"C525E969-B16D-4B77-B26A-8DB59E2C3E94"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-lvds:-:*:*:*:*:*:*:*","matchCriteriaId":"7A7D90D9-531C-4904-BEB5-35CED4F4670A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"1AC7954D-DD60-4681-811F-E283D1945990"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4:-:*:*:*:*:*:*:*","matchCriteriaId":"4DA13087-4F08-484F-8083-104A48E533C7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-m4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"918880F9-7E0D-4EE9-A3F2-6076CF56FDCC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-m4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5D258D3F-A52F-4E7F-9883-CC48A49A31D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssv-q_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A44B5078-FF02-44D9-993E-9920D6CB69B4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssv-q:-:*:*:*:*:*:*:*","matchCriteriaId":"90CB1E05-C42D-43F9-95F5-258C87A9A67D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-4tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CCAD1C84-44A4-4DF3-B986-CC74B9BE1D07"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-4tf:-:*:*:*:*:*:*:*","matchCriteriaId":"6089DFBF-A190-4A4C-9DD8-1DA4D539A5F1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"EC58D65B-87D2-4EEF-9869-B8843EF7DD39"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-f:-:*:*:*:*:*:*:*","matchCriteriaId":"6CDDDC18-753F-496F-9953-5B91ED1CC0F3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssw-tf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"8B851DE0-7AB2-446B-97FA-B01258045317"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssw-tf:-:*:*:*:*:*:*:*","matchCriteriaId":"3A180D6C-1A5B-41E0-A4CA-99CD49CBF585"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"AB458920-62A4-46BB-A9D1-D8DEAAF031CA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-f:-:*:*:*:*:*:*:*","matchCriteriaId":"25DA80D6-C893-4B91-94ED-9FE4403DC6E0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-qf_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0E796E38-6EE5-407F-B461-A44E47A3DE23"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-qf:-:*:*:*:*:*:*:*","matchCriteriaId":"A003C87A-7055-497C-B320-DF15F0D112D8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11ssz-tln4f_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"897E7B81-6038-4F64-8B7D-F0099DF2BB88"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11ssz-tln4f:-:*:*:*:*:*:*:*","matchCriteriaId":"5C338781-88C1-476A-A3C9-2018016BF2EC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"CDD7E679-7040-454D-A158-7AAB9364AA78"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c:-:*:*:*:*:*:*:*","matchCriteriaId":"E34FEF2D-51C2-4FC9-AC2A-7A40BDA5EDA8"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-c-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"2476AEA6-1961-48B9-91C7-39668153AD49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-c-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"59F6BF1F-A8EC-4A61-9BBC-0B46877BE366"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"35F1718A-6782-42C3-9CBF-506D8C5FBD76"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e:-:*:*:*:*:*:*:*","matchCriteriaId":"830F9903-EF91-48E0-ACEB-76C629886680"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-e-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"A611E64F-3E3F-4B7F-AC97-B138B864A3E4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-e-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"F5FE79CD-C7B6-458E-82F0-1D6DBA9AC2B5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"32FB8458-08DB-4EF0-AC9D-D3E6059CD697"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h:-:*:*:*:*:*:*:*","matchCriteriaId":"7493C93F-A80C-4F19-BA3E-BB0C7FE95BE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-h-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"158059FE-ECB1-47D9-9C28-9544D006833B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-h-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"09B2349B-0BDF-4B73-91D8-756D81900C5B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"0EB394CD-C7B8-4967-8846-E59E904BA0BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l:-:*:*:*:*:*:*:*","matchCriteriaId":"ECBDA83D-46FC-42E6-AA22-EA312946352C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:supermicro:x11swn-l-wohs_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"3.17.02","matchCriteriaId":"BB93281C-B13A-40C2-88E5-199AB3FE3E26"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:supermicro:x11swn-l-wohs:-:*:*:*:*:*:*:*","matchCriteriaId":"D58DB7DA-B8C4-4E37-BAFE-574CA01A9691"}]}]}],"references":[{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://www.supermicro.com/en/support/security_BMC_Dec_2023","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-49494","sourceIdentifier":"cve@mitre.org","published":"2023-12-11T21:15:07.397","lastModified":"2026-07-09T01:18:45.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php."},{"lang":"es","value":"Se descubrió que DedeCMS v5.7.111 contiene una vulnerabilidad de cross-site scripting (XSS) reflectantes a través del componente select_media_post_wangEditor.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dedecms:dedecms:5.7.111:*:*:*:*:*:*:*","matchCriteriaId":"377F392A-A04B-4E7A-BBE8-F77CE65BDFCF"}]}]}],"references":[{"url":"https://github.com/Hebing123/cve/issues/3","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Hebing123/cve/issues/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47320","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.153","lastModified":"2026-07-09T01:18:43.083","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control. An attacker with low privileges is able to execute the administrator-only function of putting the application in \"Maintenance Mode\" due to broken access control. This makes the application unavailable to all users. This affects Silverpeas Core 6.3.1 and below."},{"lang":"es","value":"Silverpeas Core 6.3.1 es vulnerable a un control de acceso incorrecto. Un atacante con pocos privilegios puede ejecutar la función exclusiva de administrador de poner la aplicación en \"Modo de mantenimiento\" debido a un control de acceso roto. Esto hace que la aplicación no esté disponible para todos los usuarios. Esto afecta a Silverpeas Core 6.3.1 y versiones anteriores."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-22T18:24:29.654574Z","id":"CVE-2023-47320","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47320","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47321","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.200","lastModified":"2026-07-09T01:18:43.257","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Silverpeas Core 6.3.1 is vulnerable to Incorrect Access Control via the \"Porlet Deployer\" which allows administrators to deploy .WAR portlets."},{"lang":"es","value":"Silverpeas Core 6.3.1 es vulnerable a un control de acceso incorrecto a través del \"Porlet Deployer\", que permite a los administradores implementar portlets .WAR."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-26T15:14:37.105829Z","id":"CVE-2023-47321","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47321","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47321","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47322","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.247","lastModified":"2026-07-09T01:18:43.373","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The \"userModify\" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation. If an administrator goes to a malicious URL while being authenticated to the Silverpeas application, the CSRF with execute making the attacker an administrator user in the application."},{"lang":"es","value":"La función \"userModify\" de Silverpeas Core 6.3.1 es vulnerable a cross-site request forgery (CSRF), lo que conduce a una escalada de privilegios. Si un administrador accede a una URL maliciosa mientras se autentica en la aplicación Silverpeas, el CSRF se ejecutará y convertirá al atacante en un usuario administrador de la aplicación."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47322","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47323","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.293","lastModified":"2026-07-09T01:18:43.483","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those sent only to administrators."},{"lang":"es","value":"La función de notificación/mensajería de Silverpeas Core 6.3.1 no impone control de acceso en el parámetro ID. Esto permite a un atacante leer todos los mensajes enviados entre otros usuarios; incluidos los enviados únicamente a administradores."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47323","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47323","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47324","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.343","lastModified":"2026-07-09T01:18:43.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting (XSS) via the message/notification feature."},{"lang":"es","value":"Silverpeas Core 6.3.1 es vulnerable a Cross Site Scripting (XSS) a través de la función de mensaje/notificación."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47324","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Silverpeas/Silverpeas-Core/pull/1298/commits","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47324","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Silverpeas/Silverpeas-Core/pull/1298/commits","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}},{"cve":{"id":"CVE-2023-47325","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.390","lastModified":"2026-07-09T01:18:43.693","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Silverpeas Core 6.3.1 administrative \"Bin\" feature is affected by broken access control. A user with low privileges is able to navigate directly to the bin, revealing all deleted spaces. The user can then restore or permanently delete the spaces."},{"lang":"es","value":"La función administrativa \"Bin\" de Silverpeas Core 6.3.1 se ve afectada por un control de acceso roto. Un usuario con pocos privilegios puede navegar directamente a la papelera, revelando todos los espacios eliminados. Luego, el usuario puede restaurar o eliminar permanentemente los espacios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-22T18:21:47.313747Z","id":"CVE-2023-47325","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47325","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47326","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.437","lastModified":"2026-07-09T01:18:43.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function."},{"lang":"es","value":"Silverpeas Core 6.3.1 es vulnerable a la cross-site request forgery (CSRF) a través de la función Domain SQL Create."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47326","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47326","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47327","sourceIdentifier":"cve@mitre.org","published":"2023-12-13T14:15:44.487","lastModified":"2026-07-09T01:18:43.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The \"Create a Space\" feature in Silverpeas Core 6.3.1 is reserved for use by administrators. This function suffers from broken access control, allowing any authenticated user to create a space by navigating to the correct URL."},{"lang":"es","value":"La función \"Crear un espacio\" en Silverpeas Core 6.3.1 está reservada para uso de administradores. Esta función sufre un control de acceso roto, lo que permite a cualquier usuario autenticado crear un espacio navegando a la URL correcta."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-26T15:13:32.891757Z","id":"CVE-2023-47327","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:silverpeas:silverpeas:*:*:*:*:*:*:*:*","versionEndExcluding":"6.3.2","matchCriteriaId":"F4C6E996-03CD-4BD3-A74F-A450CA1B0C0B"}]}]}],"references":[{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47327","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2023-47327","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50983","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:34.610","lastModified":"2026-07-09T01:18:46.403","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contiene una vulnerabilidad de inyección de comandos a través de la función sysScheduleRebootSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysScheduleRebootSet-2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysScheduleRebootSet-2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50984","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:34.723","lastModified":"2026-07-09T01:18:46.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro ip en la función spdtstConfigAndStart."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/spdtstConfigAndStart.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/spdtstConfigAndStart.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50985","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:34.820","lastModified":"2026-07-09T01:18:46.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro lanGw en la función lanCfgSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/lanCfgSet.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/lanCfgSet.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50986","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:34.897","lastModified":"2026-07-09T01:18:46.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro de tiempo en la función sysLogin."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"i29_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.0.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-13T18:57:47.472699Z","id":"CVE-2023-50986","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysLogin.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysLogin.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50987","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:34.983","lastModified":"2026-07-09T01:18:47.057","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro de tiempo en la función sysTimeInfoSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysTimeInfoSet.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysTimeInfoSet.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50988","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:35.080","lastModified":"2026-07-09T01:18:47.193","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro de ancho de banda en la función wifiRadioSetIndoor."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/wifiRadioSetIndoor.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/wifiRadioSetIndoor.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50989","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:35.170","lastModified":"2026-07-09T01:18:47.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contiene una vulnerabilidad de inyección de comandos a través de la función pingSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-26T15:02:16.811240Z","id":"CVE-2023-50989","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/pingSet-2.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/pingSet-2.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50990","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:35.293","lastModified":"2026-07-09T01:18:47.490","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the rebootTime parameter in the sysScheduleRebootSet function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de búfer a través del parámetro rebootTime en la función sysScheduleRebootSet."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysScheduleRebootSet.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/sysScheduleRebootSet.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50992","sourceIdentifier":"cve@mitre.org","published":"2023-12-20T22:15:35.450","lastModified":"2026-07-09T01:18:47.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda i29 v1.0 V1.0.0.5 was discovered to contain a stack overflow via the ip parameter in the setPing function."},{"lang":"es","value":"Se descubrió que Tenda i29 v1.0 V1.0.0.5 contenía un desbordamiento de pila a través del parámetro ip en la función setPing."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"1CCB36FC-6907-44BD-AC82-32A5F83487D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:i29_firmware:1.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DCF9D1F7-454B-4D91-9AFF-2457330948D6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:i29:1.0:*:*:*:*:*:*:*","matchCriteriaId":"0B5E0783-28E1-406B-953F-E4A8F0246E8C"}]}]}],"references":[{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/setPing.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ef4tless/vuln/blob/master/iot/i29/setPing.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-46987","sourceIdentifier":"cve@mitre.org","published":"2023-12-28T15:15:07.550","lastModified":"2026-07-09T01:18:42.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SeaCMS v12.9 was discovered to contain a remote code execution (RCE) vulnerability via the component /augap/adminip.php."},{"lang":"es","value":"Se descubrió que SeaCMS v12.9 contiene una vulnerabilidad de ejecución remota de código (RCE) a través del componente /augap/adminip.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seacms:seacms:12.9:*:*:*:*:*:*:*","matchCriteriaId":"5A52C0BF-703A-4BF0-A5A9-E3995C30FE0D"}]}]}],"references":[{"url":"http://www.seacms.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://blog.csdn.net/weixin_72610998/article/details/133420747?spm=1001.2014.3001.5501","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"http://www.seacms.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://blog.csdn.net/weixin_72610998/article/details/133420747?spm=1001.2014.3001.5501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50470","sourceIdentifier":"cve@mitre.org","published":"2023-12-28T15:15:07.617","lastModified":"2026-07-09T01:18:45.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload."},{"lang":"es","value":"Una vulnerabilidad de cross-site scripting (XSS) en el componente admin_Video.php de SeaCMS v12.8 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-12T17:01:22.414831Z","id":"CVE-2023-50470","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:seacms:seacms:12.8:*:*:*:*:*:*:*","matchCriteriaId":"6A89BDA4-2E1C-42FE-B389-225323139AD6"}]}]}],"references":[{"url":"https://blog.csdn.net/weixin_72610998/article/details/134784075?spm=1001.2014.3001.5502","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.seacms.net/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://blog.csdn.net/weixin_72610998/article/details/134784075?spm=1001.2014.3001.5502","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.seacms.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-50651","sourceIdentifier":"cve@mitre.org","published":"2023-12-30T17:15:08.080","lastModified":"2026-07-09T01:18:46.190","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi."},{"lang":"es","value":"Se descubrió que TOTOLINK X6000R v9.4.0cu.852_B20230719 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través del componente /cgi-bin/cstecgi.cgi."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-05T18:40:15.502499Z","id":"CVE-2023-50651","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:*","matchCriteriaId":"846390E3-B033-4B17-A141-49E30AF76264"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:*","matchCriteriaId":"178FD1FA-9A62-48B7-B219-938F48ADD8BB"}]}]}],"references":[{"url":"https://palm-jump-676.notion.site/X6000R-sub_4119A0-11-b35b4ca36ce84e07afff85c98414d293","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://palm-jump-676.notion.site/X6000R-sub_4119A0-11-b35b4ca36ce84e07afff85c98414d293","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47458","sourceIdentifier":"cve@mitre.org","published":"2024-01-02T21:15:09.673","lastModified":"2026-07-09T01:18:44.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework."},{"lang":"es","value":"Un problema en SpringBlade v.3.7.0 y anteriores permite a un atacante remoto escalar privilegios a través de la falta de un framework de permisos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-08T16:48:43.892743Z","id":"CVE-2023-47458","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bladex:springblade:*:*:*:*:*:*:*:*","versionEndIncluding":"3.7.0","matchCriteriaId":"0316ED89-1327-46DA-BD43-995B6DC663DE"}]}]}],"references":[{"url":"https://gist.github.com/Mr-F0reigner/b05487f5ca52d17e214fffd6e1e0312a","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gitee.com/smallc/SpringBlade","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/Mr-F0reigner/b05487f5ca52d17e214fffd6e1e0312a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://gitee.com/smallc/SpringBlade","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2020-26623","sourceIdentifier":"cve@mitre.org","published":"2024-01-02T22:15:07.777","lastModified":"2026-07-09T00:17:03.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability discovered in Gila CMS 1.15.4 and earlier allows a remote attacker to execute arbitrary web scripts via the Area parameter under the Administration>Widget tab after the login portal."},{"lang":"es","value":"Una vulnerabilidad de inyección SQL descubierta en Gila CMS 1.15.4 y anteriores permite a un atacante remoto ejecutar scripts web arbitrarios a través del parámetro Area en la pestaña Administration&gt;Widget después del portal de inicio de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T17:26:00.781229Z","id":"CVE-2020-26623","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gilacms:gila_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"1.15.4","matchCriteriaId":"A50D5646-7095-46DD-8C3F-1CA1FBD9D043"}]}]}],"references":[{"url":"https://github.com/GilaCMS/gila","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/GilaCMS/gila","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-26624","sourceIdentifier":"cve@mitre.org","published":"2024-01-02T22:15:07.837","lastModified":"2026-07-09T00:17:03.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal."},{"lang":"es","value":"Se descubrió una vulnerabilidad de inyección SQL en Gila CMS 1.15.4 y versiones anteriores que permite a un atacante remoto ejecutar scripts web arbitrarios a través del parámetro ID después del portal de inicio de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-17T14:49:52.248372Z","id":"CVE-2020-26624","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gilacms:gila_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"1.15.4","matchCriteriaId":"A50D5646-7095-46DD-8C3F-1CA1FBD9D043"}]}]}],"references":[{"url":"https://github.com/GilaCMS/gila","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/GilaCMS/gila","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2020-26625","sourceIdentifier":"cve@mitre.org","published":"2024-01-02T22:15:07.880","lastModified":"2026-07-09T00:17:03.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the 'user_id' parameter after the login portal."},{"lang":"es","value":"Se descubrió una vulnerabilidad de inyección SQL en Gila CMS 1.15.4 y versiones anteriores que permite a un atacante remoto ejecutar scripts web arbitrarios a través del parámetro 'user_id' después del portal de inicio de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N","baseScore":3.8,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-16T17:17:11.745994Z","id":"CVE-2020-26625","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gilacms:gila_cms:*:*:*:*:*:*:*:*","versionEndIncluding":"1.15.4","matchCriteriaId":"A50D5646-7095-46DD-8C3F-1CA1FBD9D043"}]}]}],"references":[{"url":"https://github.com/GilaCMS/gila","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://github.com/GilaCMS/gila","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/GilaCMS/gila/security/policy","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://packetstormsecurity.com/files/176301/GilaCMS-1.15.4-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2023-37608","sourceIdentifier":"cve@mitre.org","published":"2024-01-03T13:15:08.393","lastModified":"2026-07-09T01:18:30.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its hardcoded password."},{"lang":"es","value":"Un problema en Automatic Systems SOC FL9600 FastLine v.lego_T04E00 permite a un atacante remoto obtener información confidencial a través de las credenciales de inicio de sesión del administrador."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:58:35.545544Z","id":"CVE-2023-37608","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:automaticsystems:soc_fl9600_firstlane_firmware:06:*:*:*:*:*:*:*","matchCriteriaId":"830A05D0-771A-4459-AB3F-2CF52CEEAB35"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:automaticsystems:soc_fl9600_firstlane:-:*:*:*:*:*:*:*","matchCriteriaId":"224B999C-43BB-4CDC-8C9B-6DEBF74F27B4"}]}]}],"references":[{"url":"https://github.com/CQURE/CVEs/tree/main/CVE-2023-37608","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.automatic-systems.com/range/","source":"cve@mitre.org"},{"url":"https://github.com/CQURE/CVEs/tree/main/CVE-2023-37608","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-37607","sourceIdentifier":"cve@mitre.org","published":"2024-01-03T14:15:08.747","lastModified":"2026-07-09T01:18:29.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information via csvServer.php?file= with a .. in the dir parameter."},{"lang":"es","value":"Directory Traversal en sistemas automáticos SOC FL9600 FastLine lego_T04E00 permite a un atacante remoto obtener información confidencial."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T17:18:44.879648Z","id":"CVE-2023-37607","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:automaticsystems:soc_fl9600_firstlane_firmware:06:*:*:*:*:*:*:*","matchCriteriaId":"830A05D0-771A-4459-AB3F-2CF52CEEAB35"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:automaticsystems:soc_fl9600_firstlane:-:*:*:*:*:*:*:*","matchCriteriaId":"224B999C-43BB-4CDC-8C9B-6DEBF74F27B4"}]}]}],"references":[{"url":"https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.automatic-systems.com/range/","source":"cve@mitre.org"},{"url":"https://github.com/CQURE/CVEs/blob/main/CVE-2023-37607/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-45559","sourceIdentifier":"cve@mitre.org","published":"2024-01-03T15:15:09.670","lastModified":"2026-07-09T01:18:41.530","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Tamaki_hamanoki Line v.13.6.1 allows attackers to send crafted notifications via leakage of the channel access token."},{"lang":"es","value":"Un problema en Tamaki_hamanoki Line v.13.6.1 permite a los atacantes enviar notificaciones manipuladas mediante la fuga del token de acceso al canal."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T17:18:42.201075Z","id":"CVE-2023-45559","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linecorp:line:13.6.1:*:*:*:*:*:*:*","matchCriteriaId":"22743D41-3381-4220-8D9F-60CC36E48F78"}]}]}],"references":[{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-45559.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/syz913/CVE-reports/blob/main/CVE-2023-45559.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47890","sourceIdentifier":"cve@mitre.org","published":"2024-01-08T20:15:44.453","lastModified":"2026-07-09T01:18:44.423","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"pyLoad 0.5.0 is vulnerable to Unrestricted File Upload."},{"lang":"es","value":"pyLoad 0.5.0 es vulnerable a la carga de archivos sin restricciones."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:56:34.089021Z","id":"CVE-2023-47890","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pyload:pyload:0.5.0:*:*:*:*:*:*:*","matchCriteriaId":"E5A06D79-6D64-41FB-9040-17E9630DF4E9"}]}]}],"references":[{"url":"https://github.com/pyload/pyload/security/advisories/GHSA-h73m-pcfw-25h2","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/pyload/pyload/security/advisories/GHSA-h73m-pcfw-25h2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50643","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T01:15:38.890","lastModified":"2026-07-09T01:18:45.987","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components."},{"lang":"es","value":"Un problema en Evernote Evernote para MacOS v.10.68.2 permite a un atacante remoto ejecutar código arbitrario a través de los componentes RunAsNode y enableNodeClilnspectArguments."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:59:59.502559Z","id":"CVE-2023-50643","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:evernote:evernote:10.68.2:*:*:*:*:macos:*:*","matchCriteriaId":"FA65CEB5-C7FC-42C6-9608-88688A6D0D3A"}]}]}],"references":[{"url":"https://github.com/V3x0r/CVE-2023-50643","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.electronjs.org/blog/statement-run-as-node-cves","source":"cve@mitre.org"},{"url":"https://github.com/V3x0r/CVE-2023-50643","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.electronjs.org/blog/statement-run-as-node-cves","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-26998","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T02:15:43.960","lastModified":"2026-07-09T01:18:11.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting encontrada en NetScoutnGeniusOne v.6.3.4 permite a un atacante remoto ejecutar código arbitrario a través del parámetro creator de la página de configuración de alerta."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T17:25:45.337171Z","id":"CVE-2023-26998","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netscout:ngeniusone:6.3.4:-:*:*:*:*:*:*","matchCriteriaId":"7E6205EA-C821-4A7A-9CF3-D4A71D34C98E"}]}]}],"references":[{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-26999","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T02:15:44.020","lastModified":"2026-07-09T01:18:11.397","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file."},{"lang":"es","value":"Un problema encontrado en NetScout nGeniusOne v.6.3.4 permite a un atacante remoto ejecutar código arbitrario y provocar una denegación de servicio a través de un archivo manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-11-14T17:26:28.485423Z","id":"CVE-2023-26999","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netscout:ngeniusone:6.3.4:-:*:*:*:*:*:*","matchCriteriaId":"7E6205EA-C821-4A7A-9CF3-D4A71D34C98E"}]}]}],"references":[{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27000","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T02:15:44.067","lastModified":"2026-07-09T01:18:11.570","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s)."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting encontrada en NetScoutnGeniusOne v.6.3.4 permite a un atacante remoto ejecutar código arbitrario a través del parámetro name de las páginas de perfil y lista de exclusión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-10T15:41:12.694211Z","id":"CVE-2023-27000","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:netscout:ngeniusone:6.3.4:-:*:*:*:*:*:*","matchCriteriaId":"7E6205EA-C821-4A7A-9CF3-D4A71D34C98E"}]}]}],"references":[{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-27098","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T02:15:44.113","lastModified":"2026-07-09T01:18:11.743","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel."},{"lang":"es","value":"TP-Link Tapo APK hasta v2.12.703 utiliza credenciales codificadas para acceder al panel de inicio de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-09T16:12:46.723468Z","id":"CVE-2023-27098","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-312"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tp-link:tapo:*:*:*:*:*:android:*:*","versionEndExcluding":"2.11.44","matchCriteriaId":"C9EB199F-FE2B-4E4B-B74E-C6B0A2D55AA7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tapo_c200:-:*:*:*:*:*:*:*","matchCriteriaId":"91B3D3B3-6E31-4F14-8DF5-0E3519C29DFD"}]}]}],"references":[{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2022-28975","sourceIdentifier":"cve@mitre.org","published":"2024-01-09T14:15:45.647","lastModified":"2026-07-09T01:17:26.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting (XSS) almacenado en Infoblox NIOS v8.5.2-409296 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectadp en el campo VLAN View Name."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-09T15:09:35.331004Z","id":"CVE-2022-28975","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:infoblox:nios:8.5.2:*:*:*:*:*:*:*","matchCriteriaId":"FE880952-58F8-40E8-8F5E-FE5A7DC7D6E8"}]}]}],"references":[{"url":"https://piotrryciak.com/posts/xss-infoblox/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://piotrryciak.com/posts/xss-infoblox/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-50128","sourceIdentifier":"cve@mitre.org","published":"2024-01-11T21:15:10.817","lastModified":"2026-07-09T01:18:45.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed state."},{"lang":"es","value":"El sistema remoto sin llave del sistema de Hozard alarm system (alarmsystemen) v1.0 envía una señal de radiofrecuencia idéntica para cada solicitud, lo que da como resultado que un atacante pueda realizar ataques de repetición para desarmar el sistema de alarma."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-12T18:02:26.210584Z","id":"CVE-2023-50128","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-294"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-294"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hozard:alarm_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"8F9A297A-6C1D-4276-8153-C23EE75FB0BB"}]}]}],"references":[{"url":"https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.secura.com/services/iot/consumer-products/security-concerns-in-popular-smart-home-devices","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-46474","sourceIdentifier":"cve@mitre.org","published":"2024-01-11T22:15:45.713","lastModified":"2026-07-09T01:18:42.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"File Upload vulnerability PMB v.7.4.8 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted PHP file uploaded to the start_import.php file."},{"lang":"es","value":"Vulnerabilidad de carga de archivos PMB v.7.4.8 permite a un atacante remoto ejecutar código arbitrario y escalar privilegios a través de un archivo PHP manipulado subido al archivo start_import.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:56:18.840625Z","id":"CVE-2023-46474","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sigb:pmb:*:*:*:*:*:*:*:*","versionEndIncluding":"7.5.3","matchCriteriaId":"E4943AC6-65E7-4405-94E9-57315A7FA378"}]}]}],"references":[{"url":"https://github.com/Xn2/CVE-2023-46474","source":"cve@mitre.org","tags":["Exploit","Mitigation","Third Party Advisory"]},{"url":"https://github.com/Xn2/CVE-2023-46474","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-51810","sourceIdentifier":"cve@mitre.org","published":"2024-01-16T01:15:34.900","lastModified":"2026-07-09T01:18:48.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en StackIdeas EasyDiscuss v.5.0.5 y corregida en v.5.0.10 permite a un atacante remoto obtener información confidencial a través de una solicitud manipulada al parámetro search en el módulo Users."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-16T15:14:09.188993Z","id":"CVE-2023-51810","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stackideas:easydiscuss:*:*:*:*:*:joomla\\!:*:*","versionStartIncluding":"5.0.5","versionEndExcluding":"5.0.10","matchCriteriaId":"11BCF361-9D21-4A2D-902E-A7B20E3AB569"}]}]}],"references":[{"url":"https://github.com/Pastea/CVE-2023-51810","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/Pastea/CVE-2023-51810","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-46952","sourceIdentifier":"cve@mitre.org","published":"2024-01-17T03:15:07.997","lastModified":"2026-07-09T01:18:42.630","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in ABO.CMS v.5.9.3 allows an attacker to execute arbitrary code via a crafted payload to the Referer header."},{"lang":"es","value":"La vulnerabilidad de cross site scripting en ABO.CMS v.5.9.3 permite a un atacante ejecutar código arbitrario a través de un payload manipulado en el encabezado Referer."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:37:50.856166Z","id":"CVE-2023-46952","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:abocms:abo.cms:5.9.3:*:*:*:*:*:*:*","matchCriteriaId":"68CBBD26-B5CE-4911-A44E-1025CC510418"}]}]}],"references":[{"url":"https://github.com/SadFox/ABO.CMS-Blind-XSS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/SadFox/ABO.CMS-Blind-XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-51946","sourceIdentifier":"cve@mitre.org","published":"2024-01-19T14:15:12.500","lastModified":"2026-07-09T01:18:49.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML."},{"lang":"es","value":"Múltiples vulnerabilidades de  cross-site scripting (XSS) Reflejadas en nasSvr.php en actidata actiNAS-SL-2U-8 3.2.03-SP1 permiten a atacantes remotos inyectar script web o HTML arbitrarias."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-19T15:44:13.598031Z","id":"CVE-2023-51946","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:*","matchCriteriaId":"FCCAA0EE-7B45-4A77-9BC9-5758C529CDB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:*","matchCriteriaId":"8E538A0F-3B62-4176-AAF2-1599FA199CA1"}]}]}],"references":[{"url":"https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51947","sourceIdentifier":"cve@mitre.org","published":"2024-01-19T14:15:12.553","lastModified":"2026-07-09T01:18:49.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication."},{"lang":"es","value":"El control de acceso inadecuado en nasSvr.php en actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 permite a atacantes remotos leer y modificar diferentes tipos de datos sin autenticación."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-23T21:43:49.275918Z","id":"CVE-2023-51947","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:*","matchCriteriaId":"FCCAA0EE-7B45-4A77-9BC9-5758C529CDB1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:*","matchCriteriaId":"8E538A0F-3B62-4176-AAF2-1599FA199CA1"}]}]}],"references":[{"url":"https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51947/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51947/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51892","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T01:15:07.857","lastModified":"2026-07-09T01:18:48.480","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in weaver e-cology v.10.0.2310.01 allows a remote attacker to execute arbitrary code via a crafted script to the FrameworkShellController component."},{"lang":"es","value":"Un problema en weaver e-cology v.10.0.2310.01 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el componente FrameworkShellController."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:34:26.011983Z","id":"CVE-2023-51892","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:weaver:e-cology:10.0.2310.01:*:*:*:*:*:*:*","matchCriteriaId":"315BDF07-E568-4DBC-A75F-08FBCC47AD20"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51892.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.weaver.com.cn/","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51892.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.weaver.com.cn/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-51926","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T01:15:07.907","lastModified":"2026-07-09T01:18:49.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"YonBIP v3_23.05 was discovered to contain an arbitrary file read vulnerability via the nc.bs.framework.comn.serv.CommonServletDispatcher component."},{"lang":"es","value":"Se descubrió que YonBIP v3_23.05 contenía una vulnerabilidad de lectura de archivos arbitraria a través del componente nc.bs.framework.comn.serv.CommonServletDispatcher."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:31:01.977531Z","id":"CVE-2023-51926","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51926.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51926.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51927","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T01:15:07.957","lastModified":"2026-07-09T01:18:49.370","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"YonBIP v3_23.05 was discovered to contain a SQL injection vulnerability via the com.yonyou.hrcloud.attend.web.AttendScriptController.runScript() method."},{"lang":"es","value":"Se descubrió que YonBIP v3_23.05 contiene una vulnerabilidad de inyección SQL a través del método com.yonyou.hrcloud.attend.web.AttendScriptController.runScript()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T14:25:12.028577Z","id":"CVE-2023-51927","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51927.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51927.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51928","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T01:15:08.010","lastModified":"2026-07-09T01:18:49.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitrarios en el método nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() de YonBIP v3_23.05 permite a los atacantes ejecutar código arbitrario cargando un archivo manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T14:22:25.805653Z","id":"CVE-2023-51928","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51928.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51928.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51906","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T02:15:07.670","lastModified":"2026-07-09T01:18:48.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in yonyou YonBIP v3_23.05 allows a remote attacker to execute arbitrary code via a crafted script to the ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager component."},{"lang":"es","value":"Un problema en yonyou YonBIP v3_23.05 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el componente ServiceDispatcherServlet uap.framework.rc.itf.IResourceManager."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-20T20:09:00.828999Z","id":"CVE-2023-51906","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51906.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51906.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51924","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T02:15:07.723","lastModified":"2026-07-09T01:18:48.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the uap.framework.rc.itf.IResourceManager interface of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitrarios en la interfaz uap.framework.rc.itf.IResourceManager de YonBIP v3_23.05 permite a los atacantes ejecutar código arbitrario cargando un archivo manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-24T20:28:56.188960Z","id":"CVE-2023-51924","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51924.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51924.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51925","sourceIdentifier":"cve@mitre.org","published":"2024-01-20T02:15:07.773","lastModified":"2026-07-09T01:18:49.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() method of YonBIP v3_23.05 allows attackers to execute arbitrary code via uploading a crafted file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitrarios en el método nccloud.web.arcp.taskmonitor.action.ArcpUploadAction.doAction() de YonBIP v3_23.05 permite a los atacantes ejecutar código arbitrario cargando un archivo manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-22T18:29:54.142145Z","id":"CVE-2023-51925","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:yonyou:yonbip:3_23.05:*:*:*:*:*:*:*","matchCriteriaId":"B2233A40-5ECC-45B7-B651-5B57118891C3"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51925.txt","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about/51925.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://www.yonyou.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-24135","sourceIdentifier":"cve@mitre.org","published":"2024-01-22T21:15:08.793","lastModified":"2026-07-09T01:18:07.580","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a command injection vulnerability in the function formWriteFacMac. This vulnerability allows attackers to execute arbitrary commands via manipulation of the mac parameter."},{"lang":"es","value":"Se descubrió que Jensen de Scandinavia Eagle 1200AC V15.03.06.33_en contiene una vulnerabilidad de inyección de comandos en la función formWriteFacMac. Esta vulnerabilidad permite a los atacantes ejecutar comandos arbitrarios mediante la manipulación del parámetro mac."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jensenofscandinavia","product":"eagle_1200ac_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:jensenofscandinavia:eagle_1200ac_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"15.03.06.33_en","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T14:17:20.771812Z","id":"CVE-2023-24135","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:jensenofscandinavia:eagle_1200ac_firmware:15.03.06.33_en:*:*:*:*:*:*:*","matchCriteriaId":"24E5249E-4E12-4A78-9CE7-BF0581FDE8FA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:jensenofscandinavia:eagle_1200ac:-:*:*:*:*:*:*:*","matchCriteriaId":"BC63EA0E-B80E-4CD3-B1D5-2B345950DF0C"}]}]}],"references":[{"url":"https://oxnan.com/img/Pasted%20image%2020230112110814.png","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://oxnan.com/posts/WriteFacMac-Command-Injection","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://oxnan.com/img/Pasted%20image%2020230112110814.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://oxnan.com/posts/WriteFacMac-Command-Injection","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-36177","sourceIdentifier":"cve@mitre.org","published":"2024-01-23T22:15:16.390","lastModified":"2026-07-09T01:18:28.833","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API."},{"lang":"es","value":"Se descubrió un problema en badaix Snapcast versión 0.27.0, que permite a atacantes remotos ejecutar código arbitrario y obtener información confidencial a través de una solicitud manipulada en JSON-RPC-API."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"badaix","product":"snapcast","defaultStatus":"unknown","cpes":["cpe:2.3:a:badaix:snapcast:*:*:*:*:*:*:*:*"],"versions":[{"version":"0.27.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T14:10:13.950111Z","id":"CVE-2023-36177","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:badaix:snapcast:*:*:*:*:*:*:*:*","versionEndIncluding":"0.27.0","matchCriteriaId":"1585039A-0AEC-4192-B179-2E4786DE36F4"}]}]}],"references":[{"url":"https://oxnan.com/posts/Snapcast_jsonrpc_rce","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00015.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oxnan.com/posts/Snapcast_jsonrpc_rce","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22922","sourceIdentifier":"cve@mitre.org","published":"2024-01-25T22:15:08.567","lastModified":"2026-07-09T01:18:51.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php"},{"lang":"es","value":"Un problema en Projectworlds Vistor Management System en PHP v.1.0 permite a un atacante remoto escalar privilegios a través de un script manipulado a la página de inicio de sesión en POST/index.php"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-01-30T15:46:18.938124Z","id":"CVE-2024-22922","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:projectworlds:visitor_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"8090C200-F3C4-403E-9D79-F7F1EAA3CB2F"}]}]}],"references":[{"url":"https://github.com/keru6k/CVE-2024-22922/blob/main/CVE-2024-22922.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/keru6k/CVE-2024-22922/blob/main/CVE-2024-22922.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-23055","sourceIdentifier":"cve@mitre.org","published":"2024-01-25T22:15:08.623","lastModified":"2026-07-09T01:18:52.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers."},{"lang":"es","value":"Un problema en el software de código abierto Plone Docker Official Image 5.2.13 (5221) permite la ejecución remota de código mediante una validación incorrecta de la entrada por parte de los encabezados HOST."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-17T14:19:03.267719Z","id":"CVE-2024-23055","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plone:plone_docker_official_image:5.2.13:*:*:*:*:*:*:*","matchCriteriaId":"277934F5-1C92-4B1C-85DE-93C7464108DA"}]}]}],"references":[{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-46344","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:16.537","lastModified":"2026-07-09T01:18:41.960","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. NOTE: The vendor states that this vulnerability has been fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base."},{"lang":"es","value":"Una vulnerabilidad en Solar-Log Base 15 Firmware 6.0.1 Build 161, y posiblemente en otros productos Solar-Log Base, permite a un atacante escalar sus privilegios explotando una vulnerabilidad de cross-site scripting (XSS) almacenada en la función de grupo de conmutadores en / #ilang=DE&amp;b=c_smartenergy_swgroups en el portal web. La vulnerabilidad se puede aprovechar para obtener los derechos de un instalador o PM, que luego se puede utilizar para obtener acceso administrativo al portal web y ejecutar más ataques."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"solar_log","product":"base_15_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:solar_log:base_15_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"6.0.1_build_161","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-07T20:11:07.797333Z","id":"CVE-2023-46344","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:solar-log:2000_pm\\+_firmware:15.10.2019:*:*:*:*:*:*:*","matchCriteriaId":"3CFA48BC-724C-49F9-8FD6-5BBECD34C585"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:solar-log:2000_pm\\+:-:*:*:*:*:*:*:*","matchCriteriaId":"A8E94086-68EC-4BAF-AB40-F2F4E679F761"}]}]}],"references":[{"url":"https://github.com/vinnie1717/CVE-2023-46344/blob/main/Solar-Log%20XSS","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.solar-log.com/en/support/firmware-database-1","source":"cve@mitre.org"},{"url":"https://github.com/vinnie1717/CVE-2023-46344/blob/main/Solar-Log%20XSS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22899","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:18.073","lastModified":"2026-07-09T01:18:50.820","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the syncNtpTime function."},{"lang":"es","value":"Se descubrió que Vinchin Backup &amp; Recovery v7.2 contiene una vulnerabilidad de ejecución remota de código (RCE) autenticada a través de la función syncNtpTime."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-05T17:34:18.512483Z","id":"CVE-2024-22899","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2","matchCriteriaId":"3891B5A9-CDD6-4BA5-A9E4-D320804835B2"}]}]}],"references":[{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/29","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176793/Vinchin-Backup-And-Recovery-7.2-syncNtpTime-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/29","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22900","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:18.127","lastModified":"2026-07-09T01:18:50.983","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the setNetworkCardInfo function."},{"lang":"es","value":"Se descubrió que Vinchin Backup &amp; Recovery v7.2 contiene una vulnerabilidad de ejecución remota de código (RCE) autenticada a través de la función setNetworkCardInfo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-06T20:13:23.971267Z","id":"CVE-2024-22900","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2","matchCriteriaId":"3891B5A9-CDD6-4BA5-A9E4-D320804835B2"}]}]}],"references":[{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/29","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176788/Vinchin-Backup-And-Recovery-7.2-setNetworkCardInfo-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/26","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22901","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:18.177","lastModified":"2026-07-09T01:18:51.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vinchin Backup & Recovery v7.2 was discovered to use default MYSQL credentials."},{"lang":"es","value":"Se descubrió que Vinchin Backup &amp; Recovery v7.2 utiliza credenciales MYSQL predeterminadas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T15:58:54.544580Z","id":"CVE-2024-22901","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2","matchCriteriaId":"3891B5A9-CDD6-4BA5-A9E4-D320804835B2"}]}]}],"references":[{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/30","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176794/Vinchin-Backup-And-Recovery-7.2-Default-MySQL-Credentials.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/30","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/30","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22902","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:18.223","lastModified":"2026-07-09T01:18:51.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vinchin Backup & Recovery v7.2 was discovered to be configured with default root credentials."},{"lang":"es","value":"Se descubrió que Vinchin Backup &amp; Recovery v7.2 estaba configurado con credenciales raíz predeterminadas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:59:24.468161Z","id":"CVE-2024-22902","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2","matchCriteriaId":"3891B5A9-CDD6-4BA5-A9E4-D320804835B2"}]}]}],"references":[{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/31","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176795/Vinchin-Backup-And-Recovery-7.2-Default-Root-Credentials.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/31","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/31","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22903","sourceIdentifier":"cve@mitre.org","published":"2024-02-02T02:15:18.277","lastModified":"2026-07-09T01:18:51.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the deleteUpdateAPK function."},{"lang":"es","value":"Se descubrió que Vinchin Backup &amp; Recovery v7.2 contiene una vulnerabilidad de ejecución remota de código (RCE) autenticada a través de la función deleteUpdateAPK."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-05T20:42:59.152874Z","id":"CVE-2024-22903","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vinchin:vinchin_backup_and_recovery:*:*:*:*:*:*:*:*","versionEndIncluding":"7.2","matchCriteriaId":"3891B5A9-CDD6-4BA5-A9E4-D320804835B2"}]}]}],"references":[{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/32","source":"cve@mitre.org","tags":["Mailing List","Third Party Advisory"]},{"url":"http://packetstormsecurity.com/files/176796/Vinchin-Backup-And-Recovery-7.2-SystemHandler.class.php-Command-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://seclists.org/fulldisclosure/2024/Jan/32","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://blog.leakix.net/2024/01/vinchin-backup-rce-chain/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://seclists.org/fulldisclosure/2024/Jan/32","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-23054","sourceIdentifier":"cve@mitre.org","published":"2024-02-05T16:15:55.437","lastModified":"2026-07-09T01:18:52.113","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Plone Docker Official Image 5.2.13 (5221) open-source software that could allow for remote code execution due to a package listed in ++plone++static/components not existing in the public package index (npm)."},{"lang":"es","value":"Un problema en el software de código abierto Plone Docker Official Image 5.2.13 (5221) que podría permitir la ejecución remota de código debido a que un paquete listado en ++plone++static/components no existe en el índice de paquetes públicos (npm)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"plone","product":"plone_docker_official_image","defaultStatus":"unknown","cpes":["cpe:2.3:a:plone:plone_docker_official_image:5.2.13:*:*:*:*:*:*:*"],"versions":[{"version":"5.2.13","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-28T17:44:02.679623Z","id":"CVE-2024-23054","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:plone:plone_docker_official_image:5.2.13:*:*:*:*:*:*:*","matchCriteriaId":"277934F5-1C92-4B1C-85DE-93C7464108DA"}]}]}],"references":[{"url":"https://github.com/c0d3x27/CVEs/blob/main/CVE-2024-23054/README.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/c0d3x27/CVEs/blob/main/CVE-2024-23054/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-24397","sourceIdentifier":"cve@mitre.org","published":"2024-02-05T16:15:55.493","lastModified":"2026-07-09T01:18:54.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the ReportName field."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en Stimulsoft GmbH Stimulsoft Dashboard.JS anterior a v.2024.1.2 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el campo ReportName."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T23:37:10.648284Z","id":"CVE-2024-24397","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:dashboards.js:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2024.1.2","matchCriteriaId":"F60D41BF-0D94-446D-BAEB-F2065D1B0064"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"cve@mitre.org","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24397/writeup/","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24397/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-24396","sourceIdentifier":"cve@mitre.org","published":"2024-02-05T19:15:08.557","lastModified":"2026-07-09T01:18:54.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the search bar component."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en Stimulsoft GmbH Stimulsoft Dashboard.JS anterior a v.2024.1.2 permite a un atacante remoto ejecutar código arbitrario a través de un payload diseñado en el componente de la barra de búsqueda."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"stimulsoft","product":"dashboards.js","defaultStatus":"unknown","cpes":["cpe:2.3:a:stimulsoft:dashboards.js:2024.1.2:*:*:*:*:node.js:*:*"],"versions":[{"version":"2024.1.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-26T18:16:13.138075Z","id":"CVE-2024-24396","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:dashboard.js:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2024.1.2","matchCriteriaId":"234455C0-6011-413C-A8EB-2DAE040B689E"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"cve@mitre.org","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24396/writeup/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24396/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-24398","sourceIdentifier":"cve@mitre.org","published":"2024-02-06T00:15:08.183","lastModified":"2026-07-09T01:18:54.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal vulnerability in Stimulsoft GmbH Stimulsoft Dashboard.JS before v.2024.1.2 allows a remote attacker to execute arbitrary code via a crafted payload to the fileName parameter of the Save function."},{"lang":"es","value":"Vulnerabilidad de Directory Traversal en Stimulsoft GmbH Stimulsoft Dashboard.JS anterior a v.2024.1.2 permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro fileName de la función Guardar."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-08T15:58:48.639922Z","id":"CVE-2024-24398","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:stimulsoft:dashboards.php:*:*:*:*:*:*:*:*","versionEndExcluding":"2024.1.2","matchCriteriaId":"9A6C93C6-FBF3-41DA-83B3-091EA2D53F6D"}]}]}],"references":[{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"cve@mitre.org","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24398/writeup/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://cloud-trustit.spp.at/s/Pi78FFazHamJQ5R","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]},{"url":"https://cves.at/posts/cve-2024-24398/writeup/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-46359","sourceIdentifier":"cve@mitre.org","published":"2024-02-06T01:15:07.877","lastModified":"2026-07-09T01:18:42.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature."},{"lang":"es","value":"Una vulnerabilidad de inyección de comandos del sistema operativo en Hardy Barth cPH2 eCharge Ladestation v1.87.0 y anteriores, puede permitir que un atacante remoto no autenticado ejecute comandos arbitrarios en el sistema a través de argumentos específicamente manipulados pasados a la función de verificación de conectividad."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-06T14:10:52.995119Z","id":"CVE-2023-46359","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hardy-barth:cph2_echarge_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.87.0","matchCriteriaId":"F88153BC-C3E4-4BD6-9794-31DC88D09D6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hardy-barth:cph2_echarge:-:*:*:*:*:*:*:*","matchCriteriaId":"317B39E6-9C7C-407B-8968-57923019265A"}]}]}],"references":[{"url":"https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2023-46360","sourceIdentifier":"cve@mitre.org","published":"2024-02-06T01:15:07.930","lastModified":"2026-07-09T01:18:42.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier is vulnerable to Execution with Unnecessary Privileges."},{"lang":"es","value":"Hardy Barth cPH2 eCharge Ladestation v1.87.0 y versiones anteriores son vulnerables a la ejecución con privilegios innecesarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"hardy-barth","product":"cph2_echarge_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:hardy-barth:cph2_echarge_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"v1.87.0","versionType":"custom","status":"affected"}]},{"vendor":"hardy-barth","product":"cph2_echarge","defaultStatus":"unknown","cpes":["cpe:2.3:h:hardy-barth:cph2_echarge:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"v1.87.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-28T17:53:47.854268Z","id":"CVE-2023-46360","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-250"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hardy-barth:cph2_echarge_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.87.0","matchCriteriaId":"F88153BC-C3E4-4BD6-9794-31DC88D09D6D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hardy-barth:cph2_echarge:-:*:*:*:*:*:*:*","matchCriteriaId":"317B39E6-9C7C-407B-8968-57923019265A"}]}]}],"references":[{"url":"https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-24321","sourceIdentifier":"cve@mitre.org","published":"2024-02-08T18:15:08.293","lastModified":"2026-07-09T01:18:54.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function."},{"lang":"es","value":"Un problema en Dlink DIR-816A2 v.1.10CNB05 permite a un atacante remoto ejecutar código arbitrario a través del parámetro Wizardstep4_ssid_2 en la función sub_42DA54."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-02-12T18:17:18.474441Z","id":"CVE-2024-24321","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dlink:dir-816_firmware:1.10cnb05:*:*:*:*:*:*:*","matchCriteriaId":"6A221E99-E2B0-4C57-9263-9A86EFF8746E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:dlink:dir-816:a2:*:*:*:*:*:*:*","matchCriteriaId":"1A3AC507-7219-401E-AC60-12D96382E4B7"}]}]}],"references":[{"url":"https://github.com/dkjiayu/Vul/blob/main/DIR816A2-dir_setWanWifi.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/dkjiayu/Vul/blob/main/DIR816A2-dir_setWanWifi.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.dlink.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-25423","sourceIdentifier":"cve@mitre.org","published":"2024-02-22T01:15:08.123","lastModified":"2026-07-09T01:18:55.180","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4d_base.xdl64 file."},{"lang":"es","value":"Un problema en MAXON CINEMA 4D R2024.2.0 permite que un atacante local ejecute código arbitrario a través de un archivo c4d_base.xdl64 manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"maxon","product":"cinema_4d","defaultStatus":"unknown","cpes":["cpe:2.3:a:maxon:cinema_4d:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"R2024.2.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-20T17:26:26.068592Z","id":"CVE-2024-25423","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nemetschek:cinema_4d:2024.2:*:*:*:*:*:*:*","matchCriteriaId":"59D25958-0315-42BC-AB88-46D7F6BF9EA6"}]}]}],"references":[{"url":"https://github.com/DriverUnload/cve-2024-25423","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/DriverUnload/cve-2024-25423","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-22873","sourceIdentifier":"cve@mitre.org","published":"2024-02-26T16:27:56.733","lastModified":"2026-07-09T01:18:50.650","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tencent Blueking CMDB v3.2.x to v3.9.x was discovered to contain a Server-Side Request Forgery (SSRF) via the event subscription function (/service/subscription.go). This vulnerability allows attackers to access internal requests via a crafted POST request."},{"lang":"es","value":"Se descubrió que Tencent Blueking CMDB v3.2.xa v3.9.x contenía Server-Side Request Forgery (SSRF) a través de la función de suscripción de eventos (/service/subscription.go). Esta vulnerabilidad permite a los atacantes acceder a solicitudes internas mediante una solicitud POST manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tencent","product":"cmdb","defaultStatus":"unknown","cpes":["cpe:2.3:a:tencent:cmdb:3.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"3.2.0","lessThan":"3.10.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-05T19:43:08.447685Z","id":"CVE-2024-22873","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tencent:blueking_configuration_management_database:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.2","versionEndIncluding":"3.9.47","matchCriteriaId":"D0F0D307-A367-4BC8-A267-8ABB8BF0E2D2"}]}]}],"references":[{"url":"https://gist.github.com/exp1orer/0f190c6a64b668a9b1c4c47789affa09","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://sphenoid-enquiry-9be.notion.site/BK-CMDB-SSRF-ba21e94f4976460188fa52d26c15a6ae?pvs=4","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://gist.github.com/exp1orer/0f190c6a64b668a9b1c4c47789affa09","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://sphenoid-enquiry-9be.notion.site/BK-CMDB-SSRF-ba21e94f4976460188fa52d26c15a6ae?pvs=4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-22983","sourceIdentifier":"cve@mitre.org","published":"2024-02-28T22:15:26.453","lastModified":"2026-07-09T01:18:51.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Projectworlds Visitor Management System en PHP v.1.0 permite a un atacante remoto escalar privilegios a través del parámetro de nombre en el endpoint myform.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"projectworlds","product":"visitor_management_system_in_php","defaultStatus":"unknown","cpes":["cpe:2.3:a:projectworlds:visitor_management_system_in_php:1.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-16T17:22:45.611000Z","id":"CVE-2024-22983","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:projectworlds:visitor_management_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"8090C200-F3C4-403E-9D79-F7F1EAA3CB2F"}]}]}],"references":[{"url":"https://github.com/keru6k/CVE-2024-22983/blob/main/CVE-2024-22983.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/keru6k/CVE-2024-22983/blob/main/CVE-2024-22983.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-33677","sourceIdentifier":"cve@mitre.org","published":"2024-03-06T01:15:06.960","lastModified":"2026-07-09T01:18:25.510","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at \"?page=items/view&id=*\"."},{"lang":"es","value":"Sourcecodester Lost and Found Information System's Version 1.0 es vulnerable a una inyección SQL no autenticada en \"?page=items/view&amp;id=*\"."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"sourcecodester","product":"lost_and_found_information_system","defaultStatus":"unknown","cpes":["cpe:2.3:a:sourcecodester:lost_and_found_information_system:1.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-06T16:24:55.573245Z","id":"CVE-2023-33677","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://github.com/ASR511-OO7/CVE-2023-33677/blob/main/CVE-29","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/ASR511-OO7/CVE-2023-33677/blob/main/CVE-29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-47415","sourceIdentifier":"cve@mitre.org","published":"2024-03-07T01:15:51.850","lastModified":"2026-07-09T01:18:44.067","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cypress Solutions CTM-200 v2.7.1.5600 and below was discovered to contain an OS command injection vulnerability via the cli_text parameter."},{"lang":"es","value":"Se descubrió que Cypress Solutions CTM-200 v2.7.1.5600 y versiones anteriores contenían una vulnerabilidad de inyección de comandos del sistema operativo a través del parámetro cli_text."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"cypress","product":"ctm-200_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:cypress:ctm-200_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"2.7.1.5600","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-29T18:11:30.674544Z","id":"CVE-2023-47415","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cypress:ctm-200_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.7.1.5600-113","matchCriteriaId":"BE000602-DA15-48EF-B5A2-87E1AA766DE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:cypress:ctm-200:-:*:*:*:*:*:*:*","matchCriteriaId":"51B8D253-6B62-43B6-B609-98433D5ACA0B"}]}]}],"references":[{"url":"https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-47415","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://gitlab.com/loudmouth-security/vulnerability-disclosures/cve-2023-47415","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-26566","sourceIdentifier":"cve@mitre.org","published":"2024-03-07T01:15:52.757","lastModified":"2026-07-09T01:18:55.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the password verification component."},{"lang":"es","value":"Un problema en Cute Http File Server v.3.1 permite a un atacante remoto escalar privilegios a través del componente de verificación de contraseña."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"ods-im","product":"cutehttpfileserver","defaultStatus":"unknown","cpes":["cpe:2.3:a:ods-im:cutehttpfileserver:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"3.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-06T13:52:14.722584Z","id":"CVE-2024-26566","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:iscute:cute_http_file_server:3.1:*:*:*:*:*:*:*","matchCriteriaId":"04A11058-E923-4F79-8481-57D99BE63E04"}]}]}],"references":[{"url":"https://github.com/GZLDL/CVE/blob/main/CVE-2024-26566/CVE-2024-26566%20English.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/GZLDL/CVE/tree/main/Cute%20Http%20File%20Server%20JWT","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/GZLDL/CVE/blob/main/CVE-2024-26566/CVE-2024-26566%20English.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/GZLDL/CVE/tree/main/Cute%20Http%20File%20Server%20JWT","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2023-42789","sourceIdentifier":"psirt@fortinet.com","published":"2024-03-12T15:15:46.107","lastModified":"2026-07-08T13:16:23.177","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4.0 through 6.4.14, FortiOS 6.2.0 through 6.2.15, FortiProxy 7.4.0, FortiProxy 7.2.0 through 7.2.6, FortiProxy 7.0.0 through 7.0.12, FortiProxy 2.0.0 through 2.0.13, FortiSASE 23.2.b allows attacker to execute unauthorized code or commands via specially crafted HTTP requests."},{"lang":"es","value":"Una escritura fuera de límites en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permite a un atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP especialmente manipuladas."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"2.0.0","lessThanOrEqual":"2.0.13","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSASE","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisase:23.2.b:*:*:*:*:*:*:*"],"versions":[{"version":"23.2.b","status":"affected"}]},{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.1","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.14","versionType":"semver","status":"affected"},{"version":"6.2.0","lessThanOrEqual":"6.2.15","versionType":"semver","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"fortinet","product":"fortios","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.1","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.14","versionType":"semver","status":"affected"},{"version":"6.2.0","lessThanOrEqual":"6.2.15","versionType":"semver","status":"affected"}]},{"vendor":"fortinet","product":"fortipam","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortipam:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.1.0","lessThanOrEqual":"1.1.2","versionType":"semver","status":"affected"},{"version":"1.0.0","lessThanOrEqual":"1.0.3","versionType":"semver","status":"affected"}]},{"vendor":"fortinet","product":"fortiproxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"2.0.0","lessThanOrEqual":"2.0.13","versionType":"semver","status":"affected"}]},{"vendor":"fortinet","product":"fortiproxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-15T16:38:32.476430Z","id":"CVE-2023-42789","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.13","matchCriteriaId":"10E4FB93-7111-4F2A-8D5A-F276261D0E67"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.12","matchCriteriaId":"E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.6","matchCriteriaId":"3F8AA932-A965-4345-8151-9CACDEE114F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9010968B-B839-4B7C-BFB5-6BD9CBCEC166"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.15","matchCriteriaId":"7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.14","matchCriteriaId":"A2B52E22-C64D-4142-885E-6C44FA670574"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.12","matchCriteriaId":"BA582D59-C740-4AE7-83CA-C09A1D0EDA88"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.5","matchCriteriaId":"A6E44123-995C-4E08-84B5-FF8C76B67B29"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"61540F5B-080A-4D44-8BE0-75D7A0DCCB53"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","matchCriteriaId":"17FE168A-0EA4-467C-91D2-87EB6D83917A"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-328","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.com/psirt/FG-IR-23-328","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-42790","sourceIdentifier":"psirt@fortinet.com","published":"2024-03-12T15:15:46.293","lastModified":"2026-07-08T13:16:24.283","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4.0 through 6.4.14, FortiOS 6.2.0 through 6.2.15, FortiProxy 7.4.0, FortiProxy 7.2.0 through 7.2.6, FortiProxy 7.0.0 through 7.0.12, FortiProxy 2.0.0 through 2.0.13, FortiSASE 23.2.b allows attacker to execute unauthorized code or commands via specially crafted HTTP requests."},{"lang":"es","value":"Un desbordamiento de búfer en la región stack de la memoria  en Fortinet FortiOS 7.4.0 a 7.4.1, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, 6.2.0 a 6.2.15, FortiProxy 7.4.0, 7.2.0 a 7.2.6, 7.0.0 a 7.0.12, 2.0.0 a 2.0.13 permiten al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP especialmente manipuladas."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"2.0.0","lessThanOrEqual":"2.0.13","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.1","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.14","versionType":"semver","status":"affected"},{"version":"6.2.0","lessThanOrEqual":"6.2.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-16T04:00:43.736004Z","id":"CVE-2023-42790","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.0.13","matchCriteriaId":"10E4FB93-7111-4F2A-8D5A-F276261D0E67"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.12","matchCriteriaId":"E5E2C1A7-AF13-4DBB-8EB4-49BE54EDABAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.6","matchCriteriaId":"3F8AA932-A965-4345-8151-9CACDEE114F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","matchCriteriaId":"9010968B-B839-4B7C-BFB5-6BD9CBCEC166"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.0","versionEndIncluding":"6.2.15","matchCriteriaId":"7916D6BB-838E-40A0-9C7F-FBE9ECBA0D99"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndIncluding":"6.4.14","matchCriteriaId":"A2B52E22-C64D-4142-885E-6C44FA670574"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.12","matchCriteriaId":"BA582D59-C740-4AE7-83CA-C09A1D0EDA88"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndIncluding":"7.2.5","matchCriteriaId":"A6E44123-995C-4E08-84B5-FF8C76B67B29"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndIncluding":"7.4.1","matchCriteriaId":"2E2A5347-D536-4D43-A163-5B5A3AFE742C"}]}]}],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-23-328","source":"psirt@fortinet.com"},{"url":"https://fortiguard.com/psirt/FG-IR-23-328","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-28735","sourceIdentifier":"cve@mitre.org","published":"2024-03-20T15:15:07.920","lastModified":"2026-07-09T01:18:59.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Unit4 Financials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability which allows an authenticated user to modify the password of any user of the application via a crafted request."},{"lang":"es","value":"Las versiones de Unit4 Financials by Coda anteriores al 2023Q4 sufren una vulnerabilidad de omisión de autorización de control de acceso incorrecto que permite a un usuario autenticado modificar la contraseña de cualquier usuario de la aplicación mediante una solicitud manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"coda","product":"unit_4_financials","defaultStatus":"unknown","cpes":["cpe:2.3:a:coda:unit_4_financials:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"2023Q4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-21T15:13:14.031303Z","id":"CVE-2024-28735","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:unit4:financials_by_coda:*:*:*:*:*:*:*:*","versionEndExcluding":"2023q4","matchCriteriaId":"3B7F43B0-CCAE-41A3-A07F-A29AC20F11FC"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/177620/Financials-By-Coda-Authorization-Bypass.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.unit4.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.unit4.com/products/financial-management-software","source":"cve@mitre.org","tags":["Product"]},{"url":"https://packetstormsecurity.com/files/177620/Financials-By-Coda-Authorization-Bypass.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.unit4.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.unit4.com/products/financial-management-software","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-25294","sourceIdentifier":"cve@mitre.org","published":"2024-03-20T21:15:30.877","lastModified":"2026-07-09T01:18:54.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An SSRF issue in REBUILD v.3.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the FileDownloader.java, proxyDownload,URL parameters."},{"lang":"es","value":"Un problema de SSRF en REBUILD v.3.5 permite a un atacante remoto obtener información confidencial y ejecutar código arbitrario a través de los parámetros FileDownloader.java, proxyDownload y URL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"getrebuild","product":"rebuild","defaultStatus":"unknown","cpes":["cpe:2.3:a:getrebuild:rebuild:3.5:*:*:*:*:*:*:*"],"versions":[{"version":"3.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-02T19:38:26.166306Z","id":"CVE-2024-25294","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:getrebuild:rebuild:3.5.0:*:*:*:*:*:*:*","matchCriteriaId":"987AF568-0211-4AA8-B304-83D160717412"}]}]}],"references":[{"url":"https://deeply-capri-1c8.notion.site/REBUILD-V3-5-2023-12-11-SSRF-30324be04e00477eae472bf75f4f5e0d","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/getrebuild/rebuild/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://deeply-capri-1c8.notion.site/REBUILD-V3-5-2023-12-11-SSRF-30324be04e00477eae472bf75f4f5e0d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://github.com/getrebuild/rebuild/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-24520","sourceIdentifier":"cve@mitre.org","published":"2024-03-21T02:52:10.787","lastModified":"2026-07-09T01:18:54.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place."},{"lang":"es","value":"Un problema en Lepton CMS v.7.0.0 permite a un atacante local ejecutar código arbitrario a través del archivo update.php en el lugar del idioma."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"lepton-cms","product":"leptoncms","defaultStatus":"unknown","cpes":["cpe:2.3:a:lepton-cms:leptoncms:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-10T14:49:51.780428Z","id":"CVE-2024-24520","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lepton-cms:leptoncms:7.0.0:*:*:*:*:*:*:*","matchCriteriaId":"2BF51884-E7D5-4DC4-8EB0-A5B6939B84C5"}]}]}],"references":[{"url":"https://github.com/capture0x/leptoncms","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/xF9979/LEPTON-CMS","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.exploit-db.com/exploits/51949","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/capture0x/leptoncms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/xF9979/LEPTON-CMS","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.exploit-db.com/exploits/51949","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-28386","sourceIdentifier":"cve@mitre.org","published":"2024-03-25T14:15:09.553","lastModified":"2026-07-09T01:18:58.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin() component."},{"lang":"es","value":"Un problema en Home-Made.io fastmagsync v.1.7.51 y anteriores permite a un atacante remoto ejecutar código arbitrario a través del componente getPhpBin()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"home-made_io","product":"fastmagsync","defaultStatus":"unknown","cpes":["cpe:2.3:a:home-made_io:fastmagsync:*:*:*:*:*:*:*:*"],"versions":[{"version":"v1.7.51","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-26T19:26:34.534758Z","id":"CVE-2024-28386","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:home-made:fastmag_sync:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"1.7.51","matchCriteriaId":"32DECB99-6E13-4505-B323-2A7E73BFD6DB"}]}]}],"references":[{"url":"https://reference1.example.com/modules/fastmagsync/crons/cron_mutualise_job_queue.php?hosting=.%20%26%20%20echo%20%27%3C%3Fphp%20echo%20%2242ovh%22%3B%27%20%3E%20a.php%3B%23&syncway=tofastmag","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://security.friendsofpresta.org/modules/2024/03/19/fastmagsync.html","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.home-made.io/module-fastmag-sync-prestashop/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://reference1.example.com/modules/fastmagsync/crons/cron_mutualise_job_queue.php?hosting=.%20%26%20%20echo%20%27%3C%3Fphp%20echo%20%2242ovh%22%3B%27%20%3E%20a.php%3B%23&syncway=tofastmag","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]},{"url":"https://security.friendsofpresta.org/modules/2024/03/19/fastmagsync.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.home-made.io/module-fastmag-sync-prestashop/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-29644","sourceIdentifier":"cve@mitre.org","published":"2024-03-26T12:15:50.353","lastModified":"2026-07-09T01:19:00.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in dcat-admin v.2.1.3 and before allows a remote attacker to execute arbitrary code via a crafted script to the user login box."},{"lang":"es","value":"Vulnerabilidad de cross-site scripting en dcat-admin v.2.1.3 y anteriores permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el cuadro de inicio de sesión del usuario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-05T16:24:36.777009Z","id":"CVE-2024-29644","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:*:*:*:*:*:*:*:*","versionEndIncluding":"1.7.9","matchCriteriaId":"7F4217AF-E0B6-4A5C-8BAF-F86C9B11F558"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.0:beta:*:*:*:*:*:*","matchCriteriaId":"25F5B3A0-A4BC-4E5E-839D-8617411531E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.1:beta:*:*:*:*:*:*","matchCriteriaId":"770BB49B-4092-4731-AA54-FBE69BD328CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.2:beta:*:*:*:*:*:*","matchCriteriaId":"9C20ADEC-2D34-4504-A2A5-04291CF58FFC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.3:beta:*:*:*:*:*:*","matchCriteriaId":"4D1580C7-2CE9-4C50-887F-24B4F2E60DE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.4:beta:*:*:*:*:*:*","matchCriteriaId":"6C85600D-5624-4E2C-B549-C54590F7602F"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.5:beta:*:*:*:*:*:*","matchCriteriaId":"618420AD-26D9-4EFF-B1A0-908E34CF60C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.6:beta:*:*:*:*:*:*","matchCriteriaId":"D31F81F7-9712-4A85-A12A-98F545CDB3BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.7:beta:*:*:*:*:*:*","matchCriteriaId":"95C94A3D-EBFA-4B3C-ACCA-03E4FB13BC0D"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.8:beta:*:*:*:*:*:*","matchCriteriaId":"93467373-3E14-4D30-A672-2C51ABA91CDB"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.9:beta:*:*:*:*:*:*","matchCriteriaId":"7912F297-97FC-4897-B3BE-8B70C683A709"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.10:beta:*:*:*:*:*:*","matchCriteriaId":"52F2CD0C-2AFD-4611-A93B-C56D9805FE3D"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.11:beta:*:*:*:*:*:*","matchCriteriaId":"B7197805-2B42-46DD-A123-6CEA6F34E4BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.12:beta:*:*:*:*:*:*","matchCriteriaId":"BE87FED3-7A9C-404A-A80A-856BE66AF4AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.13:beta:*:*:*:*:*:*","matchCriteriaId":"CAACBFB1-0647-489B-881E-521FD698D459"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.14:beta:*:*:*:*:*:*","matchCriteriaId":"3D3AF413-853D-4EB4-BE5A-F9A2564FD98B"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.15:beta:*:*:*:*:*:*","matchCriteriaId":"7F2DCA57-4823-4D4D-94C3-F90F377C32FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.16:beta:*:*:*:*:*:*","matchCriteriaId":"BB04F8BA-9B0A-4254-9DA4-E005FE60DCF5"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.17:beta:*:*:*:*:*:*","matchCriteriaId":"CEDC8077-A2F3-4818-BB63-0B5D147A6324"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.18:beta:*:*:*:*:*:*","matchCriteriaId":"C745F249-CABC-4305-A783-F24869016783"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.19:beta:*:*:*:*:*:*","matchCriteriaId":"C0CD5762-DAB9-4105-A6C0-1A55047E62D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.20:beta:*:*:*:*:*:*","matchCriteriaId":"397F7A7C-BA39-47D1-A119-F05E6A9749E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.21:beta:*:*:*:*:*:*","matchCriteriaId":"41A8D328-2107-4A62-9760-7CB2154460E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.22:beta:*:*:*:*:*:*","matchCriteriaId":"4FC95D17-7ED8-4C96-8174-0C3FB8D262D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.23:beta:*:*:*:*:*:*","matchCriteriaId":"43317B4C-5D37-4137-8506-550C0E1EB9D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.0.24:beta:*:*:*:*:*:*","matchCriteriaId":"232E98CA-CD74-4031-B9CC-BD0B6F3696FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.1.0:beta:*:*:*:*:*:*","matchCriteriaId":"21B35977-D1A2-486D-BE07-8D94D4BD8FCA"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.1.1:beta:*:*:*:*:*:*","matchCriteriaId":"E2F183CA-2110-4263-A4E5-A8630B614B00"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.1.2:beta:*:*:*:*:*:*","matchCriteriaId":"309A1CED-2697-42D4-AF85-999B90FDBFEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:dcatadmin:dcat_admin:2.1.3:beta:*:*:*:*:*:*","matchCriteriaId":"EA07899B-5D17-4D06-8BFC-A8B19F70B994"}]}]}],"references":[{"url":"https://github.com/jqhph/dcat-admin","source":"cve@mitre.org","tags":["Product"]},{"url":"https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/jqhph/dcat-admin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://www.yuque.com/yangtu-swjrh/oc6nqi/epcbz5y1grl4il1m","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-51148","sourceIdentifier":"cve@mitre.org","published":"2024-03-26T21:15:52.557","lastModified":"2026-07-09T01:18:48.083","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 allows an attacker to execute arbitrary code via the 'mycli' command-line interface component."},{"lang":"es","value":"Un problema en TRENDnet Trendnet AC1200 Dual Band PoE Indoor Wireless Access Point TEW-821DAP v.3.00b06 permite a un atacante ejecutar código arbitrario a través del componente de interfaz de línea de comandos 'mycli'."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"trendnet","product":"tew-821dap_v2.0r_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:trendnet:tew-821dap_v2.0r_firmware:3.00b06:*:*:*:*:*:*:*"],"versions":[{"version":"3.00b6","status":"affected"}]},{"vendor":"trendnet","product":"tew-821dap_v2.5r_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:trendnet:tew-821dap_v2.5r_firmware:3.00b06:*:*:*:*:*:*:*"],"versions":[{"version":"3.00b6","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-03T18:47:13.870963Z","id":"CVE-2023-51148","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:trendnet:tew-821dap_firmware:3.00b06:*:*:*:*:*:*:*","matchCriteriaId":"29817C42-E40F-4D7E-A09E-00EB91A4A4A8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:trendnet:tew-821dap:2.0r:*:*:*:*:*:*:*","matchCriteriaId":"8AB5C32D-23DA-4342-8D03-3647784080FD"},{"vulnerable":false,"criteria":"cpe:2.3:h:trendnet:tew-821dap:2.5r:*:*:*:*:*:*:*","matchCriteriaId":"A40D1398-67B5-46F1-8AC7-898E022FC0D7"}]}]}],"references":[{"url":"https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/SpikeReply/advisories/blob/main/cve/trendnet/cve-2023-51148.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-28713","sourceIdentifier":"cve@mitre.org","published":"2024-03-28T19:15:48.630","lastModified":"2026-07-09T01:18:59.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature."},{"lang":"es","value":"Un problema en Mblog Blog system v.3.5.0 permite a un atacante ejecutar código arbitrario a través de un archivo manipulado en la función de administración de temas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"mblog_project","product":"mblog","defaultStatus":"unknown","cpes":["cpe:2.3:a:mblog_project:mblog:3.5.0:*:*:*:*:*:*:*"],"versions":[{"version":"3.5.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T19:14:59.734306Z","id":"CVE-2024-28713","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mtons:mblog:3.5.0:*:*:*:*:*:*:*","matchCriteriaId":"7135A290-DFC5-4C7B-90E2-EAFEA4FE0ED0"}]}]}],"references":[{"url":"https://gitee.com/mtons/mblog","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%871.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%872.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%873.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%874.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%875.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/Mblog%20blog%20system%20has%20SSTI%20template%20injection%20vulnerability.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gitee.com/mtons/mblog","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%871.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%872.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%873.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%874.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/%E5%9B%BE%E7%89%875.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/JiangXiaoBaiJia/cve/blob/main/Mblog%20blog%20system%20has%20SSTI%20template%20injection%20vulnerability.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/ssti-in-mblog-351-a-tale-of-a-glorified-rce-cve-2024-28713-28714","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mitigation","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-31064","sourceIdentifier":"cve@mitre.org","published":"2024-03-28T19:15:49.057","lastModified":"2026-07-09T01:19:00.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field."},{"lang":"es","value":"Vulnerabilidad de cross-site scripting en Insurance Mangement System v.1.0.0 y anteriores permite a un atacante remoto ejecutar código arbitrario a través del campo de entrada Nombre."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-28T19:49:05.700812Z","id":"CVE-2024-31064","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:munyweki:insurance_management_system:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0","matchCriteriaId":"9E11EAE0-18B6-4695-B869-6184033C47B1"}]}]}],"references":[{"url":"https://drive.google.com/file/d/1yTIeXAPs3PJcQwj9gxhvs92zTdBwKGVB/view?usp=sharing","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://github.com/sahildari/cve/blob/master/CVE-2024-31064.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://drive.google.com/file/d/1yTIeXAPs3PJcQwj9gxhvs92zTdBwKGVB/view?usp=sharing","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://github.com/sahildari/cve/blob/master/CVE-2024-31064.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-28714","sourceIdentifier":"cve@mitre.org","published":"2024-03-28T23:15:46.410","lastModified":"2026-07-09T01:18:59.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en el sistema de comercio electrónico CRMEB_Java v.1.3.4 permite a un atacante ejecutar código arbitrario a través del parámetro groupid."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"crmeb","product":"crmeb_java","defaultStatus":"unknown","cpes":["cpe:2.3:a:crmeb:crmeb_java:1.3.4:*:*:*:*:*:*:*"],"versions":[{"version":"1.3.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-16T20:55:29.170449Z","id":"CVE-2024-28714","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:crmeb:crmeb_java:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.4","matchCriteriaId":"7B87506E-26F7-4CA1-A01B-16898322A42D"}]}]}],"references":[{"url":"https://gitee.com/ZhongBangKeJi/crmeb_java","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/JiangXiaoBaiJia/cve2/blob/main/1.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/JiangXiaoBaiJia/cve2/blob/main/a.png","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://gitee.com/ZhongBangKeJi/crmeb_java","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/JiangXiaoBaiJia/cve2/blob/main/1.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/JiangXiaoBaiJia/cve2/blob/main/a.png","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.vicarius.io/vsociety/posts/ssti-in-mblog-351-a-tale-of-a-glorified-rce-cve-2024-28713-28714","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2024-27619","sourceIdentifier":"cve@mitre.org","published":"2024-03-29T15:15:11.057","lastModified":"2026-07-09T01:18:57.330","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot."},{"lang":"es","value":"La revisión Dlink Dir-3040us A1 1.20b03a es vulnerable al desbordamiento del búfer. Cualquier usuario que tenga acceso de lectura/escritura al servidor ftp puede escribir directamente en la RAM, provocando un desbordamiento del búfer si el archivo o los archivos cargados son mayores que la RAM disponible. El servidor Ftp permite cambiar el directorio a la raíz, que está un nivel por encima de la raíz del directorio flash USB. Durante la carga, la RAM se llena y provoca que se agoten los recursos del sistema (no hay memoria libre), lo que provoca que el sistema falle y se reinicie."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"dlink","product":"dir-3040_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:dlink:dir-3040_firmware:1.20b03:*:*:*:*:*:*:*"],"versions":[{"version":"1.20b03","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-09-04T16:04:38.318016Z","id":"CVE-2024-27619","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://github.com/ioprojecton/dir-3040_dos","source":"cve@mitre.org"},{"url":"https://www.dlink.com/en/security-bulletin/","source":"cve@mitre.org"},{"url":"https://github.com/ioprojecton/dir-3040_dos","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.dlink.com/en/security-bulletin/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-29640","sourceIdentifier":"cve@mitre.org","published":"2024-03-29T17:15:12.380","lastModified":"2026-07-09T01:19:00.243","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in aliyundrive-webdav v.2.3.3 and before allows a remote attacker to execute arbitrary code via a crafted payload to the sid parameter in the action_query_qrcode component."},{"lang":"es","value":"Un problema en aliyundrive-webdav v.2.3.3 y anteriores permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado para el parámetro sid en el componente action_query_qrcode."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"messense","product":"aliyundrive-webdav","defaultStatus":"unknown","cpes":["cpe:2.3:a:messense:aliyundrive-webdav:2.3.3:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"2.3.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-29T19:01:55.657053Z","id":"CVE-2024-29640","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/lakemoon602/vuln/blob/main/detail.md","source":"cve@mitre.org"},{"url":"https://github.com/messense/aliyundrive-webdav","source":"cve@mitre.org"},{"url":"https://github.com/lakemoon602/vuln/blob/main/detail.md","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/messense/aliyundrive-webdav","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-22780","sourceIdentifier":"cve@mitre.org","published":"2024-04-02T15:15:52.817","lastModified":"2026-07-09T01:18:50.340","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en CA17 TeamsACS v.1.0.1 permite a un atacante remoto ejecutar código arbitrario a través de un script manipulado en el parámetro errmsg."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-10T13:20:50.211175Z","id":"CVE-2024-22780","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://fuo.fi/CVE-2024-22780/","source":"cve@mitre.org"},{"url":"https://github.com/CA17/TeamsACS","source":"cve@mitre.org"},{"url":"https://fuo.fi/CVE-2024-22780/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/CA17/TeamsACS","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-29477","sourceIdentifier":"cve@mitre.org","published":"2024-04-03T12:15:13.353","lastModified":"2026-07-09T01:19:00.047","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of sanitization during Installation Process in Dolibarr ERP CRM up to version 19.0.0 allows an attacker with adjacent access to the network to execute arbitrary code via a specifically crafted input."},{"lang":"es","value":"La falta de sanitización durante el proceso de instalación en Dolibarr ERP CRM hasta la versión 19.0.0 permite que un atacante con acceso adyacente a la red ejecute código arbitrario a través de una entrada específicamente manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-03T14:57:17.605024Z","id":"CVE-2024-29477","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-94"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*","versionEndExcluding":"19.0.1","matchCriteriaId":"CF5533A5-6CDB-4FB2-9031-A3758F995F0F"}]}]}],"references":[{"url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-29477.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-27620","sourceIdentifier":"cve@mitre.org","published":"2024-04-06T19:15:07.183","lastModified":"2026-07-09T01:18:57.620","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Ladder v.0.0.1 thru v.0.0.21 allows a remote attacker to obtain sensitive information via a crafted request to the API."},{"lang":"es","value":"Un problema en Ladder v.0.0.1 a v.0.0.21 permite a un atacante remoto obtener información confidencial a través de una solicitud manipulada a la API."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"everywall","product":"ladder","defaultStatus":"unknown","cpes":["cpe:2.3:a:everywall:ladder:*:*:*:*:*:*:*:*"],"versions":[{"version":"0.0.1","lessThanOrEqual":"0.0.21","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-31T18:28:23.764700Z","id":"CVE-2024-27620","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://everywall.github.io/","source":"cve@mitre.org"},{"url":"https://packetstormsecurity.com/files/177506/Ladder-0.0.21-Server-Side-Request-Forgery.html","source":"cve@mitre.org"},{"url":"https://everywall.github.io/","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://packetstormsecurity.com/files/177506/Ladder-0.0.21-Server-Side-Request-Forgery.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23082","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T18:15:08.460","lastModified":"2026-07-09T01:18:53.310","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"ThreeTen Backport v1.6.8 was discovered to contain an integer overflow via the component org.threeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que ThreeTen Backport v1.6.8 contiene un desbordamiento de enteros a través del componente org.treeten.bp.format.DateTimeFormatter::parse(CharSequence, ParsePosition)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-08T19:58:46.812131Z","id":"CVE-2024-23082","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://gist.github.com/LLM4IG/d2618f5f4e5ac37eb75cff5617e58b90","source":"cve@mitre.org"},{"url":"https://github.com/ThreeTen/threetenbp","source":"cve@mitre.org"},{"url":"https://gist.github.com/LLM4IG/d2618f5f4e5ac37eb75cff5617e58b90","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/ThreeTen/threetenbp","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23078","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T20:15:08.500","lastModified":"2026-07-09T01:18:52.753","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que JGraphT Core v1.5.2 contenía una NullPointerException a través del componente org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jgrapht","product":"core","defaultStatus":"unknown","cpes":["cpe:2.3:a:jgrapht:core:v1.5.2:*:*:*:*:*:*:*"],"versions":[{"version":"v1.5.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-10T19:23:16.899809Z","id":"CVE-2024-23078","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://gist.github.com/LLM4IG/5feabadf06a88102df316174123e2770","source":"cve@mitre.org"},{"url":"https://github.com/jgrapht/jgrapht","source":"cve@mitre.org"},{"url":"https://gist.github.com/LLM4IG/5feabadf06a88102df316174123e2770","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/jgrapht/jgrapht","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23085","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T20:15:08.567","lastModified":"2026-07-09T01:18:53.713","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Apfloat v1.10.1 was discovered to contain a NullPointerException via the component org.apfloat.internal.DoubleScramble::scramble(double[], int, int[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que Apfloat v1.10.1 contenía una NullPointerException a través del componente org.apfloat.internal.DoubleScramble::scramble(double[], int, int[])."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"mtommila","product":"apfloat","defaultStatus":"unknown","cpes":["cpe:2.3:a:mtommila:apfloat:1.10.1:*:*:*:*:*:*:*"],"versions":[{"version":"1.10.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-18T17:04:44.521021Z","id":"CVE-2024-23085","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-690"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mikkotommila:apfloat:1.10.1:*:*:*:*:*:*:*","matchCriteriaId":"6DBD1DD6-A0E5-47D8-B18E-B9B97C1EE75C"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/a4a54fc4abe044976a66af9fffedfc94","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/a4a54fc4abe044976a66af9fffedfc94","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-23086","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T20:15:08.620","lastModified":"2026-07-09T01:18:53.867","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Apfloat v1.10.1 was discovered to contain a stack overflow via the component org.apfloat.internal.DoubleModMath::modPow(double. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que Apfloat v1.10.1 contiene un desbordamiento de pila a través del componente org.apfloat.internal.DoubleModMath::modPow(double."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"mtommila","product":"apfloat","defaultStatus":"unknown","cpes":["cpe:2.3:a:mtommila:apfloat:1.10.1:*:*:*:*:*:*:*"],"versions":[{"version":"1.10.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-09T19:07:02.676041Z","id":"CVE-2024-23086","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mikkotommila:apfloat:1.10.1:*:*:*:*:*:*:*","matchCriteriaId":"6DBD1DD6-A0E5-47D8-B18E-B9B97C1EE75C"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/63ad1a4d1e3955043b7a90fdbf36676b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/63ad1a4d1e3955043b7a90fdbf36676b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-22949","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T23:15:07.647","lastModified":"2026-07-09T01:18:51.793","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /chart/annotations/CategoryLineAnnotation. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que JFreeChart v1.5.4 contenía una excepción NullPointerException a través del componente /chart/annotations/CategoryLineAnnotation."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jfree","product":"jfreechart","defaultStatus":"unknown","cpes":["cpe:2.3:o:jfree:jfreechart:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-09T19:08:36.486190Z","id":"CVE-2024-22949","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jfree:jfreechart:1.5.4:*:*:*:*:*:*:*","matchCriteriaId":"4DC9D75E-294E-44D6-BDA5-7D6BC240BBE0"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/35c46e009b205ef6acd0e290e80fb876","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/35c46e009b205ef6acd0e290e80fb876","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-23079","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T23:15:07.703","lastModified":"2026-07-09T01:18:52.900","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JGraphT Core v1.5.2 was discovered to contain a NullPointerException via the component org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que JGraphT Core v1.5.2 contenía una NullPointerException a través del componente org.jgrapht.alg.util.ToleranceDoubleComparator::compare(Double, Double)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T15:37:37.823774Z","id":"CVE-2024-23079","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"references":[{"url":"https://gist.github.com/LLM4IG/c19779800945cd0a400d2150fb83d079","source":"cve@mitre.org"},{"url":"https://github.com/jgrapht/jgrapht","source":"cve@mitre.org"},{"url":"https://gist.github.com/LLM4IG/c19779800945cd0a400d2150fb83d079","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/jgrapht/jgrapht","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23081","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T23:15:07.757","lastModified":"2026-07-09T01:18:53.187","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"ThreeTen Backport v1.6.8 was discovered to contain a NullPointerException via the component org.threeten.bp.LocalDate::compareTo(ChronoLocalDate). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que ThreeTen Backport v1.6.8 contenía una excepción NullPointerException a través del componente org.treeten.bp.LocalDate::compareTo(ChronoLocalDate)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-09T15:39:34.264864Z","id":"CVE-2024-23081","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:threeten:threeten_backport:1.6.8:*:*:*:*:*:*:*","matchCriteriaId":"8D09D261-8F05-4520-BD47-7470DD0B01AF"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/3cc9183dcd887020368a0bafeafec5e3","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/ThreeTen/threetenbp","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/3cc9183dcd887020368a0bafeafec5e3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/ThreeTen/threetenbp","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-23084","sourceIdentifier":"cve@mitre.org","published":"2024-04-08T23:15:07.803","lastModified":"2026-07-09T01:18:53.560","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsException via the component org.apfloat.internal.DoubleCRTMath::add(double[], double[]). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que Apfloat v1.10.1 contenía una excepción ArrayIndexOutOfBoundsException a través del componente org.apfloat.internal.DoubleCRTMath::add(double[], double[])."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"apfloat","product":"apfloat","defaultStatus":"unknown","cpes":["cpe:2.3:a:apfloat:apfloat:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.10.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-20T14:46:59.578081Z","id":"CVE-2024-23084","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mikkotommila:apfloat:1.10.1:*:*:*:*:*:*:*","matchCriteriaId":"6DBD1DD6-A0E5-47D8-B18E-B9B97C1EE75C"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/5b7dd0a87db14d9c95d4c0ea62e0195b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/5b7dd0a87db14d9c95d4c0ea62e0195b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/mtommila/apfloat","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-23076","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T12:15:09.190","lastModified":"2026-07-09T01:18:52.433","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JFreeChart v1.5.4 was discovered to contain a NullPointerException via the component /labels/BubbleXYItemLabelGenerator.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que FreeChart v1.5.4 contenía una excepción NullPointerException a través del componente /labels/BubbleXYItemLabelGenerator.java."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jfree","product":"jfreechart","defaultStatus":"unknown","cpes":["cpe:2.3:o:jfree:jfreechart:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-11T16:51:09.885636Z","id":"CVE-2024-23076","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jfree:jfreechart:1.5.4:*:*:*:*:*:*:*","matchCriteriaId":"4DC9D75E-294E-44D6-BDA5-7D6BC240BBE0"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/115de1f7c3051403f0301cee0d293518","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/115de1f7c3051403f0301cee0d293518","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-23080","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T13:51:38.547","lastModified":"2026-07-09T01:18:53.040","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Joda Time v2.12.5 was discovered to contain a NullPointerException via the component org.joda.time.format.PeriodFormat::wordBased(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que Joda Time v2.12.5 contenía una NullPointerException a través del componente org.joda.time.format.PeriodFormat::wordBased(Locale)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"joda","product":"joda_time","defaultStatus":"unknown","cpes":["cpe:2.3:a:joda:joda_time:2.12.5:*:*:*:*:*:*:*"],"versions":[{"version":"2.12.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-27T14:08:34.194909Z","id":"CVE-2024-23080","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://gist.github.com/LLM4IG/6614bfa658295d7af07a6d37e06db27f","source":"cve@mitre.org"},{"url":"https://github.com/JodaOrg/joda-time","source":"cve@mitre.org"},{"url":"https://gist.github.com/LLM4IG/6614bfa658295d7af07a6d37e06db27f","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/JodaOrg/joda-time","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23083","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T14:15:07.430","lastModified":"2026-07-09T01:18:53.413","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Time4J Base v5.9.3 was discovered to contain a NullPointerException via the component net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale). NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que Time4J Base v5.9.3 contenía una excepción NullPointerException a través del componente net.time4j.format.internal.FormatUtils::useDefaultWeekmodel(Locale)."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-10T19:34:47.437272Z","id":"CVE-2024-23083","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://gist.github.com/LLM4IG/624598834f6699e3617d47c675227e97","source":"cve@mitre.org"},{"url":"https://github.com/MenoData/Time4J","source":"cve@mitre.org"},{"url":"https://gist.github.com/LLM4IG/624598834f6699e3617d47c675227e97","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/MenoData/Time4J","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-29296","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T15:16:05.033","lastModified":"2026-07-09T01:18:59.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not."},{"lang":"es","value":"Se encontró una vulnerabilidad de enumeración de usuarios en Portainer CE 2.19.4. Este problema ocurre durante el proceso de autenticación del usuario, donde una diferencia en el tiempo de respuesta podría permitir que un usuario remoto no autenticado determine si un nombre de usuario es válido o no."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"portainer","product":"portainer","defaultStatus":"unknown","cpes":["cpe:2.3:a:portainer:portainer:2.19.4:*:*:*:*:*:*:*"],"versions":[{"version":"2.19.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-22T18:55:19.097416Z","id":"CVE-2024-29296","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-286"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:portainer:portainer:2.19.4:*:*:*:*:*:*:*","matchCriteriaId":"F2EA041E-ED2F-4E11-B20E-853AF3EEA140"}]}]}],"references":[{"url":"https://github.com/ThaySolis/CVE-2024-29296","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ThaySolis/CVE-2024-29296","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-52070","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T19:15:48.973","lastModified":"2026-07-09T01:18:50.147","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(int index, int type)' method. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que JFreeChart v1.5.4 era vulnerable a ArrayIndexOutOfBounds mediante el método 'setSeriesNeedle(int index, int type)'. NOTA: esto es cuestionado por varios terceros que creen que no había pruebas razonables para determinar la existencia de una vulnerabilidad. Es posible que la presentación se haya basado en una herramienta que no es lo suficientemente sólida para la identificación de vulnerabilidades."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jfree","product":"jfreechart","defaultStatus":"unknown","cpes":["cpe:2.3:o:jfree:jfreechart:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-10T19:34:05.407897Z","id":"CVE-2023-52070","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jfree:jfreechart:1.5.4:*:*:*:*:*:*:*","matchCriteriaId":"4DC9D75E-294E-44D6-BDA5-7D6BC240BBE0"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-23077","sourceIdentifier":"cve@mitre.org","published":"2024-04-10T19:15:49.020","lastModified":"2026-07-09T01:18:52.600","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the component /chart/plot/CompassPlot.java. NOTE: this is disputed by multiple third parties who believe there was not reasonable evidence to determine the existence of a vulnerability. The submission may have been based on a tool that is not sufficiently robust for vulnerability identification."},{"lang":"es","value":"Se descubrió que JFreeChart v1.5.4 era vulnerable a ArrayIndexOutOfBounds a través del componente /chart/plot/CompassPlot.java. NOTA: esto es cuestionado por varios terceros que creen que no había pruebas razonables para determinar la existencia de una vulnerabilidad. Es posible que la presentación se haya basado en una herramienta que no es lo suficientemente sólida para la identificación de vulnerabilidades."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jfree","product":"jfreechart","defaultStatus":"unknown","cpes":["cpe:2.3:o:jfree:jfreechart:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-21T13:38:08.905536Z","id":"CVE-2024-23077","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jfree:jfreechart:1.5.4:*:*:*:*:*:*:*","matchCriteriaId":"4DC9D75E-294E-44D6-BDA5-7D6BC240BBE0"}]}]}],"references":[{"url":"https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gist.github.com/LLM4IG/f55de46e65fb5a19b7815adb36fd858b","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://github.com/jfree/jfreechart","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2023-51141","sourceIdentifier":"cve@mitre.org","published":"2024-04-11T01:22:43.520","lastModified":"2026-07-09T01:18:47.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in ZKTeko BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information via the Authentication & Authorization component"},{"lang":"es","value":"Un problema en ZKTeko BioTime v.8.5.4 y anteriores permite a un atacante remoto obtener información confidencial a través del componente Autenticación y Autorización"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"zkteco","product":"biotime","defaultStatus":"unknown","cpes":["cpe:2.3:a:zkteco:biotime:*:*:*:*:*:*:*:*"],"versions":[{"version":"8.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-11T17:26:03.815450Z","id":"CVE-2023-51141","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:8.5.4:*:*:*:*:*:*:*","matchCriteriaId":"20A9D002-3A4D-46FA-A968-9137069B9C07"}]}]}],"references":[{"url":"https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/ipxsec/1680d29c49fe368be81b037168175b10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-51142","sourceIdentifier":"cve@mitre.org","published":"2024-04-11T01:22:43.563","lastModified":"2026-07-09T01:18:47.910","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive information."},{"lang":"es","value":"Un problema en ZKTeco BioTime v.8.5.4 y anteriores permite a un atacante remoto obtener información confidencial."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"zkteco","product":"biotime","defaultStatus":"unknown","cpes":["cpe:2.3:a:zkteco:biotime:8.5.4:*:*:*:*:*:*:*"],"versions":[{"version":"8.5.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-17T15:10:13.605956Z","id":"CVE-2023-51142","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:zkteco:biotime:8.5.4:*:*:*:*:*:*:*","matchCriteriaId":"20A9D002-3A4D-46FA-A968-9137069B9C07"}]}]}],"references":[{"url":"https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.zkteco.com/en/Security_Bulletinsibs/14","source":"cve@mitre.org"},{"url":"https://gist.github.com/ipxsec/b20383620c9e1d5300f7716e62e8a82f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-32161","sourceIdentifier":"cve@mitre.org","published":"2024-04-17T18:15:16.337","lastModified":"2026-07-09T01:19:01.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jizhiCMS 2.5 suffers from a File upload vulnerability."},{"lang":"es","value":"jizhiCMS 2.5 sufre una vulnerabilidad de carga de archivos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jizhicms","product":"jizhicms","defaultStatus":"unknown","cpes":["cpe:2.3:a:jizhicms:jizhicms:2.5:*:*:*:*:*:*:*"],"versions":[{"version":"2.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-25T18:11:55.458824Z","id":"CVE-2024-32161","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jizhicms:jizhicms:2.5.0:*:*:*:*:*:*:*","matchCriteriaId":"8C98DA79-C3EC-4D8A-8322-40247465CD8C"}]}]}],"references":[{"url":"https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/jizhicms%20v_2.5.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/jizhicms%20v_2.5.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-32162","sourceIdentifier":"cve@mitre.org","published":"2024-04-17T19:15:08.060","lastModified":"2026-07-09T01:19:01.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CMSeasy 7.7.7.9 is vulnerable to Arbitrary file deletion."},{"lang":"es","value":"CMSeasy 7.7.7.9 es vulnerable a la eliminación arbitraria de archivos."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"cmseasy","product":"cmseasy","defaultStatus":"unknown","cpes":["cpe:2.3:a:cmseasy:cmseasy:7.7.7.9:*:*:*:*:*:*:*"],"versions":[{"version":"7.7.7.9","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-16T15:30:15.651155Z","id":"CVE-2024-32162","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-791"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cmseasy:cmseasy:7.7.7.9:*:*:*:*:*:*:*","matchCriteriaId":"C47FE864-5B8E-428F-80DC-AA29EDB454DA"}]}]}],"references":[{"url":"https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/CMSeasy_7.7.7_file_deletion.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/XiLitter/CMS_vulnerability-discovery/blob/main/CMSeasy_7.7.7_file_deletion.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-32206","sourceIdentifier":"cve@mitre.org","published":"2024-04-19T16:15:10.827","lastModified":"2026-07-09T01:19:01.453","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the component \\affiche\\admin\\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross Site Scripting (XSS) almacenadas en el componente \\affiche\\admin\\index.php de WUZHICMS v4.1.0 permite a los atacantes ejecutar scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el parámetro $formdata."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"wuzhicms","product":"wuzhicms","defaultStatus":"unknown","cpes":["cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*"],"versions":[{"version":"4.1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-22T16:36:26.797699Z","id":"CVE-2024-32206","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*","matchCriteriaId":"2B76E69A-B2F3-4359-A7C0-046CEE2FAEEB"}]}]}],"references":[{"url":"https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0%20Stored%20Xss%20In%20Affiche%20Model.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/wuzhicms/wuzhicms","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/majic-banana/vulnerability/blob/main/POC/WUZHICMS4.1.0%20Stored%20Xss%20In%20Affiche%20Model.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/wuzhicms/wuzhicms","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-32409","sourceIdentifier":"cve@mitre.org","published":"2024-04-19T16:15:10.883","lastModified":"2026-07-09T01:19:01.770","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script."},{"lang":"es","value":"Un problema en SEMCMS v.4.8 permite a un atacante remoto ejecutar código arbitrario a través de un scriptmanipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"sem-cms","product":"semcms","defaultStatus":"unknown","cpes":["cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:*"],"versions":[{"version":"4.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-22T19:00:48.338809Z","id":"CVE-2024-32409","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sem-cms:semcms:4.8:*:*:*:*:*:*:*","matchCriteriaId":"BD382DC4-F472-49F5-AA7E-939EC76D4E8F"}]}]}],"references":[{"url":"http://www.sem-cms.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://gitee.com/whats-the-bad-idea/cve","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"http://www.sem-cms.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://gitee.com/whats-the-bad-idea/cve","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-28722","sourceIdentifier":"cve@mitre.org","published":"2024-04-22T01:15:47.257","lastModified":"2026-07-09T01:18:59.580","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Innovaphone myPBX v.14r1, v.13r3, v.12r2 allows a remote attacker to execute arbitrary code via the query parameter to the /CMD0/xml_modes.xml endpoint"},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en Innovaphone myPBX v.14r1, v.13r3, v.12r2 permite a un atacante remoto ejecutar código arbitrario a través del parámetro de consulta en el endpoint /CMD0/xml_modes.xml"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"innovaphone","product":"innovaphone_pbx","defaultStatus":"unknown","cpes":["cpe:2.3:a:innovaphone:innovaphone_pbx:v.12r2:*:*:*:*:*:*:*"],"versions":[{"version":"v.12r2","status":"affected"}]},{"vendor":"innovaphone","product":"innovaphone_pbx","defaultStatus":"unknown","cpes":["cpe:2.3:a:innovaphone:innovaphone_pbx:v.14.r1:*:*:*:*:*:*:*"],"versions":[{"version":"v.14.r1","status":"affected"}]},{"vendor":"innovaphone","product":"innovaphone_pbx","defaultStatus":"unknown","cpes":["cpe:2.3:a:innovaphone:innovaphone_pbx:v.13r3:*:*:*:*:*:*:*"],"versions":[{"version":"v.13r3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-22T14:32:59.315361Z","id":"CVE-2024-28722","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://wiki.innovaphone.com/index.php?title=Reference14r1:Release_Notes_Firmware#159317_-_Advanced_UI:_Prevent_XSL_injection","source":"cve@mitre.org"},{"url":"https://wiki.innovaphone.com/index.php?title=Reference14r1:Release_Notes_Firmware#159317_-_Advanced_UI:_Prevent_XSL_injection","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-28699","sourceIdentifier":"cve@mitre.org","published":"2024-04-22T15:15:47.757","lastModified":"2026-07-09T01:18:59.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability in pdf2json v0.70 allows a local attacker to execute arbitrary code via the GString::copy() and ImgOutputDev::ImgOutputDev function."},{"lang":"es","value":"Una vulnerabilidad de desbordamiento de búfer en pdf2json v0.70 permite a un atacante local ejecutar código arbitrario a través de las funciones GString::copy() e ImgOutputDev::ImgOutputDev."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"json","product":"pdf2json","defaultStatus":"unknown","cpes":["cpe:2.3:a:json:pdf2json:0.70:*:*:*:*:*:*:*"],"versions":[{"version":"0.70","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-14T17:46:57.000478Z","id":"CVE-2024-28699","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/flexpaper/pdf2json","source":"cve@mitre.org"},{"url":"https://github.com/flexpaper/pdf2json/issues/52","source":"cve@mitre.org"},{"url":"https://github.com/flexpaper/pdf2json","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/flexpaper/pdf2json/issues/52","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-28328","sourceIdentifier":"cve@mitre.org","published":"2024-04-26T15:15:48.687","lastModified":"2026-07-09T01:18:58.760","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject arbitrary commands or formulas in the client name parameter which can be triggered and executed in a different user session upon exporting to CSV format."},{"lang":"es","value":"La vulnerabilidad de inyección CSV en el router Asus RT-N12+ permite a los usuarios administradores inyectar comandos o fórmulas arbitrarias en el parámetro de nombre del cliente que pueden activarse y ejecutarse en una sesión de usuario diferente al exportar al formato CSV."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"asus","product":"rt-n12\\+_b1_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:asus:rt-n12\\+_b1_firmware:3.0.0.4.380.10931:*:*:*:*:*:*:*"],"versions":[{"version":"3.0.0.4.380.10931","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-06T20:55:06.199650Z","id":"CVE-2024-28328","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/CSV-Injection-CVE%E2%80%902024%E2%80%9028328","source":"cve@mitre.org"},{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/CSV-Injection-CVE%E2%80%902024%E2%80%9028328","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://redfoxsec.com/blog/asus-rt-n12-b1s-csv-injection-cve%E2%80%902024%E2%80%9028328/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2024-28325","sourceIdentifier":"cve@mitre.org","published":"2024-04-26T19:15:47.597","lastModified":"2026-07-09T01:18:57.883","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings."},{"lang":"es","value":"El router Asus RT-N12+ B1 almacena las credenciales en texto plano, lo que podría permitir a atacantes locales obtener acceso no autorizado y modificar la configuración del router."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"asus","product":"rt-n12\\+_b1","defaultStatus":"unknown","cpes":["cpe:2.3:h:asus:rt-n12\\+_b1:-:*:*:*:*:*:*:*"],"versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:L","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.3,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-29T18:06:36.913440Z","id":"CVE-2024-28325","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-256"},{"lang":"en","value":"CWE-522"}]}],"references":[{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Credentials-Stored-in-Cleartext-CVE%E2%80%902024%E2%80%9028325","source":"cve@mitre.org"},{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Credentials-Stored-in-Cleartext-CVE%E2%80%902024%E2%80%9028325","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-28327","sourceIdentifier":"cve@mitre.org","published":"2024-04-26T19:15:47.657","lastModified":"2026-07-09T01:18:58.520","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Asus RT-N12+ B1 router stores user passwords in plaintext, which could allow local attackers to obtain unauthorized access and modify router settings."},{"lang":"es","value":"El router Asus RT-N12+ B1 almacena las contraseñas de los usuarios en texto plano, lo que podría permitir a atacantes locales obtener acceso no autorizado y modificar la configuración del router."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"asus","product":"rt-n12\\+_b1","defaultStatus":"unknown","cpes":["cpe:2.3:h:asus:rt-n12\\+_b1:-:*:*:*:*:*:*:*"],"versions":[{"version":"0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-15T15:36:04.845191Z","id":"CVE-2024-28327","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-312"}]}],"references":[{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Insecure-Credential-Storage-CVE%E2%80%902024%E2%80%9028327","source":"cve@mitre.org"},{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Insecure-Credential-Storage-CVE%E2%80%902024%E2%80%9028327","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-25343","sourceIdentifier":"cve@mitre.org","published":"2024-04-26T20:15:07.427","lastModified":"2026-07-09T01:18:55.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda N300 F3 router vulnerability allows users to bypass intended security policy and create weak passwords."},{"lang":"es","value":"La vulnerabilidad del router Tenda N300 F3 permite a los usuarios eludir la política de seguridad prevista y crear contraseñas débiles."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"n300","defaultStatus":"unknown","cpes":["cpe:2.3:h:tenda:n300:-:*:*:*:*:*:*:*"],"versions":[{"version":"N300 F3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-03T15:00:51.755913Z","id":"CVE-2024-25343","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:n300_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"7988CA12-B45D-4B7F-8B1C-EBFCA962ACAA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:n300:-:*:*:*:*:*:*:*","matchCriteriaId":"64464B02-CC9C-4086-8EBE-CAFC797239C8"}]}]}],"references":[{"url":"https://github.com/ShravanSinghRathore/Tenda-N300-F3-Router/wiki/Password-Policy-Bypass-Vulnerability-CVE%E2%80%902024%E2%80%9025343","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/ShravanSinghRathore/Tenda-N300-F3-Router/wiki/Password-Policy-Bypass-Vulnerability-CVE%E2%80%902024%E2%80%9025343","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-28326","sourceIdentifier":"cve@mitre.org","published":"2024-04-26T20:15:07.480","lastModified":"2026-07-09T01:18:58.210","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect Access Control in ASUS RT-N12+ B1 and RT-N12 D1 routers allows local attackers to obtain root terminal access via the the UART interface."},{"lang":"es","value":"El control de acceso incorrecto en los routers Asus RT-N12+ B1 permite a atacantes locales obtener acceso al terminal raíz a través de la interfaz UART."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"asus","product":"rt-n12\\+_b1_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:a:asus:rt-n12\\+_b1_firmware:-:*:*:*:*:*:*:*"],"versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-26T20:34:00.460108Z","id":"CVE-2024-28326","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-1263"}]}],"references":[{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Privilege-Escalation-CVE%E2%80%902024%E2%80%9028326","source":"cve@mitre.org"},{"url":"https://github.com/ShravanSinghRathore/ASUS-RT-N300-B1/wiki/Privilege-Escalation-CVE%E2%80%902024%E2%80%9028326","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-33270","sourceIdentifier":"cve@mitre.org","published":"2024-04-30T15:15:53.020","lastModified":"2026-07-09T01:19:02.113","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in FME Modules fileuploads v.2.0.3 and before and fixed in v2.0.4 allows a remote attacker to obtain sensitive information via the uploadfiles.php component."},{"lang":"es","value":"Un problema en FME Modules fileuploads v.2.0.3 y anteriores y solucionado en v2.0.4 permite a un atacante remoto obtener información confidencial a través del componente uploadfiles.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"prestashop","product":"prestashop","defaultStatus":"unknown","cpes":["cpe:2.3:a:prestashop:prestashop:-:*:*:*:*:*:*:*"],"versions":[{"version":"2.03","lessThan":"2.04","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-04-30T19:10:03.499942Z","id":"CVE-2024-33270","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://addons.prestashop.com/en/additional-information-product-tab/21373-customer-file-upload-attach-file-on-productcart-pages.html","source":"cve@mitre.org"},{"url":"https://security.friendsofpresta.org/modules/2024/04/29/fileuploads.html","source":"cve@mitre.org"},{"url":"https://addons.prestashop.com/en/additional-information-product-tab/21373-customer-file-upload-attach-file-on-productcart-pages.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.friendsofpresta.org/modules/2024/04/29/fileuploads.html","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-22830","sourceIdentifier":"cve@mitre.org","published":"2024-05-01T19:15:22.030","lastModified":"2026-07-09T01:18:50.500","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Anti-Cheat Expert's Windows kernel module \"ACE-BASE.sys\" version 1.0.2202.6217 does not perform proper access control when handling system resources. This allows a local attacker to escalate privileges from regular user to System or PPL level."},{"lang":"es","value":"El módulo del kernel de Windows de Anti-Cheat Expert \"ACE-BASE.sys\" versión 1.0.2202.6217 no realiza un control de acceso adecuado cuando maneja los recursos del sistema. Esto permite a un atacante local escalar privilegios desde el nivel de usuario normal al nivel de Sistema o PPL."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"windows-kernel","product":"ace-base-sys","defaultStatus":"unknown","cpes":["cpe:2.3:a:windows-kernel:ace-base-sys:1.0.2202.6217:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.2202.6217","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-02T18:01:58.493340Z","id":"CVE-2024-22830","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://intl.anticheatexpert.com/#/tool-center","source":"cve@mitre.org"},{"url":"https://www.defencetech.it/wp-content/uploads/2024/04/Report-CVE-2024-22830.pdf","source":"cve@mitre.org"},{"url":"https://intl.anticheatexpert.com/#/tool-center","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.defencetech.it/wp-content/uploads/2024/04/Report-CVE-2024-22830.pdf","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-32359","sourceIdentifier":"cve@mitre.org","published":"2024-05-02T16:15:08.127","lastModified":"2026-07-09T01:19:01.620","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An RBAC authorization risk in Carina v0.13.0 and earlier allows local attackers to execute arbitrary code through designed commands to obtain the secrets of the entire cluster and further take over the cluster."},{"lang":"es","value":"Un riesgo de autorización RBAC en Carina v0.13.0 y versiones anteriores permite a atacantes locales ejecutar código arbitrario a través de comandos manipulados para obtener los secretos de todo el clúster y apoderarse del clúster."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"carina","product":"carina","defaultStatus":"unknown","cpes":["cpe:2.3:a:carina:carina:*:*:*:*:*:*:*:*"],"versions":[{"version":"*","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-16T17:57:48.829205Z","id":"CVE-2024-32359","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906","source":"cve@mitre.org"},{"url":"https://github.com/HouqiyuA/k8s-rbac-poc","source":"cve@mitre.org"},{"url":"https://github.com/carina-io/carina","source":"cve@mitre.org"},{"url":"https://gist.github.com/HouqiyuA/568d9857dab4ddba6b8b6a791e90f906","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/HouqiyuA/k8s-rbac-poc","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/carina-io/carina","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-33844","sourceIdentifier":"cve@mitre.org","published":"2024-05-03T15:15:08.157","lastModified":"2026-07-09T01:19:02.273","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The 'control' in Parrot ANAFI USA firmware 1.10.4 does not check the MAV_MISSION_TYPE(0, 1, 2, 255), which allows attacker to cut off the connection between a controller and the drone by sending MAVLink MISSION_COUNT command with a wrong MAV_MISSION_TYPE."},{"lang":"es","value":"El 'control' en el firmware 1.10.4 de Parrot ANAFI USA no verifica MAV_MISSION_TYPE(0, 1, 2, 255), lo que permite al atacante cortar la conexión entre un controlador y el dron enviando el comando MAVLink MISSION_COUNT con un MAV_MISSION_TYPE incorrecto."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"parrot","product":"anafi_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:parrot:anafi_firmware:1.10.4:*:*:*:*:*:*:*"],"versions":[{"version":"1.10.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-06T14:34:17.799610Z","id":"CVE-2024-33844","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-404"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:parrot:anafi_firmware:1.10.4:*:*:*:*:*:*:*","matchCriteriaId":"9C863952-8652-4286-9573-D9B027B981EE"}]}]}],"references":[{"url":"https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501/1","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://forum.developer.parrot.com/t/cve-2024-33844-bugs-in-anafi-thermal-usa-firmware/22501/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-31636","sourceIdentifier":"cve@mitre.org","published":"2024-05-03T17:15:07.687","lastModified":"2026-07-09T01:19:00.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in LIEF v.0.14.1 allows a local attacker to obtain sensitive information via the name parameter of the machd_reader.c component."},{"lang":"es","value":"Un problema en LIEF v.0.14.1 permite a un atacante local obtener información confidencial a través del parámetro de nombre del componente machd_reader.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"lief-project","product":"lief","defaultStatus":"unknown","cpes":["cpe:2.3:a:lief-project:lief:-:*:*:*:*:*:*:*"],"versions":[{"version":"0.14.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":3.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-03T19:32:23.520691Z","id":"CVE-2024-31636","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-457"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:lief-project:lief:0.14.1:*:*:*:*:*:*:*","matchCriteriaId":"E73982D1-47BE-4452-A521-914388E5D283"}]}]}],"references":[{"url":"https://github.com/lief-project/LIEF","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/lief-project/LIEF/issues/1038","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/lief-project/LIEF","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/lief-project/LIEF/issues/1038","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2024-33120","sourceIdentifier":"cve@mitre.org","published":"2024-05-07T15:15:09.353","lastModified":"2026-07-09T01:19:01.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload() function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file."},{"lang":"es","value":"Se descubrió que Roothub v2.5 contenía una vulnerabilidad de carga de archivos arbitraria a través del parámetro customPath en la función upload(). Esta vulnerabilidad permite a los atacantes ejecutar código arbitrario a través de un archivo JSP manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"roothub_project","product":"roothub","defaultStatus":"unknown","cpes":["cpe:2.3:a:roothub_project:roothub:-:*:*:*:*:*:*:*"],"versions":[{"version":"2.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-07T18:13:58.144031Z","id":"CVE-2024-33120","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:roothub:roothub:2.5.0:*:*:*:*:*:*:*","matchCriteriaId":"C243EEA4-D5FD-4574-AA6C-CFD84693A88C"}]}]}],"references":[{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33120.txt","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33120.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-30801","sourceIdentifier":"cve@mitre.org","published":"2024-05-14T15:23:52.670","lastModified":"2026-07-09T01:19:00.610","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in Cloud based customer service management platform v.1.0.0 allows a local attacker to execute arbitrary code via a crafted payload to Login.asp component."},{"lang":"es","value":"Vulnerabilidad de inyección SQL en Cloud based customer service management platform v.1.0.0 permite a un atacante local ejecutar código arbitrario a través de un payload manipulado para el componente Login.asp."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"beijing_xinwang_medical_information_technology","product":"cloud_based_customer_service_management_platform","defaultStatus":"unknown","cpes":["cpe:2.3:a:beijing_xinwang_medical_information_technology:cloud_based_customer_service_management_platform:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-10T19:25:58.987067Z","id":"CVE-2024-30801","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"http://www.minipacs.com/ylqxrj","source":"cve@mitre.org"},{"url":"https://github.com/WarmBrew/web_vul/blob/main/Cloud%20based%20customer%20service/SQLi.md","source":"cve@mitre.org"},{"url":"http://www.minipacs.com/ylqxrj","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/WarmBrew/web_vul/blob/main/Cloud%20based%20customer%20service/SQLi.md","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-26367","sourceIdentifier":"cve@mitre.org","published":"2024-05-14T16:16:22.863","lastModified":"2026-07-09T01:18:55.347","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters."},{"lang":"es","value":"Vulnerabilidad de Cross Site Scripting en Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE-* Build 1467, evEDGE-EO-* Build 0029, MMA10G-* Build 0498, 570IPG-X19-10G Build 0691 permite que un atacante remoto ejecute código arbitrario a través de un payload manipulado para los parámetros de inicio de sesión."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-23T16:12:09.357893Z","id":"CVE-2024-26367","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://wiki.notveg.ninja/blog/CVE-2024-26367/","source":"cve@mitre.org"},{"url":"https://wiki.notveg.ninja/blog/CVE-2024-26367/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-35395","sourceIdentifier":"cve@mitre.org","published":"2024-05-24T16:15:10.670","lastModified":"2026-07-09T01:19:02.440","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root."},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contiene una vulnerabilidad de contraseña codificada en /etc/shadow.sample, que permite a los atacantes iniciar sesión como root."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"cp900_l","defaultStatus":"affected","cpes":["cpe:2.3:a:totolink:cp900_l:v4.1.5cu.798_b20221228:*:*:*:*:*:*:*"],"versions":[{"version":"v4.1.5cu.798_b20221228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-06T15:40:05.354047Z","id":"CVE-2024-35395","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-259"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/HardcodeRoot/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/HardcodeRoot/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35396","sourceIdentifier":"cve@mitre.org","published":"2024-05-24T16:15:10.897","lastModified":"2026-07-09T01:19:02.617","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a hardcoded password for telnet in /web_cste/cgi-bin/product.ini, which allows attackers to log in as root."},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contenía una contraseña codificada para telnet en /web_cste/cgi-bin/product.ini, que permite a los atacantes iniciar sesión como root."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"cp900","defaultStatus":"unknown","cpes":["cpe:2.3:h:totolink:cp900:-:*:*:*:*:*:*:*"],"versions":[{"version":"v4.1.5cu.798_B20221228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-28T15:13:17.331715Z","id":"CVE-2024-35396","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35397","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T15:15:09.407","lastModified":"2026-07-09T01:19:02.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request."},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contiene una vulnerabilidad de inyección de comandos en la función NTPSyncWithHost a través del parámetro hostTime. Esta vulnerabilidad permite a los atacantes ejecutar comandos arbitrarios mediante una solicitud manipulada."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"cp900l_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:totolink:cp900l_firmware:*:*:*:*:*:*:*:*"],"versions":[{"version":"4.1.5cu798_b20221228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-08-19T14:49:43.379856Z","id":"CVE-2024-35397","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/NTPSyncWithHost/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/NTPSyncWithHost/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35398","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T15:15:09.497","lastModified":"2026-07-09T01:19:02.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function setMacFilterRules."},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contenía un desbordamiento de pila a través del parámetro desc en la función setMacFilterRules."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"cp900_l","defaultStatus":"unknown","cpes":["cpe:2.3:a:totolink:cp900_l:v4.1.5cu.798_b20221228:*:*:*:*:*:*:*"],"versions":[{"version":"v4.1.5cu.798_B20221228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-05-30T18:33:47.274532Z","id":"CVE-2024-35398","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/setMacFilterRules/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/setMacFilterRules/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35399","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T15:15:09.567","lastModified":"2026-07-09T01:19:03.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the password parameter in the function loginAuth"},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contenía un desbordamiento de pila a través del parámetro de contraseña en la función loginAuth"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"cp900l_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:totolink:cp900l_firmware:v4.1.5cu.798_b20221228:*:*:*:*:*:*:*"],"versions":[{"version":"v4.1.5cu.798_b20221228","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-26T16:49:49.729954Z","id":"CVE-2024-35399","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/loginAuth/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/loginAuth/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35400","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T15:15:09.630","lastModified":"2026-07-09T01:19:03.260","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a stack overflow via the desc parameter in the function SetPortForwardRules"},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contenía un desbordamiento de pila a través del parámetro desc en la función SetPortForwardRules"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-18T18:24:47.763224Z","id":"CVE-2024-35400","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/SetPortForwardRules/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/SetPortForwardRules/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35401","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T17:15:10.997","lastModified":"2026-07-09T01:19:03.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TOTOLINK CP900L v4.1.5cu.798_B20221228 was discovered to contain a command injection vulnerability via the FileName parameter in the UploadFirmwareFile function."},{"lang":"es","value":"Se descubrió que TOTOLINK CP900L v4.1.5cu.798_B20221228 contiene una vulnerabilidad de inyección de comandos a través del parámetro FileName en la función UploadFirmwareFile."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.5,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-18T18:26:18.584934Z","id":"CVE-2024-35401","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:cp900l_firmware:4.1.5cu.798_b20221228:*:*:*:*:*:*:*","matchCriteriaId":"B1622B5B-4883-4A9E-9F59-FE8861D0F9F4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:cp900l:-:*:*:*:*:*:*:*","matchCriteriaId":"27394F46-4334-4429-89E8-98A235C32A76"}]}]}],"references":[{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/UploadFirmwareFile/README.md","source":"cve@mitre.org","tags":["Broken Link"]},{"url":"https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/TOTOLINK%20CP900L/UploadFirmwareFile/README.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2024-35563","sourceIdentifier":"cve@mitre.org","published":"2024-05-28T17:15:11.130","lastModified":"2026-07-09T01:19:03.577","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CDG-Server-V5.6.2.126.139 and earlier was discovered to contain a SQL injection vulnerability via the permissionId parameter in CDGTempPermissions."},{"lang":"es","value":"Se descubrió que CDG-Server-V5.6.2.126.139 y anteriores contienen una vulnerabilidad de inyección SQL a través del parámetro permisoId en CDGTempPermissions."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"cdg","product":"server","defaultStatus":"unknown","cpes":["cpe:2.3:a:cdg:server:5.6.2.126.139:*:*:*:*:*:*:*"],"versions":[{"version":"5.6.2.126.139","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-29T19:13:02.749913Z","id":"CVE-2024-35563","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/helloBegin/blog/tree/main","source":"cve@mitre.org"},{"url":"https://www.esafenet.com/dzwdaqglxt","source":"cve@mitre.org"},{"url":"https://github.com/helloBegin/blog/tree/main","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.esafenet.com/dzwdaqglxt","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-23667","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-03T10:15:13.100","lastModified":"2026-07-08T14:16:50.133","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI."},{"lang":"es","value":"Una autorización inadecuada en Fortinet FortiWebManager versión 7.2.0 y 7.0.0 hasta 7.0.4 y 6.3.0 y 6.2.3 hasta 6.2.4 y 6.0.2 permite al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o CLI."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiWebManager","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.3.0","status":"affected"},{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"semver","status":"affected"},{"version":"6.0.2","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"6.3.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.2.3:*:*:*:*:*:*:*"],"versions":[{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"6.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-03T16:49:28.332661Z","id":"CVE-2024-23667","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.2.5","matchCriteriaId":"C00F44FF-9533-4354-9060-A74E8F43E747"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"403F07C3-8D48-4403-B9EE-0076F8639CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"A921BEEB-D912-471E-8176-8804F5CD5118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1C7475A8-52EB-413E-A196-6F43137B545F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-23668","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-03T10:15:13.320","lastModified":"2026-07-08T14:16:50.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI."},{"lang":"es","value":"Una autorización inadecuada en Fortinet FortiWebManager versión 7.2.0 y 7.0.0 hasta 7.0.4 y 6.3.0 y 6.2.3 hasta 6.2.4 y 6.0.2 permite al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o CLI."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiWebManager","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.3.0","status":"affected"},{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"semver","status":"affected"},{"version":"6.0.2","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"6.3.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.2.3:*:*:*:*:*:*:*"],"versions":[{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"6.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-03T16:42:57.390397Z","id":"CVE-2024-23668","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.2.5","matchCriteriaId":"C00F44FF-9533-4354-9060-A74E8F43E747"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"403F07C3-8D48-4403-B9EE-0076F8639CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"A921BEEB-D912-471E-8176-8804F5CD5118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1C7475A8-52EB-413E-A196-6F43137B545F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-23670","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-03T10:15:13.523","lastModified":"2026-07-08T14:16:51.287","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI."},{"lang":"es","value":"Una autorización inadecuada en Fortinet FortiWebManager versión 7.2.0 y 7.0.0 hasta 7.0.4 y 6.3.0 y 6.2.3 hasta 6.2.4 y 6.0.2 permite al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o CLI."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiWebManager","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.3.0","status":"affected"},{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"semver","status":"affected"},{"version":"6.0.2","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"6.3.0","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.2.3:*:*:*:*:*:*:*"],"versions":[{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"custom","status":"affected"}]},{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unknown","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"6.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-03T16:51:43.637231Z","id":"CVE-2024-23670","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.2.5","matchCriteriaId":"C00F44FF-9533-4354-9060-A74E8F43E747"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"403F07C3-8D48-4403-B9EE-0076F8639CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"A921BEEB-D912-471E-8176-8804F5CD5118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1C7475A8-52EB-413E-A196-6F43137B545F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-23669","sourceIdentifier":"psirt@fortinet.com","published":"2024-06-05T08:15:09.537","lastModified":"2026-07-08T14:16:50.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An improper authorization in Fortinet FortiWebManager 7.2.0, FortiWebManager 7.0.0 through 7.0.4, FortiWebManager 6.3.0, FortiWebManager 6.2.3 through 6.2.4, FortiWebManager 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI."},{"lang":"es","value":"Una autorización inadecuada en Fortinet FortiWebManager versión 7.2.0 y 7.0.0 hasta 7.0.4 y 6.3.0 y 6.2.3 hasta 6.2.4 y 6.0.2 permite al atacante ejecutar código o comandos no autorizados a través de solicitudes HTTP o CLI."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiWebManager","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.3.0","status":"affected"},{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"semver","status":"affected"},{"version":"6.0.2","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"fortinet","product":"fortiweb_manager","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiweb_manager:*:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.3.0","status":"affected"},{"version":"6.2.3","lessThanOrEqual":"6.2.4","versionType":"semver","status":"affected"},{"version":"6.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-05T14:06:39.473309Z","id":"CVE-2024-23669","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.2.5","matchCriteriaId":"C00F44FF-9533-4354-9060-A74E8F43E747"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"403F07C3-8D48-4403-B9EE-0076F8639CB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"6AB742D6-5B08-4FF7-A366-F4CE1E91C9A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:6.3.0:*:*:*:*:*:*:*","matchCriteriaId":"A921BEEB-D912-471E-8176-8804F5CD5118"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiwebmanager:7.2.0:*:*:*:*:*:*:*","matchCriteriaId":"1C7475A8-52EB-413E-A196-6F43137B545F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-23-222","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-36702","sourceIdentifier":"cve@mitre.org","published":"2024-06-11T19:16:07.697","lastModified":"2026-07-09T01:19:03.870","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"libiec61850 v1.5 was discovered to contain a heap overflow via the BerEncoder_encodeLength function at /asn1/ber_encoder.c."},{"lang":"es","value":"Se descubrió que libiec61850 v1.5 contenía un desbordamiento del montón a través de la función BerEncoder_encodeLength en /asn1/ber_encoder.c."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"mz-automation","product":"libiec61850","defaultStatus":"unknown","cpes":["cpe:2.3:a:mz-automation:libiec61850:1.5.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.5.0","lessThan":"1.5.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-12T12:52:17.902598Z","id":"CVE-2024-36702","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mz-automation:libiec61850:1.5:*:*:*:*:*:*:*","matchCriteriaId":"0F0E72A8-F4AE-4E47-A473-C1D9A2953E4E"}]}]}],"references":[{"url":"https://github.com/mz-automation/libiec61850","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/mz-automation/libiec61850/issues/505","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/mz-automation/libiec61850","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https://github.com/mz-automation/libiec61850/issues/505","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2024-36543","sourceIdentifier":"cve@mitre.org","published":"2024-06-17T19:15:58.353","lastModified":"2026-07-09T01:19:03.723","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector (bypassing Kafka ACL if it exists), and potentially steal Kafka SASL credentials, by querying the MirrorMaker Kafka REST API."},{"lang":"es","value":"El control de acceso incorrecto en la API REST de Kafka Connect en el proyecto STRIMZI 0.41.0 y versiones anteriores permite a un atacante denegar el servicio de Kafka Mirroring y potencialmente reflejar el contenido de los temas en su clúster de Kafka a través de un conector malicioso (evitando Kafka ACL si existe), y potencialmente robar credenciales SASL de Kafka consultando la API REST de MirrorMaker Kafka."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"strimza_project","product":"kafka_connect_rest_api","defaultStatus":"unknown","cpes":["cpe:2.3:a:strimza_project:kafka_connect_rest_api:0.41.0:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"0.41.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-18T13:52:11.053885Z","id":"CVE-2024-36543","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/almounah/vulnerability-research/tree/main/CVE-2024-36543","source":"cve@mitre.org"},{"url":"https://github.com/almounah/vulnerability-research/tree/main/CVE-2024-36543","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-37057","sourceIdentifier":"cve@mitre.org","published":"2024-06-17T21:15:50.380","lastModified":"2026-07-09T01:18:29.603","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to execute arbitrary code via the router's authentication mechanism."},{"lang":"es","value":"Un problema en JLINK Unionman Technology Co. Ltd. Jlink AX1800 v.1.0 permite a un atacante remoto ejecutar código arbitrario a través del mecanismo de autenticación del enrutador."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"jlink","product":"ax1800","defaultStatus":"unknown","cpes":["cpe:2.3:h:jlink:ax1800:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-18T14:21:52.044677Z","id":"CVE-2023-37057","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"http://www.unionman.com.cn/en/contact.html","source":"cve@mitre.org"},{"url":"https://github.com/ri5c/Jlink-Router-RCE","source":"cve@mitre.org"},{"url":"https://jlink-global.com/","source":"cve@mitre.org"},{"url":"http://www.unionman.com.cn/en/contact.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/ri5c/Jlink-Router-RCE","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://jlink-global.com/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2023-37058","sourceIdentifier":"cve@mitre.org","published":"2024-06-17T21:15:50.503","lastModified":"2026-07-09T01:18:29.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Insecure Permissions vulnerability in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to escalate privileges via a crafted command."},{"lang":"es","value":"Vulnerabilidad de permisos inseguros en JLINK Unionman Technology Co. Ltd. Jlink AX1800 v.1.0 permite a un atacante remoto escalar privilegios mediante un comando manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-01T18:26:17.333320Z","id":"CVE-2023-37058","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:unionman:jlink_ax1800_firmware:1.0:*:*:*:*:*:*:*","matchCriteriaId":"876B800A-7914-469E-A666-685959DD45C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:unionman:jlink_ax1800:*:*:*:*:*:*:*:*","matchCriteriaId":"1F13FB92-DBE7-44C5-A268-0E3DCF4E30A9"}]}]}],"references":[{"url":"https://github.com/ri5c/Jlink-Router-RCE","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/ri5c/Jlink-Router-RCE","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-37821","sourceIdentifier":"cve@mitre.org","published":"2024-06-18T20:15:13.640","lastModified":"2026-07-09T01:19:05.140","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in the Upload Template function of Dolibarr ERP CRM up to v19.0.1 allows attackers to execute arbitrary code via uploading a crafted .SQL file."},{"lang":"es","value":"Una vulnerabilidad de carga de archivos arbitrarios en la función Cargar plantilla de Dolibarr ERP CRM hasta v19.0.1 permite a los atacantes ejecutar código arbitrario cargando un archivo .SQL manipulado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"dolibarr","product":"dolibarr_erp\\/crm","defaultStatus":"unknown","cpes":["cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"v19.0.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-20T15:21:39.160244Z","id":"CVE-2024-37821","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dolibarr:dolibarr_erp\\/crm:*:*:*:*:*:*:*:*","versionEndExcluding":"19.0.2","matchCriteriaId":"3DE01B5C-BB48-4C7E-883C-2B325E89092C"}]}]}],"references":[{"url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-37821.md","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/alexbsec/CVEs/blob/master/2024/CVE-2024-37821.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-37676","sourceIdentifier":"cve@mitre.org","published":"2024-06-20T16:15:13.917","lastModified":"2026-07-09T01:19:04.997","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in htop-dev htop v.2.20 allows a local attacker to cause an out-of-bounds access in the Header_populateFromSettings function."},{"lang":"es","value":"Un problema en htop-dev htop v.2.20 permite que un atacante local provoque un acceso fuera de los límites en la función Header_populateFromSettings."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"htop","product":"htop","defaultStatus":"unknown","cpes":["cpe:2.3:a:htop:htop:2.20:*:*:*:*:*:*:*"],"versions":[{"version":"2.20","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-25T17:51:59.009596Z","id":"CVE-2024-37676","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-787"}]}],"references":[{"url":"https://gist.github.com/Cirno9-dev/0109cde3bdbe7eccc6770515106740b7","source":"cve@mitre.org"},{"url":"https://github.com/htop-dev/htop","source":"cve@mitre.org"},{"url":"https://gist.github.com/Cirno9-dev/0109cde3bdbe7eccc6770515106740b7","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://github.com/htop-dev/htop","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-37626","sourceIdentifier":"cve@mitre.org","published":"2024-06-20T17:15:52.353","lastModified":"2026-07-09T01:19:04.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote attacker to execute arbitrary code via the iface parameter in the vif_enable function."},{"lang":"es","value":"Un problema de inyección de comando en el firmware TOTOLINK A6000R V1.0.1-B20201211.2000 permite a un atacante remoto ejecutar código arbitrario a través del parámetro iface en la función vif_enable."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"totolink","product":"a6000r_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:totolink:a6000r_firmware:1.0.1-b20201211.2000:*:*:*:*:*:*:*"],"versions":[{"version":"1.0.1-b20201211.2000","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-21T16:40:03.551052Z","id":"CVE-2024-37626","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:totolink:a6000r_firmware:1.0.1-b20201211.2000:*:*:*:*:*:*:*","matchCriteriaId":"E40BA1D3-29A2-4480-99EB-4BD8EE7CADCE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:totolink:a6000r:-:*:*:*:*:*:*:*","matchCriteriaId":"33AF9CA4-E966-4E72-A676-ADDC1DA0B9A2"}]}]}],"references":[{"url":"https://github.com/lakemoon602/vuln/blob/main/totolink/TOTOlink%20A6000R%20vif_enable.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/lakemoon602/vuln/blob/main/totolink/TOTOlink%20A6000R%20vif_enable.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.totolink.net/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-37674","sourceIdentifier":"cve@mitre.org","published":"2024-06-20T18:15:12.833","lastModified":"2026-07-09T01:19:04.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name (name parameter) of a new activity."},{"lang":"es","value":"Una vulnerabilidad de  Cross Site Scripting en Moodle CMS v3.10 permite a un atacante remoto ejecutar código arbitrario a través del nombre de campo (parámetro de nombre) de una nueva actividad."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"moodle","product":"moodle","defaultStatus":"unknown","cpes":["cpe:2.3:a:moodle:moodle:3.10:*:*:*:*:*:*:*"],"versions":[{"version":"3.10","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-20T19:52:41.740424Z","id":"CVE-2024-37674","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:3.10.0:-:*:*:*:*:*:*","matchCriteriaId":"2FDD4691-5E1D-49FF-870C-96DD8A262A33"}]}]}],"references":[{"url":"https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md","source":"cve@mitre.org","tags":["Broken Link","Exploit"]},{"url":"https://github.com/MohamedAzizMSALLEMI/Moodle_Security/blob/main/CVE-2024-37674.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Exploit"]}]}},{"cve":{"id":"CVE-2024-37671","sourceIdentifier":"cve@mitre.org","published":"2024-06-21T17:15:10.867","lastModified":"2026-07-09T01:19:04.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the page parameter."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management 5.x permite a un atacante remoto ejecutar código arbitrario a través del parámetro de página."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-25T15:57:23.679617Z","id":"CVE-2024-37671","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*","matchCriteriaId":"DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE"}]}]}],"references":[{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37671.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-37672","sourceIdentifier":"cve@mitre.org","published":"2024-06-21T17:15:10.963","lastModified":"2026-07-09T01:19:04.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the idactivity parameter."},{"lang":"es","value":"Una vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management 5.x permite a un atacante remoto ejecutar código arbitrario a través del parámetro idactivity."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-19T19:15:41.374784Z","id":"CVE-2024-37672","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*","matchCriteriaId":"DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE"}]}]}],"references":[{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37672.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37672.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-37673","sourceIdentifier":"cve@mitre.org","published":"2024-06-21T17:15:11.053","lastModified":"2026-07-09T01:19:04.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the filename parameter."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management versión 5.x permite a un atacante remoto ejecutar código arbitrario a través del parámetro de nombre de archivo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tessi","product":"docubase_document_management","defaultStatus":"unknown","cpes":["cpe:2.3:a:tessi:docubase_document_management:*:*:*:*:*:*:*:*"],"versions":[{"version":"5.x","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-06-25T19:32:37.367102Z","id":"CVE-2024-37673","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*","matchCriteriaId":"DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE"}]}]}],"references":[{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37673.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-37675","sourceIdentifier":"cve@mitre.org","published":"2024-06-21T17:15:11.143","lastModified":"2026-07-09T01:19:04.843","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Tessi Docubase Document Management product 5.x allows a remote attacker to execute arbitrary code via the parameter \"sectionContent\" related to the functionality of adding notes to an uploaded file."},{"lang":"es","value":"Vulnerabilidad de Cross-Site Scripting en el producto Tessi Docubase Document Management versión 5.x permite a un atacante remoto ejecutar código arbitrario a través del parámetro \"sectionContent\" relacionado con la funcionalidad de agregar notas a un archivo cargado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-02T20:12:54.892956Z","id":"CVE-2024-37675","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tessi:docubase:5.0:*:*:*:*:*:*:*","matchCriteriaId":"DF3FCA90-0A8A-4A9D-8613-1C8DA52D6BEE"}]}]}],"references":[{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/MohamedAzizMSALLEMI/Docubase_Security/blob/main/CVE-2024-37675.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2022-25477","sourceIdentifier":"cve@mitre.org","published":"2024-07-02T19:15:11.757","lastModified":"2026-07-09T01:17:19.663","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 leaks driver logs that contain addresses of kernel mode objects, weakening KASLR."},{"lang":"es","value":"Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 filtra registros de controladores que contienen direcciones de objetos en modo kernel, lo que debilita KASLR."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-08T20:10:27.562083Z","id":"CVE-2022-25477","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-532"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.21355","matchCriteriaId":"126006F2-0655-4EAB-AD95-87AADA0C8F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.31274","matchCriteriaId":"B45E5C60-6DE7-4324-84A0-5F4270C6ACA0"}]}]}],"references":[{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://zwclose.github.io/2024/10/14/rtsper1.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25478","sourceIdentifier":"cve@mitre.org","published":"2024-07-02T19:15:11.870","lastModified":"2026-07-09T01:17:19.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PCI configuration space of the device."},{"lang":"es","value":"Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 proporciona acceso de lectura y escritura al espacio de configuración PCI del dispositivo."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-05T15:38:00.462735Z","id":"CVE-2022-25478","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.21355","matchCriteriaId":"126006F2-0655-4EAB-AD95-87AADA0C8F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.31274","matchCriteriaId":"B45E5C60-6DE7-4324-84A0-5F4270C6ACA0"}]}]}],"references":[{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://zwclose.github.io/2024/10/14/rtsper1.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25479","sourceIdentifier":"cve@mitre.org","published":"2024-07-02T19:15:11.957","lastModified":"2026-07-09T01:17:20.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows for the leakage of kernel memory from both the stack and the heap."},{"lang":"es","value":"Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 permite la pérdida de memoria del kernel tanto de la pila como del montón."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"realtek","product":"rtsper_pcie_card_reader_driver","defaultStatus":"unknown","cpes":["cpe:2.3:a:realtek:rtsper_pcie_card_reader_driver:10.0.22000.21355:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"10.0.22000.21355","versionType":"custom","status":"affected"}]},{"vendor":"realtek","product":"rtsper_usb_card_reader_driver","defaultStatus":"unknown","cpes":["cpe:2.3:a:realtek:rtsper_usb_card_reader_driver:10.0.22000.31274:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"10.0.22000.31274","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-28T18:14:53.782582Z","id":"CVE-2022-25479","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.21355","matchCriteriaId":"126006F2-0655-4EAB-AD95-87AADA0C8F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.31274","matchCriteriaId":"B45E5C60-6DE7-4324-84A0-5F4270C6ACA0"}]}]}],"references":[{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://zwclose.github.io/2024/10/14/rtsper1.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2022-25480","sourceIdentifier":"cve@mitre.org","published":"2024-07-02T19:15:12.037","lastModified":"2026-07-09T01:17:20.160","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP."},{"lang":"es","value":"Una vulnerabilidad en el controlador Realtek RtsPer para lector de tarjetas PCIe (RtsPer.sys) anterior a 10.0.22000.21355 y el controlador Realtek RtsUer para lector de tarjetas USB (RtsUer.sys) anterior a 10.0.22000.31274 permite escribir en la memoria del kernel más allá del SystemBuffer del IRP."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"realtek","product":"rtsper_pcie_card_reader_driver","defaultStatus":"unknown","cpes":["cpe:2.3:a:realtek:rtsper_pcie_card_reader_driver:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"10.0.22000.21355","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-10-28T19:02:08.772843Z","id":"CVE-2022-25480","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsper:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.21355","matchCriteriaId":"126006F2-0655-4EAB-AD95-87AADA0C8F8E"},{"vulnerable":true,"criteria":"cpe:2.3:a:realtek:rtsuer:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22000.31274","matchCriteriaId":"B45E5C60-6DE7-4324-84A0-5F4270C6ACA0"}]}]}],"references":[{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://zwclose.github.io/2024/10/14/rtsper1.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/zwclose/feb16f1424779a61cb1d9f6d5681408a","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.realtek.com/images/safe-report/Realtek_RtsPer_RtsUer_Security_Advisory_Report.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-39171","sourceIdentifier":"cve@mitre.org","published":"2024-07-09T17:15:48.367","lastModified":"2026-07-09T01:19:06.120","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution via writing specific statements to .htaccess and code to a file with a .png suffix."},{"lang":"es","value":"Directory travel en PHPVibe v11.0.46 debido a sumas de verificación de lista negra y verificaciones de directorio incompletas, lo que puede llevar a la ejecución de código mediante la escritura de declaraciones específicas en .htaccess y código en un archivo con un sufijo .png."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"phpvibe","product":"phpvibe","defaultStatus":"unknown","cpes":["cpe:2.3:a:phpvibe:phpvibe:11.0.3:*:*:*:*:*:*:*"],"versions":[{"version":"11.0.3","lessThanOrEqual":"11.0.46","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-09T19:12:14.727506Z","id":"CVE-2024-39171","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-35"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phpvibe:phpvibe:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.3","versionEndIncluding":"11.0.46","matchCriteriaId":"E15EB81D-E403-48DD-BA2A-85D8B8408AAA"}]}]}],"references":[{"url":"https://github.com/751897386/PHPVibe_vulnerability_Directory-Traversal","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/751897386/PHPVibe_vulnerability_Directory-Traversal","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2023-48194","sourceIdentifier":"cve@mitre.org","published":"2024-07-09T18:15:08.790","lastModified":"2026-07-09T01:18:45.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \\x0. After executing set_client_qos, control over the gp register can be obtained."},{"lang":"es","value":"Vulnerabilidad en Tenda AC8v4 .V16.03.34.09 debido a que sscanf y el último dígito de s8 se sobrescriben con \\x0. Después de ejecutar set_client_qos, se puede obtener el control sobre el registro gp."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"tenda","product":"ac8_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:a:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*"],"versions":[{"version":"16.03.34.09","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-10T14:56:58.589839Z","id":"CVE-2023-48194","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac8_firmware:16.03.34.09:*:*:*:*:*:*:*","matchCriteriaId":"EE69F412-6FC7-470D-BC7E-B3AAC6B4585F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac8v4:-:*:*:*:*:*:*:*","matchCriteriaId":"8EEC256B-442B-4FE8-8253-7A725CF66A6C"}]}]}],"references":[{"url":"https://github.com/zt20xx/CVE-2023-48194","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.tenda.com.cn/download/detail-3683.html","source":"cve@mitre.org"},{"url":"https://github.com/zt20xx/CVE-2023-48194","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]}]}},{"cve":{"id":"CVE-2024-41597","sourceIdentifier":"cve@mitre.org","published":"2024-07-19T20:15:08.993","lastModified":"2026-07-09T14:16:25.200","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"Cross Site Request Forgery vulnerability in ProcessWire v.3.0.229 allows a remote attacker to insert a comment. NOTE: this is disputed by the Supplier because the product intentionally accepts anonymous, unauthenticated comments and thus there are fewer situations in which CSRF would be a useful attack technique. Also, the submitted comments are, by default, held for moderator review."},{"lang":"es","value":"La vulnerabilidad de Cross Site Request Forgery en ProcessWire v.3.0.229 permite a un atacante remoto ejecutar código arbitrario a través de un archivo HTML manipulado para la funcionalidad de comentarios."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"processwire","product":"processwire","defaultStatus":"unknown","cpes":["cpe:2.3:a:processwire:processwire:3.0.229:*:*:*:*:*:*:*"],"versions":[{"version":"3.0.229","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-24T17:54:10.979881Z","id":"CVE-2024-41597","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:processwire:processwire:3.0.229:*:*:*:*:*:*:*","matchCriteriaId":"DA6F3D4C-8845-44FF-A021-F202C57F38CF"}]}]}],"references":[{"url":"https://gist.github.com/DefensiumDevelopers/608be4d10b016dce0566925368a8b08c#file-cve-2024-41597-md","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://gist.github.com/DefensiumDevelopers/608be4d10b016dce0566925368a8b08c#file-cve-2024-41597-md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-40495","sourceIdentifier":"cve@mitre.org","published":"2024-07-24T19:15:04.693","lastModified":"2026-07-09T01:19:06.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was discovered in Linksys Router E2500 with firmware 2.0.00, allows authenticated attackers to execute arbitrary code via the hnd_parentalctrl_unblock function."},{"lang":"es","value":"Se descubrió una vulnerabilidad en Linksys Router E2500 con firmware 2.0.00, que permite a atacantes autenticados ejecutar código arbitrario a través de la función hnd_parentalctrl_unblock."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"linksys","product":"e2500_firmware","defaultStatus":"unknown","cpes":["cpe:2.3:o:linksys:e2500_firmware:2.0.00:*:*:*:*:*:*:*"],"versions":[{"version":"2.0.00","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-24T19:34:25.566135Z","id":"CVE-2024-40495","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linksys:e2500_firmware:2.0.00:*:*:*:*:*:*:*","matchCriteriaId":"9D5D96E0-58D0-4DB0-BFCE-0CC424855603"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:linksys:e2500:-:*:*:*:*:*:*:*","matchCriteriaId":"D37D6660-2A10-44A6-8CAF-F5BC5F6C476E"}]}]}],"references":[{"url":"https://github.com/iotaMing/IOT-CVE/blob/master/Linksys/CVE-2024-40495/CVE-2024-40495.pdf","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/iotaMing/IOT-CVE/blob/master/Linksys/CVE-2024-40495/CVE-2024-40495.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-41628","sourceIdentifier":"cve@mitre.org","published":"2024-07-26T21:15:14.303","lastModified":"2026-07-09T00:17:03.700","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal vulnerability in Severalnines Cluster Control 1.9.8 before 1.9.8-9778, 2.0.0 before 2.0.0-9779, and 2.1.0 before 2.1.0-9780 allows a remote attacker to include and display file content in an HTTP request via the CMON API."},{"lang":"es","value":"Vulnerabilidad de Directory Traversal en Manynines Cluster Control 1.9.8 anterior a 1.9.8-9778, 2.0.0 anterior a 2.0.0-9779 y 2.1.0 anterior a 2.1.0-9780 permite a un atacante remoto incluir y mostrar contenido de archivo en una solicitud HTTP a través de la API CMON."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"severalnines","product":"clustercontrol","defaultStatus":"unknown","cpes":["cpe:2.3:a:severalnines:clustercontrol:*:*:*:*:*:*:*:*"],"versions":[{"version":"1.9.8","lessThan":"1.9.8-9778","versionType":"custom","status":"affected"},{"version":"2.0.0","lessThan":"2.0.0-9779","versionType":"custom","status":"affected"},{"version":"2.1.0","lessThan":"2.1.0-9780","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T14:29:07.475301Z","id":"CVE-2024-41628","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v1-9-8/#maintenance-release-july-24th-2024","source":"cve@mitre.org"},{"url":"https://docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v2-1-0/","source":"cve@mitre.org"},{"url":"https://github.com/Redshift-CyberSecurity/CVE-2024-41628","source":"cve@mitre.org"},{"url":"https://docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v1-9-8/#maintenance-release-july-24th-2024","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.severalnines.com/docs/clustercontrol/changelogs/changes-in-v2-1-0/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-41624","sourceIdentifier":"cve@mitre.org","published":"2024-07-29T16:15:04.917","lastModified":"2026-07-09T01:19:06.450","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect access control in Himalaya Xiaoya nano smart speaker rom_version 1.6.96 allows a remote attacker to have an unspecified impact."},{"lang":"es","value":" El control de acceso incorrecto en el altavoz inteligente nano Himalaya Xiaoya rom_version 1.6.96 permite que un atacante remoto tenga un impacto no especificado."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-29T18:25:02.137222Z","id":"CVE-2024-41624","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/x1ngg3/cve/tree/main/CVE-2024-41624","source":"cve@mitre.org"},{"url":"https://github.com/x1ngg3/cve/tree/main/CVE-2024-41624","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2024-37856","sourceIdentifier":"cve@mitre.org","published":"2024-07-29T19:15:12.177","lastModified":"2026-07-09T01:19:05.300","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page."},{"lang":"es","value":" La vulnerabilidad de Cross Site Scripting en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios a través de los campos de first, last y middle name en la página de perfil de usuario."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T13:55:56.392088Z","id":"CVE-2024-37856","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/","source":"cve@mitre.org","tags":["Not Applicable"]},{"url":"https://packetstormsecurity.com/files/179078/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.sourcecodester.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Not Applicable"]}]}},{"cve":{"id":"CVE-2024-37857","sourceIdentifier":"cve@mitre.org","published":"2024-07-29T19:15:12.257","lastModified":"2026-07-09T01:19:05.467","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php."},{"lang":"es","value":" Vulnerabilidad de inyección SQL en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios mediante el parámetro id a php-lfis/admin/categories/view_category.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"sourcecodester","product":"lost_and_found_information_system","defaultStatus":"unknown","cpes":["cpe:2.3:a:sourcecodester:lost_and_found_information_system:1.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T19:38:42.364523Z","id":"CVE-2024-37857","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/179080/Lost-And-Found-Information-System-1.0-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://packetstormsecurity.com/files/179080/Lost-And-Found-Information-System-1.0-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-37858","sourceIdentifier":"cve@mitre.org","published":"2024-07-29T19:15:12.323","lastModified":"2026-07-09T01:19:05.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php."},{"lang":"es","value":" Vulnerabilidad de inyección SQL en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios a través del parámetro id a php-lfis/admin/categories/manage_category.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"lost_and_found_information_system_project","product":"lost_and_found_information_system","defaultStatus":"unknown","cpes":["cpe:2.3:a:lost_and_found_information_system_project:lost_and_found_information_system:1.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T14:24:53.823898Z","id":"CVE-2024-37858","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://packetstormsecurity.com/files/179079/Lost-And-Found-Information-System-1.0-SQL-Injection.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-37859","sourceIdentifier":"cve@mitre.org","published":"2024-07-29T19:15:12.390","lastModified":"2026-07-09T01:19:05.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php."},{"lang":"es","value":"Una vulnerabilidad de Cross Site Scripting en Lost and Found Information System 1.0 permite a un atacante remoto escalar privilegios a través del parámetro page a php-lfis/admin/index.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"sourcecodester","product":"lost_and_found_information_system","defaultStatus":"unknown","cpes":["cpe:2.3:a:sourcecodester:lost_and_found_information_system:1.0:*:*:*:*:*:*:*"],"versions":[{"version":"1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T19:39:42.516374Z","id":"CVE-2024-37859","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oretnom23:lost_and_found_information_system:1.0:*:*:*:*:*:*:*","matchCriteriaId":"14CF403B-DF0C-4796-8B10-689075DC8A35"}]}]}],"references":[{"url":"https://packetstormsecurity.com/files/179081/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://packetstormsecurity.com/files/179081/Lost-And-Found-Information-System-1.0-Cross-Site-Scripting.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://www.sourcecodester.com/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]}]}},{"cve":{"id":"CVE-2024-38909","sourceIdentifier":"cve@mitre.org","published":"2024-07-30T14:15:02.897","lastModified":"2026-07-09T01:19:05.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Studio 42 elFinder 2.1.64 is vulnerable to Incorrect Access Control. Copying files with an unauthorized extension between server directories allows an arbitrary attacker to expose secrets, perform RCE, etc."},{"lang":"es","value":" Studio 42 elFinder 2.1.64 es vulnerable a un control de acceso incorrecto. Copiar archivos con una extensión no autorizada entre directorios de servidores permite a un atacante arbitrario exponer secretos, realizar RCE, etc."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"studio42","product":"elfinder","defaultStatus":"unknown","cpes":["cpe:2.3:a:studio42:elfinder:*:*:*:*:*:*:*:*"],"versions":[{"version":"2.1.64","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-30T19:10:09.186584Z","id":"CVE-2024-38909","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:std42:elfinder:2.1.64:*:*:*:*:*:*:*","matchCriteriaId":"6C76D05F-90D4-4EF5-B048-D517C949E461"}]}]}],"references":[{"url":"https://github.com/B0D0B0P0T/CVE/blob/main/CVE-2024-38909","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://github.com/B0D0B0P0T/CVE/blob/main/CVE-2024-38909","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2024-33503","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:29.517","lastModified":"2026-07-08T14:16:51.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A improper privilege management vulnerability in Fortinet FortiManager Cloud 7.4.1 through 7.4.3, FortiManager Cloud 7.2.1 through 7.2.5, FortiManager Cloud 7.0 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions allows attacker to escalation of privilege via specific shell commands"},{"lang":"es","value":"Una gestión de privilegios incorrecta en Fortinet FortiManager versión 7.4.0 a 7.4.3, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, FortiAnalyzer versión 7.4.0 a 7.4.2, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14 permite a los atacantes escalar privilegios a través de comandos de shell específicos."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiManager Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.1","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.1","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.1","lessThanOrEqual":"7.0.13","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiManager","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-14T15:16:33.256242Z","id":"CVE-2024-33503","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"F07BE2AB-5F28-4773-B9C3-1D76EA1C2D06"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"E6F162A7-0D01-43E0-99D8-D7B87B080853"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.1","versionEndExcluding":"7.2.7","matchCriteriaId":"38BFF3B9-3927-4B15-A573-4EDB20362841"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.3","matchCriteriaId":"40C3665B-3E49-4D0C-B924-266D49F1E510"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"71CC4AA3-04CC-49CA-A012-E28C4D1F11DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"3AE9CAFD-5D5B-4799-8690-624225963595"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.1","versionEndExcluding":"7.2.7","matchCriteriaId":"75DA0ED6-C606-4763-A7B0-575F8061237A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-127","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-35276","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:29.973","lastModified":"2026-07-08T14:16:52.150","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.3, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0.0 through 7.0.12, FortiAnalyzer 6.4.0 through 6.4.14, FortiAnalyzer Cloud 7.4.1 through 7.4.3, FortiAnalyzer Cloud 7.2.1 through 7.2.5, FortiAnalyzer Cloud 7.0.1 through 7.0.11, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager Cloud 7.4.1 through 7.4.3, FortiManager Cloud 7.2.1 through 7.2.5, FortiManager Cloud 7.0.1 through 7.0.11, FortiManager Cloud 6.4 all versions allows attacker to execute unauthorized code or commands via specially crafted packets."},{"lang":"es","value":"Un desbordamiento de búfer basado en pila en Fortinet FortiAnalyzer versiones 7.4.0 a 7.4.3, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, FortiManager versiones 7.4.0 a 7.4.3, 7.2.0 a 7.2.5, 7.0.0 a 7.0.12, 6.4.0 a 6.4.14, FortiManager Cloud versiones 7.4.1 a 7.4.3, 7.2.1 a 7.2.5, 7.0.1 a 7.0.11, 6.4.1 a 6.4.7, FortiAnalyzer Cloud versiones 7.4.1 a 7.4.3, 7.2.1 a 7.2.5, 7.0.1 ...2, 6.4.0 a 6.4.14, FortiManager Cloud versiones 7.4.1 a 7.4.3, 7.2.1 a 7.2.5, 7.0.1 a 7.0.12, 7.0.11, 6.4.1 a 6.4.7 permite a los atacantes ejecutar código o comandos no autorizados a través de paquetes especialmente manipulados."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiAnalyzer","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.14","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiManager Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:6.4.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.1","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.1","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.1","lessThanOrEqual":"7.0.11","versionType":"semver","status":"affected"},{"version":"6.4.1","lessThanOrEqual":"6.4.7","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiAnalyzer Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortianalyzercloud:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.1","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.1","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.1","lessThanOrEqual":"7.0.11","versionType":"semver","status":"affected"},{"version":"6.4.1","lessThanOrEqual":"6.4.7","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiManager","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.14","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-14T15:15:20.448933Z","id":"CVE-2024-35276","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.15","matchCriteriaId":"34F71CF0-4C81-4261-BDA8-30287969D137"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.13","matchCriteriaId":"BFAF2532-DF9C-458E-B69B-59C29507F775"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.6","matchCriteriaId":"6FCEF6EE-A923-4DCE-A225-C6D1FB0123E8"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"E6F162A7-0D01-43E0-99D8-D7B87B080853"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.1","versionEndExcluding":"7.0.12","matchCriteriaId":"DD54E27E-172A-4F2D-A09A-862C4B5F4957"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.1","versionEndExcluding":"7.2.6","matchCriteriaId":"F8614C7F-FC4D-4686-9E7A-071830318813"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"6EA0888C-2D95-46ED-9BA9-F99072C02FE6"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.15","matchCriteriaId":"D2AD66B0-9C99-4F83-80AA-B54E6354ADFD"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.13","matchCriteriaId":"37456E27-0EE2-4AF8-B92F-A5284FEC0409"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.6","matchCriteriaId":"605795FE-4D3E-48D4-B2E6-AED4C79B405F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"3AE9CAFD-5D5B-4799-8690-624225963595"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.1","versionEndExcluding":"7.0.12","matchCriteriaId":"CDAE920D-C7A3-47B2-A737-1ECB2C9AFBEF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.1","versionEndExcluding":"7.2.6","matchCriteriaId":"482363A8-9BE6-46F1-8795-6268F6B84FDF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-165","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-48884","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:32.873","lastModified":"2026-07-08T14:16:53.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0.0 through 7.0.15, FortiOS 6.4.0 through 6.4.15, FortiProxy 7.4.0 through 7.4.5, FortiProxy 7.2.0 through 7.2.11, FortiProxy 7.0.0 through 7.0.18, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1 all versions, FortiProxy 1.0 all versions may allow a remote authenticated attacker with access to the security fabric interface and port to write arbitrary files or a remote unauthenticated attacker to delete an arbitrary folder"},{"lang":"es","value":"Una limitación incorrecta de una ruta de acceso a un directorio restringido ('Path Traversal') en Fortinet FortiManager versiones 7.6.0 a 7.6.1, 7.4.1 a 7.4.3, FortiOS versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.5 a 7.2.9, 7.0.0 a 7.0.15, 6.4.0 a 6.4.15, FortiProxy 7.4.0 a 7.4.5, 7.2.0 a 7.2.11, 7.0.0 a 7.0.18, 2.0.0 a 2.0.14, 1.2.0 a 1.2.13, 1.1.0 a 1.1.6, 1.0.0 a 1.0.7, FortiManager Cloud versiones 7.4.1 hasta 7.4.3, FortiRecorder versiones 7.2.0 hasta 7.2.1, 7.0.0 hasta 7.0.4, FortiVoice versiones 7.0.0 hasta 7.0.4, 6.4.0 hasta 6.4.9, 6.0.0 hasta 6.0.12, FortiWeb 7.6.0, 7.4.0 hasta 7.4.4, 7.2.0 hasta 7.2.10, 7.0.0 hasta 7.0.10, 6.4.0 hasta 6.4.3 permite al atacante activar una escalada de privilegios a través de paquetes especialmente manipulados."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiManager","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortimanager:7.6.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.6.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.1","versionType":"semver","status":"affected"},{"version":"7.4.1","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:2.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.1.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:1.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.11","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.18","versionType":"semver","status":"affected"},{"version":"2.0.0","lessThanOrEqual":"2.0.14","versionType":"semver","status":"affected"},{"version":"1.2.0","lessThanOrEqual":"1.2.13","versionType":"semver","status":"affected"},{"version":"1.1.0","lessThanOrEqual":"1.1.6","versionType":"semver","status":"affected"},{"version":"1.0.0","lessThanOrEqual":"1.0.7","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.4","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.9","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.15","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.15","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiManager Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortimanagercloud:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortimanagercloud:7.4.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.1","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-14T15:17:58.698254Z","id":"CVE-2024-48884","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"7269FDB6-A1D4-4912-8751-87BA52614FDA"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.2","matchCriteriaId":"241A8930-4ADA-4380-AA42-F10B28487595"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndExcluding":"7.0.19","matchCriteriaId":"32CFAF1E-358A-4F6D-96CB-D7229F0D9D74"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.12","matchCriteriaId":"C8B93C73-1E94-4854-8405-C3689860A74C"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.6","matchCriteriaId":"5B276403-CE85-445A-9E5D-BBFBD7AB7A68"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"CD60BA50-3F98-46BF-97E8-28AB207DE12A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.2","matchCriteriaId":"C0B0D078-2F52-46B4-B9C0-162447828E1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.4.10","matchCriteriaId":"BBF1E214-4BC5-47E8-BF02-072D6D830BAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.5","matchCriteriaId":"5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.4.5","matchCriteriaId":"CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*","matchCriteriaId":"28B43375-DA74-4C5F-BAEE-39F312EEF51F"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"6.4.16","matchCriteriaId":"B481963F-0415-42C8-BB38-C1A8BDF4B9F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.16","matchCriteriaId":"3EAE013D-7AE4-4C7A-81A0-296FE00F12CD"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.10","matchCriteriaId":"4D7D031B-221B-4738-AC83-4FB92A106528"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.5","matchCriteriaId":"A71AD879-997D-4787-A1E9-E4132AC521E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*","matchCriteriaId":"44CE8EE3-D64A-49C8-87D7-C18B302F864A"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-259","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-55591","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-14T14:15:34.450","lastModified":"2026-07-08T14:16:53.953","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS version 7.0.0 through 7.0.16 and FortiProxy version 7.0.0 through 7.0.19 and 7.2.0 through 7.2.12 allows a remote attacker to gain super-admin privileges via crafted requests to Node.js websocket module."},{"lang":"es","value":"Una vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS versión 7.0.0 a 7.0.16 y FortiProxy versión 7.0.0 a 7.0.19 y 7.2.0 a 7.2.12 permite que un atacante remoto obtenga privilegios de superadministrador mediante solicitudes manipuladas al módulo websocket Node.js."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","lessThanOrEqual":"7.2.12","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-23T04:55:44.336664Z","id":"CVE-2024-55591","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2025-01-14","cisaActionDue":"2025-01-21","cisaRequiredAction":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.20","matchCriteriaId":"1B14CD59-F557-48A0-8458-BECD3AD7DB3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.13","matchCriteriaId":"EDC18768-0891-465E-9900-3DF5D22A5CB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.17","matchCriteriaId":"BD357034-B2FD-4C2E-97FE-2C54D686D885"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-535","source":"psirt@fortinet.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-55591","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2024-45331","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-16T09:15:06.500","lastModified":"2026-07-08T14:16:53.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A incorrect privilege assignment vulnerability in Fortinet FortiAnalyzer 7.4.0 through 7.4.3, FortiAnalyzer 7.2.0 through 7.2.5, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiAnalyzer Cloud 7.4.1 through 7.4.2, FortiAnalyzer Cloud 7.2.1 through 7.2.6, FortiAnalyzer Cloud 7.0 all versions, FortiAnalyzer Cloud 6.4 all versions, FortiManager 7.4.0 through 7.4.3, FortiManager 7.2.0 through 7.2.5, FortiManager 7.0 all versions, FortiManager 6.4 all versions allows attacker to escalate privilege via specific shell commands"},{"lang":"es","value":"Una asignación de privilegios incorrecta en las versiones 7.4.0 a 7.4.3, 7.2.0 a 7.2.5, 7.0.0 a 7.0.13, 6.4.0 a 6.4.15 de Fortinet FortiAnalyzer, las versiones 7.4.0 a 7.4.2, 7.2.0 a 7.2.5, 7.0.0 a 7.0.13, 6.4.0 a 6.4.15 de FortiManager, las versiones 7.4.1 a 7.4.2, 7.2.1 a 7.2.6, 7.0.1 a 7.0.13, 6.4.1 a 6.4.7 de FortiAnalyzer Cloud permite a un atacante escalar privilegios a través de comandos de shell específicos"}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiAnalyzer Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortianalyzercloud:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortianalyzercloud:6.4.1:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.1","lessThanOrEqual":"7.4.2","versionType":"semver","status":"affected"},{"version":"7.2.1","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.1","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"},{"version":"6.4.1","lessThanOrEqual":"6.4.7","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiManager","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.2","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.15","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiAnalyzer","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortianalyzer:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.3","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-16T14:17:17.440183Z","id":"CVE-2024-45331","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"F07BE2AB-5F28-4773-B9C3-1D76EA1C2D06"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"E6F162A7-0D01-43E0-99D8-D7B87B080853"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.1","versionEndExcluding":"7.2.7","matchCriteriaId":"38BFF3B9-3927-4B15-A573-4EDB20362841"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortianalyzer_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.3","matchCriteriaId":"40C3665B-3E49-4D0C-B924-266D49F1E510"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.2.6","matchCriteriaId":"71CC4AA3-04CC-49CA-A012-E28C4D1F11DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.0","versionEndExcluding":"7.4.4","matchCriteriaId":"3AE9CAFD-5D5B-4799-8690-624225963595"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.1","versionEndExcluding":"7.2.7","matchCriteriaId":"75DA0ED6-C606-4763-A7B0-575F8061237A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"7.4.1","versionEndExcluding":"7.4.4","matchCriteriaId":"164DEDC3-B1C0-42AC-9ADB-CE03CF6A71CC"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-127","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-48885","sourceIdentifier":"psirt@fortinet.com","published":"2025-01-16T09:15:06.737","lastModified":"2026-07-08T14:16:53.783","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiRecorder 7.2.0 through 7.2.1, FortiRecorder 7.0.0 through 7.0.4, FortiVoice 7.0.0 through 7.0.4, FortiVoice 6.4.0 through 6.4.9, FortiVoice 6.0 all versions, FortiWeb 7.6.0, FortiWeb 7.4.0 through 7.4.4, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions, FortiWeb 6.4 all versions allows attacker to escalate privilege via specially crafted packets."},{"lang":"es","value":" Una limitación incorrecta de una ruta de acceso a un directorio restringido (\"path traversal\") en Fortinet FortiRecorder versiones 7.2.0 a 7.2.1, 7.0.0 a 7.0.4, FortiWeb versiones 7.6.0, 7.4.0 a 7.4.4, 7.2.0 a 7.2.10, 7.0.0 a 7.0.10, 6.4.0 a 6.4.3, FortiVoice versiones 7.0.0 a 7.0.4, 6.4.0 a 6.4.9, 6.0.0 a 6.0.12 permite a un atacante escalar privilegios a través de paquetes especialmente manipulados."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiVoice","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortivoice:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortivoice:6.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.9","versionType":"semver","status":"affected"},{"version":"6.0.0","lessThanOrEqual":"6.0.12","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiRecorder","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortirecorder:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortirecorder:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","lessThanOrEqual":"7.2.1","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.4","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiWeb","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiweb:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.4","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.12","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.12","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-01-16T14:15:57.157206Z","id":"CVE-2024-48885","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.5","matchCriteriaId":"CD60BA50-3F98-46BF-97E8-28AB207DE12A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortirecorder:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.2","matchCriteriaId":"C0B0D078-2F52-46B4-B9C0-162447828E1B"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndIncluding":"6.4.10","matchCriteriaId":"BBF1E214-4BC5-47E8-BF02-072D6D830BAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortivoice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndIncluding":"7.0.5","matchCriteriaId":"5EEE0DFA-DE31-4D26-AC98-6BCED8F008DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.4.5","matchCriteriaId":"CDB9CE13-AAF4-418C-BA26-1A0D53C5C1C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiweb:7.6.0:*:*:*:*:*:*:*","matchCriteriaId":"28B43375-DA74-4C5F-BAEE-39F312EEF51F"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-259","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-24472","sourceIdentifier":"psirt@fortinet.com","published":"2025-02-11T17:15:34.867","lastModified":"2026-07-08T14:16:54.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to gain super-admin privileges on the downstream device, if the Security Fabric is enabled, via crafted CSF proxy requests."},{"lang":"es","value":"Una vulnerabilidad de omisión de autenticación mediante una ruta o canal alternativo [CWE-288] que afecta a FortiOS 7.0.0 a 7.0.16 y FortiProxy 7.2.0 a 7.2.12, 7.0.0 a 7.0.19 puede permitir que un atacante remoto obtenga privilegios de superadministrador a través de solicitudes de proxy CSF manipuladas."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.16","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.2.0","lessThanOrEqual":"7.2.12","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-03-18T18:32:10.857001Z","id":"CVE-2025-24472","options":[{"exploitation":"active"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2025-03-18","cisaActionDue":"2025-04-08","cisaRequiredAction":"Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.","cisaVulnerabilityName":"Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability","weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.20","matchCriteriaId":"1B14CD59-F557-48A0-8458-BECD3AD7DB3A"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.2.13","matchCriteriaId":"EDC18768-0891-465E-9900-3DF5D22A5CB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.17","matchCriteriaId":"BD357034-B2FD-4C2E-97FE-2C54D686D885"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-535","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-24472","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2025-6170","sourceIdentifier":"secalert@redhat.com","published":"2025-06-16T16:15:20.430","lastModified":"2026-07-08T15:16:24.850","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections."},{"lang":"es","value":"Se detectó una falla en el shell interactivo de la herramienta de línea de comandos xmllint, utilizada para analizar archivos XML. Cuando un usuario introduce un comando demasiado largo, el programa no verifica correctamente el tamaño de entrada, lo que puede provocar un bloqueo. Este problema podría permitir a los atacantes ejecutar código dañino en configuraciones poco comunes sin protecciones modernas."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"defaultStatus":"unaffected","collectionURL":"https://gitlab.gnome.org/GNOME/libxml2/","packageName":"libxml2","versions":[{"version":"0","lessThan":"2.14.5","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:2.9.7-21.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libxml2-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"2.15.2-0.3.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libxml2","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"libxml2","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"V4.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-16T16:05:03.613731Z","id":"CVE-2025-6170","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*","matchCriteriaId":"9B453CF7-9AA6-4B94-A003-BF7AE0B82F53"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:xmlsoft:libxml2:-:*:*:*:*:*:*:*","matchCriteriaId":"61F6944D-0CFD-4525-8A80-3AB1360AE6F5"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36734","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:7519","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-6170","source":"secalert@redhat.com","tags":["Mitigation","Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372952","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/libxml2/-/issues/941","source":"secalert@redhat.com"},{"url":"https://lists.debian.org/debian-lts-announce/2025/07/msg00014.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-44203","sourceIdentifier":"cve@mitre.org","published":"2025-06-20T16:15:28.700","lastModified":"2026-07-09T15:16:28.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In HotelDruid 3.0.0 and 3.0.7, the unauthenticated database-setup endpoint creadb.php can be reached before setup is completed and performs database creation without locking. By sending many concurrent requests, an attacker can trigger a race condition during which verbose SQL error messages disclose the administrator username, password hash, and salt. The same race leaves the setup partially initialized, so the administrator can no longer log in with the credentials set during installation, resulting in a denial of service that requires reinstallation to recover. Remote exploitation additionally requires the installation to allow non-localhost access. The vulnerability was fixed in version 3.0.8."},{"lang":"es","value":"En HotelDruid 3.0.7, un atacante no autenticado puede explotar mensajes de error SQL detallados en creadb.php antes de pulsar el botón \"Crear base de datos\". Al enviar solicitudes POST mal formadas a este endpoint, el atacante puede obtener el nombre de usuario, el hash de la contraseña y la sal del administrador. En algunos casos, el ataque resulta en una denegación de servicio (DoS), impidiendo que el administrador inicie sesión incluso con las credenciales correctas. "}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-06-24T15:30:41.403722Z","id":"CVE-2025-44203","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-209"},{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:digitaldruid:hoteldruid:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"C9D8DF00-0D75-45B1-8819-FCB87A07FB27"},{"vulnerable":true,"criteria":"cpe:2.3:a:digitaldruid:hoteldruid:3.0.7:*:*:*:*:*:*:*","matchCriteriaId":"0EFAA1B2-5E34-4FB2-81B4-D1DB0EEE96C7"}]}]}],"references":[{"url":"https://github.com/IvanT7D3/CVE-2025-44203/tree/main","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.hoteldruid.com/","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/IvanT7D3/CVE-2025-44203/tree/main","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-31366","sourceIdentifier":"psirt@fortinet.com","published":"2025-10-14T16:15:37.423","lastModified":"2026-07-08T13:16:24.753","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Neutralization of Input During Web Page Generation vulnerability [CWE-79] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiSASE 25.2.a may allow an unauthenticated attacker to perform a reflected cross site scripting (XSS) via crafted HTTP requests."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiSASE","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisase:25.2.a:*:*:*:*:*:*:*"],"versions":[{"version":"25.2.a","status":"affected"}]},{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.19:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.18:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.17:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.7","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.13","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.19","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.16","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.23:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.22:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.21:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.20:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.3","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.8","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.16","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.23","versionType":"semver","status":"affected"}]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM APE1808","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-10-14T16:45:04.804545Z","id":"CVE-2025-31366","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.4.9","matchCriteriaId":"1B6548FD-E370-45D7-81D5-6EF892810052"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"C1C30E0D-7F09-42D2-9EB1-E2196BD50D75"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.6.4","matchCriteriaId":"4DA70753-E996-4081-9C13-7F60AC993B09"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisase:25.3.40:*:*:*:feature:*:*:*","matchCriteriaId":"53197A72-5D08-4938-A415-72C573024BF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisase:25.3.40:*:*:*:mature:*:*:*","matchCriteriaId":"2603C391-AEC6-450A-A30A-4F8682F9565D"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-542","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-864900.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-47890","sourceIdentifier":"psirt@fortinet.com","published":"2025-10-14T16:15:38.667","lastModified":"2026-07-08T13:16:24.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An URL Redirection to Untrusted Site vulnerabilities [CWE-601] vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4 all versions, FortiProxy 7.2 all versions, FortiProxy 7.0 all versions, FortiSASE 25.2.a may allow an unauthenticated attacker to perform an open redirect attack via crafted HTTP requests."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiOS","defaultStatus":"unaffected","cpes":["cpe:2.3:o:fortinet:fortios:7.6.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.6.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.6.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.4.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.2.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.19:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.18:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.17:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.16:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.15:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.14:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.13:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.12:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.11:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.10:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.9:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.8:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.7:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.6:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.5:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.4:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.3:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.2:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*","cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.8","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.13","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.19","versionType":"semver","status":"affected"},{"version":"6.4.0","lessThanOrEqual":"6.4.16","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiProxy","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiproxy:7.6.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.23:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.22:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.21:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.20:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.19:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.18:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.17:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.16:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.15:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.14:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.13:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.12:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.11:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.10:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiproxy:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.3","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.14","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.16","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.23","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSASE","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisase:25.2.a:*:*:*:*:*:*:*"],"versions":[{"version":"25.2.a","status":"affected"}]}]},{"source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","affectedData":[{"vendor":"Siemens","product":"RUGGEDCOM APE1808","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":2.6,"baseSeverity":"LOW","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-10-16T17:27:26.292358Z","id":"CVE-2025-47890","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.4.9","matchCriteriaId":"1B6548FD-E370-45D7-81D5-6EF892810052"},{"vulnerable":true,"criteria":"cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"C1C30E0D-7F09-42D2-9EB1-E2196BD50D75"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.6.4","matchCriteriaId":"4DA70753-E996-4081-9C13-7F60AC993B09"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisase:25.3.40:*:*:*:feature:*:*:*","matchCriteriaId":"53197A72-5D08-4938-A415-72C573024BF3"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisase:25.3.40:*:*:*:mature:*:*:*","matchCriteriaId":"2603C391-AEC6-450A-A30A-4F8682F9565D"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-24-542","source":"psirt@fortinet.com","tags":["Vendor Advisory"]},{"url":"https://cert-portal.siemens.com/productcert/html/ssa-864900.html","source":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e"}]}},{"cve":{"id":"CVE-2025-67780","sourceIdentifier":"cve@mitre.org","published":"2025-12-11T23:15:51.033","lastModified":"2026-07-09T13:16:44.840","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"cve@mitre.org","tags":["disputed"]}],"descriptions":[{"lang":"en","value":"SpaceX Starlink Dish devices with firmware 2024.12.04.mr46620 (e.g., on Mini1_prod2) allow administrative actions via unauthenticated LAN gRPC requests, aka MARMALADE 2. The cross-origin policy can be bypassed by omitting a Referer header. In some cases, an attacker's ability to read tilt, rotation, and elevation data via gRPC can make it easier to infer the geographical location of the dish. NOTE: this is disputed by the Supplier because unauthenticated LAN gRPC is intended behavior for certain mobile app integration, and because the cross-origin policy is correctly enforced for gRPC-Web (port 9201), i.e., it is not a valid vulnerability report."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"SpaceX","product":"Starlink Dish","defaultStatus":"unknown","versions":[{"version":"2024.12.04.mr46620","lessThan":"21.08.24","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-12T15:26:43.134767Z","id":"CVE-2025-67780","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://www.akawlabs.com/blog/starlink-grpc-execution","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2025-67288","sourceIdentifier":"cve@mitre.org","published":"2025-12-22T19:15:49.710","lastModified":"2026-07-08T17:17:19.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows attackers to execute arbitrary code by uploading a crafted PDF file. NOTE: this is disputed by the Supplier because the responsibility for file validation (as shown in the documentation) belongs to the system administrator who is implementing Umbraco CMS in their environment, not to Umbraco CMS itself. The Supplier also states that PDF JavaScript runs in a completely isolated sandbox, not the browser's DOM context, which means that privilege boundaries would not be crossed, a related issue to CVE-2023-49279."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-12-22T18:59:14.508768Z","id":"CVE-2025-67288","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:umbraco:umbraco_cms:16.3.3:*:*:*:*:*:*:*","matchCriteriaId":"3219BD08-2A93-46BC-847C-493BE4220357"}]}]}],"references":[{"url":"https://github.com/vuquyen03/CVE/tree/main/CVE-2025-67288","source":"cve@mitre.org","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-66176","sourceIdentifier":"hsrc@hikvision.com","published":"2026-01-13T03:16:01.097","lastModified":"2026-07-09T07:16:21.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"There is a Buffer overflow Vulnerability in the device Search and Discovery feature of Hikvision Access Control Products. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."},{"lang":"es","value":"Hay una vulnerabilidad de desbordamiento de pila en la función de búsqueda y descubrimiento de dispositivos de los productos de control de acceso de Hikvision. Si se explota, un atacante en la misma red de área local (LAN) podría causar un mal funcionamiento del dispositivo enviando paquetes especialmente diseñados a un dispositivo sin parchear."}],"affected":[{"source":"hsrc@hikvision.com","affectedData":[{"vendor":"Hikvision","product":"DS-K1T331","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T341A/K1T341B","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T671/K5671","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T672","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T680","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T981","versions":[{"version":"Versions below V3.7.80","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T341C","versions":[{"version":"Versions below V3.3.180","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T670/K1T673","versions":[{"version":"Versions below V4.48.0","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8003","versions":[{"version":"Versions below V1.4.21","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804A","versions":[{"version":"Versions below V1.4.22","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8003/8004","versions":[{"version":"Versions below V1.4.21","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804A","versions":[{"version":"Versions below V1.4.22","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T804B","versions":[{"version":"Versions below V1.4.23","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T201A/K1T105A","versions":[{"version":"Versions below V1.3.65","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T342/K1T343/K1T344/DS-K1T6QT-F72/F43","versions":[{"version":"Versions below V4.48.0","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T8005/DS-K1T808","versions":[{"version":"Versions below V3.25.40","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T320/DS-K1T321","versions":[{"version":"Versions below V3.9.40","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K1T323/DS-K1T510","versions":[{"version":"Versions below V4.23.41","status":"affected"}]},{"vendor":"Hikvision","product":"DS-K5033","versions":[{"version":"Versions below V4.37.40","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"hsrc@hikvision.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-13T14:32:35.447766Z","id":"CVE-2025-66176","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t331_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"3FEF4CC2-2B13-4A80-8C57-68600AE9C93A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t331:-:*:*:*:*:*:*:*","matchCriteriaId":"9C6570A0-091A-49E4-8B04-650397FBD93D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t341a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"0B6CAC82-004C-4919-9234-89004136537D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t341a:-:*:*:*:*:*:*:*","matchCriteriaId":"595B2854-FCC2-4DC9-9821-7545FE940FAC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t341b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"BA1A7F5D-F33C-4F15-8639-30CDCD7C1455"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t341b:-:*:*:*:*:*:*:*","matchCriteriaId":"3A7C6C26-52D1-4E9D-8448-29B78F692448"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t671_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"7841DA8E-1AE6-46F6-BB86-360B8624F85D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t671:-:*:*:*:*:*:*:*","matchCriteriaId":"4B322AE4-4BE3-46EE-BFFD-730274270D52"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k5671_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"9362042E-F45C-43E3-9709-3D17DE1E476A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k5671:-:*:*:*:*:*:*:*","matchCriteriaId":"33DF42F9-AA7B-4275-A0F5-6CD1C395379F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t672_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"A68F9962-7C8E-46AF-BFA2-372191D585AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t672:-:*:*:*:*:*:*:*","matchCriteriaId":"58E41B4D-6601-4F72-BE90-1A119FFB3A0A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t680_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"E4F9199C-DEAD-430C-B2A7-FF493DAEB8EA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t680:-:*:*:*:*:*:*:*","matchCriteriaId":"9166334C-35C0-4220-AF7B-1964E32B4451"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t981_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.7.80","matchCriteriaId":"AA7CA850-60FF-4A8D-8B48-A0F92CA3C893"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t981:-:*:*:*:*:*:*:*","matchCriteriaId":"FF7DF3E8-F9C0-4475-B67B-DF390F6FCEA2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t341c_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.180","matchCriteriaId":"D45B0E65-1F34-432B-98F3-4BD668BFDBFB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t341c:-:*:*:*:*:*:*:*","matchCriteriaId":"592F9F35-4C09-4EF2-BA57-D0A2A1DD9CAD"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t670_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"938D48C8-CABA-4BA8-AF8C-F3A32E9B5FF5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t670:-:*:*:*:*:*:*:*","matchCriteriaId":"D4DB9DCF-7203-4A56-8532-55930891BB1C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t673_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"8D8CA557-266F-415B-8470-BDD7D7082C65"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t673:-:*:*:*:*:*:*:*","matchCriteriaId":"317F27A1-FA60-4970-B59E-FB02C81E94FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t8003_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.4.21","matchCriteriaId":"807EF865-6176-4B6B-B054-53371272C007"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t8003:-:*:*:*:*:*:*:*","matchCriteriaId":"D63B00A4-6461-49E1-812C-6A4C3134A18F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t804a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.22","matchCriteriaId":"477FD324-96CA-4918-A757-A42AB88F99E7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t804a:-:*:*:*:*:*:*:*","matchCriteriaId":"5BDBE9E6-0A47-4D1E-824D-27CDD64EC9C6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t804b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.23","matchCriteriaId":"55487C7C-A732-4572-8305-A5CEB4ABCE4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t804b:-:*:*:*:*:*:*:*","matchCriteriaId":"84AEF3D6-96C3-48DB-84F4-91B15DA10AC9"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t201a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.65","matchCriteriaId":"1C291558-9518-45FD-B335-4C4B0B809689"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t201a:-:*:*:*:*:*:*:*","matchCriteriaId":"F9AF2454-7567-404C-9034-B68D83AFE1A3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t105a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.65","matchCriteriaId":"2BE71E15-75EB-45E2-8132-6EC4328119D8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t105a:-:*:*:*:*:*:*:*","matchCriteriaId":"E016D61D-1B25-4771-A309-AA644A26C877"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t342_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"EF448E78-1DD8-414D-8AE3-72A259FD3FAE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t342:-:*:*:*:*:*:*:*","matchCriteriaId":"8A163CD9-37C7-4575-A790-982E2406A01F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t343_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"BA984C23-17E5-43B4-A9DA-F5BD4B007478"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t343:-:*:*:*:*:*:*:*","matchCriteriaId":"AB3816C5-A0F2-47B1-9B40-A47FE1FBE053"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t344_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"0D6FF3E3-D6AB-4C69-8212-38397FB5C12B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t344:-:*:*:*:*:*:*:*","matchCriteriaId":"52FE66AC-596D-494C-9C29-6919205ED5AC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t6qt-f72_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"F6ABABF4-81D5-452B-8CC4-924335CF31F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t6qt-f72:-:*:*:*:*:*:*:*","matchCriteriaId":"4B48535B-1471-4B1C-AF8C-2F5116225F8A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t6qt-f43_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.48.0","matchCriteriaId":"E83C60D7-B7FB-461E-B7E2-3EB2227C4F4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t6qt-f43:-:*:*:*:*:*:*:*","matchCriteriaId":"059E5A01-4633-40F9-9AA3-8F3019903835"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t8005_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.25.40","matchCriteriaId":"557CAE23-96F3-4A21-9E0D-532E54CED359"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t8005:-:*:*:*:*:*:*:*","matchCriteriaId":"696ED009-67B1-4D45-9AFD-BC68697A9D7A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t808_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.25.40","matchCriteriaId":"8D81291F-D1C6-471D-B313-BE682B1D7C2B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t808:-:*:*:*:*:*:*:*","matchCriteriaId":"9B365695-11F0-4D2E-B7DD-EE6D78D95061"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t320_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.40","matchCriteriaId":"C08D0733-7443-442D-9625-98DF738DE421"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t320:-:*:*:*:*:*:*:*","matchCriteriaId":"DFB55E0E-26EF-4A02-A875-0CDFC0E84494"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t321_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"3.9.40","matchCriteriaId":"6E472A20-599F-4569-93CA-D0589A91C094"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t321:-:*:*:*:*:*:*:*","matchCriteriaId":"0A726724-CA0C-4DF4-8766-DBC24CFC6298"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t323_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.23.41","matchCriteriaId":"72A9D0A0-440A-4478-9DFF-938A78949A22"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t323:-:*:*:*:*:*:*:*","matchCriteriaId":"4F1E2E44-BE3B-4BBA-8F99-7F825CFCCB04"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k1t510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.23.41","matchCriteriaId":"56334187-6AE7-4A35-8597-6D3F84C2595B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k1t510:-:*:*:*:*:*:*:*","matchCriteriaId":"29A292CB-0B20-4157-A1D6-B56AAA7796C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hikvision:ds-k5033_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"4.37.40","matchCriteriaId":"133AA7CA-18AD-4D11-B2D7-222D8983FBEC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hikvision:ds-k5033:-:*:*:*:*:*:*:*","matchCriteriaId":"5949CA0B-49F3-4031-A636-3B634246E3AB"}]}]}],"references":[{"url":"https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/","source":"hsrc@hikvision.com","tags":["Vendor Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2281","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2025-66177","sourceIdentifier":"hsrc@hikvision.com","published":"2026-01-13T03:16:01.250","lastModified":"2026-07-09T07:16:22.607","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"There is a Buffer overflow Vulnerability in the device Search and Discovery feature of Hikvision NVR/DVR/CVR/IPC models. If exploited, an attacker on the same local area network (LAN) could cause the device to malfunction by sending specially crafted packets to an unpatched device."},{"lang":"es","value":"Hay una vulnerabilidad de desbordamiento de pila en la función de Búsqueda y Descubrimiento de dispositivos de los modelos Hikvision NVR/DVR/CVR/IPC. Si se explota, un atacante en la misma red de área local (LAN) podría causar que el dispositivo funcione mal enviando paquetes especialmente diseñados a un dispositivo sin parchear."}],"affected":[{"source":"hsrc@hikvision.com","affectedData":[{"vendor":"Hikvision","product":"DS-96xxxNI-Hx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxxNI-Ix","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxNXI-Sx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxxNXI-Sx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-Mx/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxNXI-Mx/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNI-Mx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNI-Mx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxNXI-Mx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxxNXI-Mx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-86xxxNXI-Mx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-Ix/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-Ix/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-86xxNXI-Ix/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-96xxNXI-Ix/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-Ix/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-Ix/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-Kx(/xP)  including(D)、(E)、(B)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-Kx(/xP) including(D)、(E)、(B)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-Kx(/xP)/Vpro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-Kx(/xP)/Vpro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNI-Qx(/xP)   including(D)、(E)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-71xxNI-Q1(/xP)/M","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-71xxNI-Q1(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-710xNI-G1/(xP)/M","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-71xxNI-Q1(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-71xxNI-Q1(/xP)/M","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNI-Q1(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNI-Q2(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-K1(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-K2(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-K4(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-86xxNXI-K8(/xP)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-K1(/xP)/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-76xxNXI-K2(/xP)/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-77xxNXI-K4(/xP)/VPro","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-71xxHGHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHGHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-71xxHQHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHQHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHQHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHTHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-90xxHUHI-M8/S(S)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-73xxHUHI-M4/S(S)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-81xxHUHI-M8/S(S)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-71xxHGHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-72xxHGHI-M1(/T)","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-ExxHGHI-xx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-71xxHQHI-M1/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHQHI-M1/E","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-71xxHQHI-M1/T","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHQHI-M1/T","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHQHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-73xxHQHI-M4/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-81xxHQHI-M8/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-90xxHQHI-M8/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-ExxHQHI-xx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-71xxHUHI-M1/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-M1/E","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-M1/T","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHUHI-Mx/PXT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-73xxHUHI-M4/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-90xxHUHI-M8/S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-ExxHUHI-xx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-72xxHTHI-Mx/XT","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-A806xxSI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-AT1000SI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxxNXI-Hx","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96064NXI-I16","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxxNXI-Ix/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxNXI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-76xxNXI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-77xxNXI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxNXI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxxNXI-Mx/X","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxxNXI-Hx/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxNXI-Mx/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxNXI-Mx/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxxNXI-Mx/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxNXI-S/T","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxNXI-S","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-6704NXI/AI","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-67xxNXI-P1","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-7608NXI-P2","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-77xxNXI-P4","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"iDS-96xxNXI-Px","versions":[{"version":"Build date before 250807","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD1xxxG2","versions":[{"version":"Versions below V5.7.13_230822 (including V5.7.13_230822)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD3xx1G2","versions":[{"version":"Versions below V5.7.13_230822 (including V5.7.13_230822)","status":"affected"}]},{"vendor":"Hikvision","product":"HWI-xxxxHA","versions":[{"version":"Versions below V5.7.13_230822 (including V5.7.13_230822)","status":"affected"}]},{"vendor":"Hikvision","product":"IPC-xxxxHA","versions":[{"version":"Versions below V5.7.13_230822 (including V5.7.13_230822)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD2Dx5G1","versions":[{"version":"Versions below V5.7.210_240826 (including V5.7.210_240826)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD64x5G1","versions":[{"version":"Versions below V5.7.210_240826 (including V5.7.210_240826)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD29xxG0","versions":[{"version":"Versions below V5.7.21_240814 (including V5.7.21_240814)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2XE6xxxG0","versions":[{"version":"Versions below V5.7.7build241203 (including V5.7.7build241203)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2XC6xxxG0","versions":[{"version":"Versions below V5.7.7build241203 (including V5.7.7build241203)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD1xxxG0(T)","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD1xx1","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD3xx1G0","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]},{"vendor":"Hikvision","product":"DS-2CD2xx1G0","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]},{"vendor":"Hikvision","product":"IPC-xxxxH","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]},{"vendor":"Hikvision","product":"HWI-xxxH(C)","versions":[{"version":"Versions below V5.7.23_241015 (including V5.7.23_241015)","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"hsrc@hikvision.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-13T14:26:06.385030Z","id":"CVE-2025-66177","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://www.hikvision.com/en/support/cybersecurity/security-advisory/buffer-overflow-vulnerabilities-in-some-hikvision-products/","source":"hsrc@hikvision.com"}]}},{"cve":{"id":"CVE-2025-15366","sourceIdentifier":"cna@python.org","published":"2026-01-20T22:15:51.023","lastModified":"2026-07-09T18:16:48.850","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters."},{"lang":"es","value":"El módulo imaplib, cuando se le pasa un comando controlado por el usuario, puede tener comandos adicionales inyectados usando saltos de línea. La mitigación rechaza comandos que contienen caracteres de control."}],"affected":[{"source":"cna@python.org","affectedData":[{"vendor":"Python Software Foundation","product":"CPython","defaultStatus":"unaffected","modules":["imaplib"],"repo":"https://github.com/python/cpython","versions":[{"version":"0","lessThan":"3.15.0a6","versionType":"python","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@python.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-22T04:55:32.252111Z","id":"CVE-2025-15366","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@python.org","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"references":[{"url":"https://github.com/python/cpython/commit/298182272a740ce2016aee2f54acbd0bba1944c1","source":"cna@python.org"},{"url":"https://github.com/python/cpython/commit/6262704b134db2a4ba12e85ecfbd968534f28b45","source":"cna@python.org"},{"url":"https://github.com/python/cpython/commit/71926d943c05bde79bd2a866933103541d91b6a2","source":"cna@python.org"},{"url":"https://github.com/python/cpython/commit/d0921efb665aff26b378f495e5ff84f7e3fe649d","source":"cna@python.org"},{"url":"https://github.com/python/cpython/commit/f2cd7ef89aa8a0dcbc7283bbd39548b76f2a736a","source":"cna@python.org"},{"url":"https://github.com/python/cpython/issues/143921","source":"cna@python.org"},{"url":"https://github.com/python/cpython/pull/143922","source":"cna@python.org"},{"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/DD7C7JZJYTBXMDOWKCEIEBJLBRU64OMR/","source":"cna@python.org"}]}},{"cve":{"id":"CVE-2025-61731","sourceIdentifier":"security@golang.org","published":"2026-01-28T20:16:10.073","lastModified":"2026-07-09T13:16:42.813","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The \"#cgo pkg-config:\" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a \"--log-file\" argument to this directive, causing pkg-config to write to an attacker-controlled location."},{"lang":"es","value":"Construir un archivo malicioso con cmd/go puede causar puede causar una escritura a un archivo controlado por el atacante con control parcial del contenido del archivo. La directiva '#cgo pkg-config:' en un archivo fuente de Go proporciona argumentos de línea de comandos para proporcionar al comando Go pkg-config. Un atacante puede proporcionar un argumento '--log-file' a esta directiva, causando que pkg-config escriba a una ubicación controlada por el atacante."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go toolchain","product":"cmd/go","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"cmd/go","versions":[{"version":"0","lessThan":"1.24.12","versionType":"semver","status":"affected"},{"version":"1.25.0","lessThan":"1.25.6","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v. 8.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.12::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.13::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.14::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.16::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.17::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.18::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.19::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.20::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2.6::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.1::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-29T04:55:56.484332Z","id":"CVE-2025-61731","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.24.12","matchCriteriaId":"21FD9368-8AB3-404B-8599-BBF64EFE3C7B"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.25.0","versionEndExcluding":"1.25.6","matchCriteriaId":"A547E844-78D2-4B17-B7A9-73E7B503D2CE"}]}]}],"references":[{"url":"https://go.dev/cl/736711","source":"security@golang.org","tags":["Patch"]},{"url":"https://go.dev/issue/77100","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","source":"security@golang.org","tags":["Mailing List","Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4339","source":"security@golang.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:12118","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:12282","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13736","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14100","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15091","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17598","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20088","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21691","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3556","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3559","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3855","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:4434","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5941","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5942","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5943","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5944","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5948","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5950","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5952","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6949","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7291","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7833","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7834","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7876","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7877","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7878","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7879","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7883","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8448","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-61731","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434433","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61731.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-61732","sourceIdentifier":"security@golang.org","published":"2026-02-05T04:15:50.873","lastModified":"2026-07-09T13:16:44.137","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary."},{"lang":"es","value":"Una discrepancia entre cómo se analizaban los comentarios de Go y C/C++ permitió el contrabando de código en el binario cgo resultante."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go toolchain","product":"cmd/cgo","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"cmd/cgo","versions":[{"version":"0","lessThan":"1.24.13","versionType":"semver","status":"affected"},{"version":"1.25.0-0","lessThan":"1.25.7","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v. 8.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.12","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.12::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.13::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.14::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.16::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.17::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.18::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.19::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.20::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.26::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2.6::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.1::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-05T14:56:35.952364Z","id":"CVE-2025-61732","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.24.13","matchCriteriaId":"9FEE539A-EDC2-4044-A38C-5A0FDF567509"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.25.0","versionEndExcluding":"1.25.7","matchCriteriaId":"B275853C-E253-485B-B469-31D1A7383965"}]}]}],"references":[{"url":"https://go.dev/cl/734220","source":"security@golang.org","tags":["Patch","Product"]},{"url":"https://go.dev/issue/76697","source":"security@golang.org","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk","source":"security@golang.org","tags":["Mailing List","Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4433","source":"security@golang.org","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10104","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:12282","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14100","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15091","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17598","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21691","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:2706","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:2708","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:2709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:2844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3192","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3193","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3468","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3469","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3470","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3471","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3472","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3473","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3489","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3556","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3559","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3855","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:4434","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5948","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5950","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5952","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7291","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8448","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-61732","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437016","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61732.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-69872","sourceIdentifier":"cve@mitre.org","published":"2026-02-11T19:15:50.360","lastModified":"2026-07-08T13:16:27.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DiskCache (python-diskcache) through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache."},{"lang":"es","value":"DiskCache (python-diskcache) hasta la versión 5.6.3 utiliza Python pickle para la serialización por defecto. Un atacante con acceso de escritura al directorio de caché puede lograr ejecución de código arbitrario cuando una aplicación víctima lee de la caché."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:3.3::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:11:02.221552Z","id":"CVE-2025-69872","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"references":[{"url":"https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69872-DiskCache-Pickle-Deserialization.md","source":"cve@mitre.org"},{"url":"https://github.com/grantjenks/python-diskcache","source":"cve@mitre.org"},{"url":"https://access.redhat.com/errata/RHSA-2026:36350","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:3713","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-69872","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439059","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69872.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-69873","sourceIdentifier":"cve@mitre.org","published":"2026-02-11T19:15:50.467","lastModified":"2026-07-09T13:16:46.410","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., \"^(a|a)*$\") combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation. This issue is also fixed in version 6.14.0."},{"lang":"es","value":"ajv (Another JSON Schema Validator) hasta la versión 8.17.1 es vulnerable a la denegación de servicio por expresiones regulares (ReDoS) cuando la opción $data está habilitada. La palabra clave 'pattern' acepta datos en tiempo de ejecución a través de la sintaxis JSON Pointer (referencia $data), que se pasa directamente al constructor JavaScript RegExp() sin validación. Un atacante puede inyectar un patrón de expresión regular malicioso (por ejemplo, '^(a|a)*$') combinado con una entrada manipulada para causar un retroceso catastrófico. Una carga útil de 31 caracteres causa aproximadamente 44 segundos de bloqueo de CPU, y cada carácter adicional duplica el tiempo de ejecución. Esto permite una denegación de servicio completa con una única solicitud HTTP contra cualquier API que utilice ajv con $data: true para la validación dinámica de esquemas."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"ajv.js","product":"ajv","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"6.14.0","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThan":"8.17.2","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7.3 EUS for RHEL 7 Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform_eus:7.3::el7"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el8","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"]},{"vendor":"Red Hat","product":"Network Observability (NETOBSERV) 1.11.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:network_observ_optr:1.11::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.8::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:2.16::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:3.3::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.14::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.16::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.17::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.19::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.27","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.27::el9"]},{"vendor":"Red Hat","product":"Red Hat Quay 3.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3.14::el8"]},{"vendor":"Red Hat","product":"Red Hat Quay 3.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3.15::el8"]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Quay 3.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3.9::el8"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.18::el9"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Node HealthCheck Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_nhc:0"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_registry:2"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el10","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Gatekeeper 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:gatekeeper:3"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of OptaPlanner 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:optaplanner:::el6"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:11"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Process Automation 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_streams:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":2.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.4,"impactScore":1.4},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-12T15:13:03.482882Z","id":"CVE-2025-69873","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"references":[{"url":"https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md","source":"cve@mitre.org"},{"url":"https://github.com/advisories/GHSA-2g4f-4pwh-qvx6","source":"cve@mitre.org"},{"url":"https://github.com/ajv-validator/ajv/pull/2588","source":"cve@mitre.org"},{"url":"https://github.com/ajv-validator/ajv/pull/2590","source":"cve@mitre.org"},{"url":"https://github.com/ajv-validator/ajv/releases/tag/v6.14.0","source":"cve@mitre.org"},{"url":"https://github.com/github/advisory-database/pull/6991","source":"cve@mitre.org"},{"url":"https://access.redhat.com/errata/RHSA-2026:10093","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13512","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15091","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16874","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19712","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26211","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26214","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33371","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5168","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5807","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5907","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5910","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6192","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6277","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6309","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6497","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6567","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6568","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6802","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7314","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9742","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-69873","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2439070","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69873.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-1692","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:18.160","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to lure a successfully authenticated user to a malicious website.\n\nThis vulnerability only affects the following two endpoints: GraphicalData/js/signalR/connect and GraphicalData/js/signalR/reconnect."},{"lang":"es","value":"Una vulnerabilidad de validación de origen faltante en WebSockets afecta a los servicios web GraphicalData utilizados por las características WebVue, WebScheduler, TouchVue y SnapVue de PcVue en la versión 12.0.0 hasta la 16.3.3 incluida. Podría permitir a un atacante remoto atraer a un usuario autenticado con éxito a un sitio web malicioso.\n\nEsta vulnerabilidad solo afecta a los dos siguientes endpoints: GraphicalData/js/signalR/connect y GraphicalData/js/signalR/reconnect."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler","TouchVue","SnapVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:23:10.635765Z","id":"CVE-2026-1692","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-1385"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1693","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:18.490","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The OAuth grant type Resource Owner Password Credentials (ROPC) flow is still used by the werbservices used by the WebVue, WebScheduler, TouchVue and Snapvue features of PcVue in version 12.0.0 through 16.3.3 included despite being deprecated. It might allow a remote attacker to steal user credentials."},{"lang":"es","value":"El flujo de tipo de concesión OAuth Credenciales de Contraseña del Propietario del Recurso (ROPC) sigue siendo utilizado por los servicios web utilizados por las características WebVue, WebScheduler, TouchVue y Snapvue de PcVue en la versión 12.0.0 hasta la 16.3.3 incluida a pesar de estar desaprobado. Podría permitir a un atacante remoto robar credenciales de usuario."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler","TouchVue","SnapVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:22:29.948819Z","id":"CVE-2026-1693","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-477"},{"lang":"en","value":"CWE-1390"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1694","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:18.763","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"HTTP headers are added by the default configuration of IIS and ASP.net, and are not removed at the deployment phase of the webservices used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It unnecessarily exposes sensitive information about the server configuration."},{"lang":"es","value":"Los encabezados HTTP son añadidos por la configuración predeterminada de IIS y ASP.net, y no son eliminados en la fase de despliegue de los servicios web utilizados por las funcionalidades WebVue, WebScheduler, TouchVue y SnapVue de PcVue desde la versión 12.0.0 hasta la 16.3.3 incluida. Esto expone innecesariamente información sensible sobre la configuración del servidor."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler","TouchVue","SnapVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:22:01.724842Z","id":"CVE-2026-1694","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1695","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:19.063","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An XSS vulnerability affects the OAuth web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to trick a legitimate user into loading content from another site upon unsuccessful user authentication on an unknown application (unknown client_id).\n\nThis vulnerability only affects the error page of the OAuth server."},{"lang":"es","value":"Una vulnerabilidad XSS afecta los servicios web OAuth utilizados por las características WebVue, WebScheduler, TouchVue y SnapVue de PcVue en la versión 12.0.0 hasta la 16.3.3 incluida. Podría permitir a un atacante remoto engañar a un usuario legítimo para que cargue contenido de otro sitio tras una autenticación de usuario fallida en una aplicación desconocida (client_id desconocido).\n\nEsta vulnerabilidad solo afecta la página de error del servidor OAuth."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler","TouchVue","SnapVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:21:18.585143Z","id":"CVE-2026-1695","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1696","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:19.323","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Some HTTP security headers are not properly set by the web server when sending responses to the client application."},{"lang":"es","value":"Algunas cabeceras de seguridad HTTP no se establecen correctamente por el servidor web al enviar respuestas a la aplicación cliente."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler","TouchVue","SnapVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:32:44.551623Z","id":"CVE-2026-1696","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1697","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:19.620","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Secure and SameSite attribute are missing in the GraphicalData web services and WebClient web app of PcVue in version 12.0.0 through 16.3.3 included."},{"lang":"es","value":"Faltan los atributos Secure y SameSite en los servicios web GraphicalData y la aplicación web WebClient de PcVue en las versiones 12.0.0 hasta la 16.3.3 incluida."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","Web services"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"},{"version":"12.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:32:02.353239Z","id":"CVE-2026-1697","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-614"},{"lang":"en","value":"CWE-1275"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"C70C58B7-92FF-4D6D-AACB-0F2FDF56E750"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1698","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-02-26T08:16:19.897","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that manipulate server-side behavior.\n\nThis vulnerability only affects the endpoints /Authentication/ExternalLogin, /Authentication/AuthorizationCodeCallback and /Authentication/Logout\nof the WebClient and WebScheduler web apps."},{"lang":"es","value":"Una vulnerabilidad de ataque de encabezado Host HTTP afecta a las aplicaciones web WebClient y WebScheduler de PcVue en las versiones 15.0.0 hasta la 16.3.3 incluidas, permitiendo a un atacante remoto inyectar cargas útiles maliciosas que manipulan el comportamiento del lado del servidor.\n\nEsta vulnerabilidad solo afecta a los puntos finales /Authentication/ExternalLogin, /Authentication/AuthorizationCodeCallback y /Authentication/Logout de las aplicaciones web WebClient y WebScheduler."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"unaffected","modules":["WebVue","WebScheduler"],"versions":[{"version":"16.0.0","lessThanOrEqual":"16.3.3","versionType":"cpe","status":"affected"},{"version":"15.0.0","lessThanOrEqual":"15.2.13","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Clear","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"CLEAR"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-02-26T14:30:06.903784Z","id":"CVE-2026-1698","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-644"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"15.0.0","versionEndIncluding":"15.2.13","matchCriteriaId":"A3F90916-E0DF-461E-AA4E-47F1C6868FBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionStartIncluding":"16.0.0","versionEndExcluding":"16.3.4","matchCriteriaId":"50259E97-1C6D-4E3B-A3A0-824864907518"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-2","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26017","sourceIdentifier":"security-advisories@github.com","published":"2026-03-06T16:16:10.397","lastModified":"2026-07-09T13:16:53.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. This issue has been patched in version 1.14.2."},{"lang":"es","value":"CoreDNS es un servidor DNS que encadena plugins. Antes de la versión 1.14.2, una vulnerabilidad lógica en CoreDNS permite que los controles de acceso DNS sean eludidos debido al orden de ejecución predeterminado de los plugins. Plugins de seguridad como acl son evaluados antes del plugin rewrite, lo que resulta en una falla de Tiempo de Verificación Tiempo de Uso (TOCTOU). Este problema ha sido parcheado en la versión 1.14.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coredns","product":"coredns","versions":[{"version":"< 1.14.2","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":4.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-06T16:06:32.284525Z","id":"CVE-2026-26017","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coredns.io:coredns:*:*:*:*:*:*:*:*","versionEndExcluding":"1.14.2","matchCriteriaId":"B72A7A10-A05D-47A2-93A8-076E4C944D23"}]}]}],"references":[{"url":"https://github.com/coredns/coredns/releases/tag/v1.14.2","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25127","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36873","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8151","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-26017","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445244","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26017.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-26018","sourceIdentifier":"security-advisories@github.com","published":"2026-03-06T16:16:10.557","lastModified":"2026-07-09T13:16:53.727","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler that terminates the entire process. This issue has been patched in version 1.14.2."},{"lang":"es","value":"CoreDNS es un servidor DNS que encadena plugins. Antes de la versión 1.14.2, existe una vulnerabilidad de denegación de servicio en el plugin de detección de bucles de CoreDNS que permite a un atacante colapsar el servidor DNS al enviar consultas DNS especialmente diseñadas. La vulnerabilidad se deriva del uso de un generador de números pseudoaleatorios (PRNG) predecible para generar un nombre de consulta secreto, combinado con un gestor de errores fatal que finaliza el proceso completo. Este problema ha sido parcheado en la versión 1.14.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coredns","product":"coredns","versions":[{"version":"< 1.14.2","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-06T16:07:22.371186Z","id":"CVE-2026-26018","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-337"},{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1241"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coredns.io:coredns:*:*:*:*:*:*:*:*","versionEndExcluding":"1.14.2","matchCriteriaId":"B72A7A10-A05D-47A2-93A8-076E4C944D23"}]}]}],"references":[{"url":"https://github.com/coredns/coredns/releases/tag/v1.14.2","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25127","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36873","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8151","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-26018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445242","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-26018.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-27137","sourceIdentifier":"security@golang.org","published":"2026-03-06T22:16:00.850","lastModified":"2026-07-09T13:16:53.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered."},{"lang":"es","value":"Al verificar una cadena de certificados que contiene un certificado con múltiples restricciones de dirección de correo electrónico que comparten porciones locales comunes pero porciones de dominio diferentes, estas restricciones no se aplicarán correctamente, y solo la última restricción será considerada."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go standard library","product":"crypto/x509","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"crypto/x509","programRoutines":[{"name":"newEmailConstraints"},{"name":"emailConstraints.query"},{"name":"checkConstraints"},{"name":"checkChainConstraints"},{"name":"parseMailboxes"},{"name":"Certificate.Verify"}],"versions":[{"version":"1.26.0-0","lessThan":"1.26.1","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:17.1","cpe:/a:redhat:openstack:17.1::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"DevWorkspace Operator 0.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:devworkspace:0.40::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.0::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.2::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection 1.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1.4::el9"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection 1.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Lightspeed (formerly Insights) for Runtimes 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 2.25","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:2.25::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.6.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.27","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.27::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps 1.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1.18::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps 1.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1.19::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps 1.20","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1.20::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Quay 3.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.11::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.12::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.15::el9"]},{"vendor":"Red Hat","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:assisted_installer:2"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Deployment Validation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:deployment_validator_operator"]},{"vendor":"Red Hat","product":"ExternalDNS Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:ext_dns_optr:1"]},{"vendor":"Red Hat","product":"Fence Agents Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_far:0"]},{"vendor":"Red Hat","product":"Gatekeeper 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:gatekeeper:3"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Logical Volume Manager Storage","defaultStatus":"affected","cpes":["cpe:/a:redhat:lvms:4"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat Certification Program for Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:certifications:9"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Cluster Manager CLI","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_cluster_manager_cli:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift on AWS","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_service_on_aws:1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:18.0"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]},{"vendor":"Red Hat","product":"cert-manager Operator for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cert_manager:1"]},{"vendor":"Red Hat","product":"Compliance Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_compliance_operator:1"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler operator for Red Hat Openshift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"]},{"vendor":"Red Hat","product":"External Secrets Operator for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:external_secrets_operator:1"]},{"vendor":"Red Hat","product":"File Integrity Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1"]},{"vendor":"Red Hat","product":"Machine Deletion Remediation Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:workload_availability_mdr:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:mirror_registry:2"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"Node HealthCheck Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:workload_availability_nhc:0"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Power monitoring for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_power_monitoring"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:windows_machine_config"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:2"]},{"vendor":"Red Hat","product":"Security Profiles Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"]},{"vendor":"Red Hat","product":"Service Telemetry Framework 1.5","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:stf:1.5"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-10T13:32:09.097820Z","id":"CVE-2026-27137","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:1.26.0:*:*:*:*:*:*:*","matchCriteriaId":"A40FE3CB-0D03-462B-8A19-4DF1920ABE82"}]}]}],"references":[{"url":"https://go.dev/cl/752182","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://go.dev/issue/77952","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","source":"security@golang.org","tags":["Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4599","source":"security@golang.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10158","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10169","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10175","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10184","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10225","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10250","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10929","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11800","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13545","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14879","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19022","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19049","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19132","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19181","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19375","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22450","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22714","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22862","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22937","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23228","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26568","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26585","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28038","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28047","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29854","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5110","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5549","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7291","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8151","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8167","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8337","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8338","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:8842","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9052","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9697","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9698","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9699","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9872","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-27137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27137.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-20074","sourceIdentifier":"psirt@cisco.com","published":"2026-03-11T17:16:55.470","lastModified":"2026-07-08T19:07:12.303","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly.\r\n\r\nThis vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending crafted IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process to restart unexpectedly, resulting in a temporary loss of connectivity to advertised networks and a denial of service (DoS) condition.\r\nNote: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency.&nbsp;&nbsp;"},{"lang":"es","value":"Una vulnerabilidad en la función de enrutamiento multi-instancia de Intermediate System-to-Intermediate System (IS-IS) de Cisco IOS XR Software podría permitir a un atacante no autenticado y adyacente causar que el proceso IS-IS se reinicie inesperadamente.\n\nEsta vulnerabilidad se debe a una validación de entrada insuficiente de los paquetes IS-IS de entrada. Un atacante podría explotar esta vulnerabilidad enviando paquetes IS-IS manipulados a un dispositivo afectado después de formar una adyacencia. Un exploit exitoso podría permitir al atacante causar que el proceso IS-IS se reinicie inesperadamente, lo que resultaría en una pérdida temporal de conectividad a las redes anunciadas y una condición de denegación de servicio (DoS).\nNota: El protocolo IS-IS es un protocolo de enrutamiento. Para explotar esta vulnerabilidad, un atacante debe ser adyacente en Capa 2 al dispositivo afectado y debe haber formado una adyacencia."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco IOS XR Software","defaultStatus":"unknown","versions":[{"version":"7.8.1","status":"affected"},{"version":"7.9.1","status":"affected"},{"version":"7.10.1","status":"affected"},{"version":"7.8.2","status":"affected"},{"version":"7.8.22","status":"affected"},{"version":"7.9.2","status":"affected"},{"version":"7.11.1","status":"affected"},{"version":"7.9.21","status":"affected"},{"version":"7.10.2","status":"affected"},{"version":"24.1.1","status":"affected"},{"version":"7.11.2","status":"affected"},{"version":"24.2.1","status":"affected"},{"version":"24.1.2","status":"affected"},{"version":"24.2.11","status":"affected"},{"version":"24.3.1","status":"affected"},{"version":"24.4.1","status":"affected"},{"version":"24.2.2","status":"affected"},{"version":"7.8.23","status":"affected"},{"version":"7.11.21","status":"affected"},{"version":"24.2.20","status":"affected"},{"version":"24.3.2","status":"affected"},{"version":"24.4.10","status":"affected"},{"version":"25.1.1","status":"affected"},{"version":"24.4.2","status":"affected"},{"version":"24.3.20","status":"affected"},{"version":"24.4.15","status":"affected"},{"version":"25.2.1","status":"affected"},{"version":"25.1.2","status":"affected"},{"version":"24.3.30","status":"affected"},{"version":"24.4.30","status":"affected"},{"version":"24.2.21","status":"affected"},{"version":"25.2.15","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-11T17:04:46.266844Z","id":"CVE-2026-20074","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr:*:*:*:*:*:*:*:*","versionStartIncluding":"7.8.0","versionEndExcluding":"25.2.2","matchCriteriaId":"8352E25F-6467-4428-B677-013F64C9F130"},{"vulnerable":true,"criteria":"cpe:2.3:o:cisco:ios_xr:25.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1B34524C-985A-421D-91D8-3447294A44B3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-dos-kDMxpSzK","source":"psirt@cisco.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20117","sourceIdentifier":"psirt@cisco.com","published":"2026-03-11T17:16:55.973","lastModified":"2026-07-08T19:12:13.653","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.\r\n\r\nThis vulnerability exists because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information."},{"lang":"es","value":"Una vulnerabilidad en la interfaz de gestión basada en web de Cisco Unified Contact Center Express (Unified CCX) podría permitir a un atacante remoto no autenticado realizar ataques de cross-site scripting (XSS) contra un usuario de la interfaz.\n\nEsta vulnerabilidad existe porque la interfaz de gestión basada en web de un sistema afectado no valida suficientemente la entrada proporcionada por el usuario. Un atacante podría explotar esta vulnerabilidad inyectando código malicioso en páginas específicas de la interfaz. Un exploit exitoso podría permitir al atacante ejecutar código de script arbitrario en el contexto de la interfaz afectada o acceder a información sensible basada en el navegador."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Unified Contact Center Express","defaultStatus":"unknown","versions":[{"version":"10.5(1)SU1","status":"affected"},{"version":"10.6(1)","status":"affected"},{"version":"11.6(1)","status":"affected"},{"version":"10.6(1)SU1","status":"affected"},{"version":"10.6(1)SU3","status":"affected"},{"version":"11.6(2)","status":"affected"},{"version":"12.0(1)","status":"affected"},{"version":"11.0(1)SU1","status":"affected"},{"version":"11.5(1)SU1","status":"affected"},{"version":"10.5(1)","status":"affected"},{"version":"12.5(1)","status":"affected"},{"version":"12.5(1)SU1","status":"affected"},{"version":"12.5(1)SU2","status":"affected"},{"version":"12.5(1)SU3","status":"affected"},{"version":"12.5(1)_SU03_ES01","status":"affected"},{"version":"12.5(1)_SU03_ES02","status":"affected"},{"version":"12.5(1)_SU02_ES03","status":"affected"},{"version":"12.5(1)_SU02_ES04","status":"affected"},{"version":"12.5(1)_SU02_ES02","status":"affected"},{"version":"12.5(1)_SU01_ES02","status":"affected"},{"version":"12.5(1)_SU01_ES03","status":"affected"},{"version":"12.5(1)_SU02_ES01","status":"affected"},{"version":"11.6(2)ES07","status":"affected"},{"version":"11.6(2)ES08","status":"affected"},{"version":"12.5(1)_SU01_ES01","status":"affected"},{"version":"12.0(1)ES04","status":"affected"},{"version":"12.5(1)ES02","status":"affected"},{"version":"12.5(1)ES03","status":"affected"},{"version":"11.6(2)ES06","status":"affected"},{"version":"12.5(1)ES01","status":"affected"},{"version":"12.0(1)ES03","status":"affected"},{"version":"12.0(1)ES01","status":"affected"},{"version":"11.6(2)ES05","status":"affected"},{"version":"12.0(1)ES02","status":"affected"},{"version":"11.6(2)ES04","status":"affected"},{"version":"11.6(2)ES03","status":"affected"},{"version":"11.6(2)ES02","status":"affected"},{"version":"11.6(2)ES01","status":"affected"},{"version":"10.6(1)SU3ES03","status":"affected"},{"version":"11.0(1)SU1ES03","status":"affected"},{"version":"10.6(1)SU3ES01","status":"affected"},{"version":"10.5(1)SU1ES10","status":"affected"},{"version":"11.5(1)SU1ES03","status":"affected"},{"version":"11.6(1)ES02","status":"affected"},{"version":"11.5(1)ES01","status":"affected"},{"version":"10.6(1)SU2","status":"affected"},{"version":"10.6(1)SU2ES04","status":"affected"},{"version":"11.6(1)ES01","status":"affected"},{"version":"10.6(1)SU3ES02","status":"affected"},{"version":"11.5(1)SU1ES02","status":"affected"},{"version":"11.5(1)SU1ES01","status":"affected"},{"version":"11.0(1)SU1ES02","status":"affected"},{"version":"12.5(1)_SU03_ES03","status":"affected"},{"version":"12.5(1)_SU03_ES04","status":"affected"},{"version":"12.5(1)_SU03_ES05","status":"affected"},{"version":"UCCX 15.0.1","status":"affected"},{"version":"12.5(1)_SU03_ES06","status":"affected"},{"version":"12.5(1)_SU03_ES07","status":"affected"},{"version":"15.0(1)","status":"affected"},{"version":"15.0(1)ES01","status":"affected"},{"version":"15.0(1)ES-MSOauth","status":"affected"},{"version":"1501_ES01_CSCws06843","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-11T17:05:14.798354Z","id":"CVE-2026-20117","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unified_contact_center_express:*:*:*:*:*:*:*:*","versionEndIncluding":"15.0\\(1\\)ES01","matchCriteriaId":"6E7F7C37-40B9-40E2-A650-AFCD25B643FE"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cc-xss-MrNAH5Jh","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-32141","sourceIdentifier":"security-advisories@github.com","published":"2026-03-12T18:16:25.837","lastModified":"2026-07-09T13:16:56.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"flatted is a circular JSON parser. Prior to 3.4.0, flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process. This vulnerability is fixed in 3.4.0."},{"lang":"es","value":"flatted es un analizador de JSON circular. Antes de la versión 3.4.0, la función parse() de flatted utiliza una fase recursiva revive() para resolver referencias circulares en JSON deserializado. Cuando se le proporciona una carga útil manipulada con índices $ profundamente anidados o autorreferenciales, la profundidad de recursión es ilimitada, causando un desbordamiento de pila que bloquea el proceso de Node.js. Esta vulnerabilidad se ha corregido en la versión 3.4.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"WebReflection","product":"flatted","versions":[{"version":"< 3.4.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cluster Observability Operator 1.5.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:cluster_observability_operator:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.8::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai:2.16::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.28","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.28::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_registry:2"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat build of OptaPlanner 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:optaplanner:::el6"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:11"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Process Automation 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-13T16:20:15.479714Z","id":"CVE-2026-32141","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-674"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:webreflection:flatted:*:*:*:*:*:node.js:*:*","versionEndExcluding":"3.4.0","matchCriteriaId":"767AEF0F-F297-47FE-8BA7-F1B7D7DFB8F0"}]}]}],"references":[{"url":"https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/WebReflection/flatted/pull/88","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13826","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21772","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34342","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:5807","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9742","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32141","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2447083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32141.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-69196","sourceIdentifier":"security-advisories@github.com","published":"2026-03-16T19:16:14.397","lastModified":"2026-07-08T13:16:26.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FastMCP is the standard framework for building MCP applications. Prior to version 2.14.2, the server does not properly respect the resource parameter submitted by the client in the authorization and token request. Instead of issuing the token explicitly for the MCP server, the token is issued for the base_url passed to the OAuthProxy during initialization. This issue has been patched 2.14.2."},{"lang":"es","value":"FastMCP es el framework estándar para construir aplicaciones MCP. Antes de la versión 2.14.2, el servidor no respeta adecuadamente el parámetro de recurso enviado por el cliente en la solicitud de autorización y de token. En lugar de emitir el token explícitamente para el servidor MCP, el token se emite para la base_url pasada al OAuthProxy durante la inicialización. Este problema ha sido parcheado en 2.14.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"jlowin","product":"fastmcp","versions":[{"version":"< 2.14.2","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-16T19:09:19.463530Z","id":"CVE-2025-69196","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1220"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jlowin:fastmcp:*:*:*:*:*:*:*:*","versionEndExcluding":"2.14.2","matchCriteriaId":"D20B7869-1019-4F0B-9135-0EE29889FF4F"}]}]}],"references":[{"url":"https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-5h2m-4q8j-pqpj","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36350","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-69196","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2448179","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-69196.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-3564","sourceIdentifier":"7d616e1a-3288-43b1-a0dd-0a65d3e70a49","published":"2026-03-17T15:16:19.253","lastModified":"2026-07-09T18:16:51.930","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A condition in the ScreenConnect server component may allow an actor with access to server-level cryptographic material used for authentication to obtain unauthorized access, including elevated privileges, in certain scenarios. ScreenConnect host and guest client agents are not independently affected by this CVE."},{"lang":"es","value":"Una condición en ScreenConnect podría permitir a un actor con acceso a material criptográfico a nivel de servidor utilizado para la autenticación obtener acceso no autorizado, incluyendo privilegios elevados, en ciertos escenarios."}],"affected":[{"source":"7d616e1a-3288-43b1-a0dd-0a65d3e70a49","affectedData":[{"vendor":"ConnectWise","product":"ScreenConnect","defaultStatus":"unaffected","modules":["Server component","Server authentication cryptographic material handling"],"versions":[{"version":"All server versions prior to 26.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"7d616e1a-3288-43b1-a0dd-0a65d3e70a49","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-17T00:00:00+00:00","id":"CVE-2026-3564","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"7d616e1a-3288-43b1-a0dd-0a65d3e70a49","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"references":[{"url":"https://www.connectwise.com/company/trust/security-bulletins/2026-03-17-screenconnect-bulletin","source":"7d616e1a-3288-43b1-a0dd-0a65d3e70a49"}]}},{"cve":{"id":"CVE-2026-33211","sourceIdentifier":"security-advisories@github.com","published":"2026-03-24T00:16:29.320","lastModified":"2026-07-09T13:16:58.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch."},{"lang":"es","value":"El proyecto Tekton Pipelines proporciona recursos estilo k8s para declarar pipelines estilo CI/CD. A partir de la versión 1.0.0 y antes de las versiones 1.0.1, 1.3.3, 1.6.1, 1.9.2 y 1.10.2, el resolvedor git de Tekton Pipelines es vulnerable a salto de ruta a través del parámetro 'pathInRepo'. Un inquilino con permiso para crear 'ResolutionRequests' (por ejemplo, creando 'TaskRuns' o 'PipelineRuns' que usan el resolvedor git) puede leer archivos arbitrarios del sistema de archivos del pod del resolvedor, incluyendo tokens de ServiceAccount. El contenido del archivo se devuelve codificado en base64 en 'resolutionrequest.status.data'. Las versiones 1.0.1, 1.3.3, 1.6.1, 1.9.2 y 1.10.2 contienen un parche."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"tektoncd","product":"pipeline","versions":[{"version":">= 1.0.0, < 1.0.1","status":"affected"},{"version":">= 1.1.0, < 1.3.3","status":"affected"},{"version":">= 1.4.0, < 1.6.1","status":"affected"},{"version":">= 1.7.0, < 1.9.2","status":"affected"},{"version":">= 1.10.0, < 1.10.2","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.6.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Pipelines 1.21","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1.21::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Pipelines 1.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1.20::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Builds for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_builds:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-24T15:40:21.314239Z","id":"CVE-2026-33211","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*","versionStartIncluding":"1.1.0","versionEndExcluding":"1.3.3","matchCriteriaId":"510D5C7F-FB2A-4059-AF03-A85FD23267F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*","versionStartIncluding":"1.4.0","versionEndExcluding":"1.6.1","matchCriteriaId":"B4303F35-5E39-4F4B-9258-FE58CCA3C760"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.9.2","matchCriteriaId":"C465CD0F-E9E8-414D-9BED-49BEBD394E95"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*","versionStartIncluding":"1.10.0","versionEndExcluding":"1.10.2","matchCriteriaId":"871426E3-9DCC-43CE-8262-D87D4F040AEE"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:1.0.0:*:*:*:*:go:*:*","matchCriteriaId":"49E77BA1-6CC4-430D-B0C0-EB295ADBF6FE"}]}]}],"references":[{"url":"https://github.com/tektoncd/pipeline/commit/10fa538f9a2b6d01c75138f1ed7ba3da0e34687c","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/318006c4e3a5","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/3ca7bc6e6dd1d97f80b84f78370d91edaf023cbd","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/961388fcf3374bc7656d28ab58ca84987e0a75ae","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/b1fee65b88aa969069c14c120045e97c37d9ee5e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/cdb4e1e97a4f3170f9bc2cbfff83a6c8107bc3db","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/commit/ec7755031a183b345cf9e64bea0e0505c1b9cb78","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-j5q5-j9gm-2w5c","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10026","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10066","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10155","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10158","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21931","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21932","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24484","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6166","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:6170","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33211","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450554","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33211.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-33487","sourceIdentifier":"security-advisories@github.com","published":"2026-03-26T18:16:30.070","lastModified":"2026-07-09T13:16:59.087","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go versions before 1.22, or when `go.mod` uses an older version, there is a loop variable capture issue. The code takes the address of the loop variable `_ref` instead of its value. As a result, if more than one reference matches the ID or if the loop logic is incorrect, the `ref` pointer will always end up pointing to the last element in the `SignedInfo.References` slice after the loop. goxmlsig version 1.6.0 contains a patch."},{"lang":"es","value":"goxmlsig proporciona Firmas Digitales XML implementadas en Go. Antes de la versión 1.6.0, la función 'validateSignature' en 'validate.go' recorre las referencias en el bloque 'SignedInfo' para encontrar una que coincida con el ID del elemento firmado. En versiones de Go anteriores a la 1.22, o cuando 'go.mod' utiliza una versión anterior, existe un problema de captura de variable de bucle. El código toma la dirección de la variable de bucle '_ref' en lugar de su valor. Como resultado, si más de una referencia coincide con el ID o si la lógica del bucle es incorrecta, el puntero 'ref' siempre terminará apuntando al último elemento en el slice 'SignedInfo.References' después del bucle. goxmlsig versión 1.6.0 contiene un parche."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"russellhaering","product":"goxmldsig","versions":[{"version":"< 1.6.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps 1.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1.18::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps 1.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1.19::el8"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-30T11:16:13.379400Z","id":"CVE-2026-33487","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-347"},{"lang":"en","value":"CWE-682"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:goxmldsig_project:goxmldsig:*:*:*:*:*:*:*:*","versionEndExcluding":"1.6.0","matchCriteriaId":"F33DF651-C3B7-47BB-85EF-3D044F20608B"}]}]}],"references":[{"url":"https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-479m-364c-43vc","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13548","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20943","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20946","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33487","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451814","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33487.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-4926","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-03-26T19:17:08.387","lastModified":"2026-07-09T13:17:24.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Impact:\n\nA bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service.\n\nPatches:\n\nFixed in version 8.4.0.\n\nWorkarounds:\n\nLimit the number of sequential optional groups in route patterns. Avoid passing user-controlled input as route patterns."},{"lang":"es","value":"Impacto:\n\nSe genera una expresión regular defectuosa siempre que se tienen múltiples grupos opcionales secuenciales (sintaxis de llaves), como `{a}{b}{c}:z`. La expresión regular generada crece exponencialmente con el número de grupos, causando denegación de servicio.\n\nParches:\n\nCorregido en la versión 8.4.0.\n\nSoluciones alternativas:\n\nLimitar el número de grupos opcionales secuenciales en los patrones de ruta. Evitar pasar entradas controladas por el usuario como patrones de ruta."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"path-to-regexp","product":"path-to-regexp","defaultStatus":"unaffected","packageURL":"pkg:npm/path-to-regexp","versions":[{"version":"8.0.0","lessThan":"8.4.0","versionType":"semver","status":"affected"},{"version":"8.4.0","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el8","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"]},{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"Migration Toolkit for Virtualization 2.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:migration_toolkit_virtualization:2.10::el9"]},{"vendor":"Red Hat","product":"Migration Toolkit for Virtualization 2.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:migration_toolkit_virtualization:2.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.8::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.27","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.27::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:1"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_portal:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el10","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_registry:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat Process Automation 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_bpms_platform:7"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Trusted Profile Analyzer","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:trusted_profile_analyzer:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-27T19:44:44.790485Z","id":"CVE-2026-4926","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-1333"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pillarjs:path-to-regexp:*:*:*:*:*:node.js:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.4.0","matchCriteriaId":"DB421812-F7E3-4CC5-B02B-53CCBFDFB671"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10153","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10172","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10175","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13545","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13826","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19410","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24761","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24762","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24866","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9742","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-4926","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451867","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-4926.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-32285","sourceIdentifier":"security@golang.org","published":"2026-03-26T20:16:12.197","lastModified":"2026-07-09T13:16:57.540","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack."},{"lang":"es","value":"La función Eliminar no valida correctamente los desplazamientos al procesar una entrada JSON malformada. Esto puede provocar un índice de segmento negativo y un pánico en tiempo de ejecución, permitiendo un ataque de denegación de servicio."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"github.com/buger/jsonparser","product":"github.com/buger/jsonparser","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"github.com/buger/jsonparser","programRoutines":[{"name":"Delete"},{"name":"FuzzDelete"}],"versions":[{"version":"0","lessThan":"1.1.2","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"multicluster engine for Kubernetes 2.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine:2.10::el9"]},{"vendor":"Red Hat","product":"multicluster engine for Kubernetes 2.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine:2.8::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:windows_machine_config"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-30T14:05:55.547828Z","id":"CVE-2026-32285","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1285"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jsonparser_project:jsonparser:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.2","matchCriteriaId":"4B0C813E-AC2A-42B4-B085-B8DBE6790E8F"}]}]}],"references":[{"url":"https://github.com/buger/jsonparser/issues/275","source":"security@golang.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://github.com/golang/vulndb/issues/4514","source":"security@golang.org","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4514","source":"security@golang.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13548","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17121","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17123","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19099","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34364","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35111","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7191","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32285","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451846","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32285.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://securityinfinity.com/research/buger-jsonparser-negative-slice-panic-dos-2026","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-23401","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-04-01T09:16:15.260","lastModified":"2026-07-08T13:16:30.563","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE\n\nWhen installing an emulated MMIO SPTE, do so *after* dropping/zapping the\nexisting SPTE (if it's shadow-present).  While commit a54aa15c6bda3 was\nright about it being impossible to convert a shadow-present SPTE to an\nMMIO SPTE due to a _guest_ write, it failed to account for writes to guest\nmemory that are outside the scope of KVM.\n\nE.g. if host userspace modifies a shadowed gPTE to switch from a memslot\nto emulted MMIO and then the guest hits a relevant page fault, KVM will\ninstall the MMIO SPTE without first zapping the shadow-present SPTE.\n\n  ------------[ cut here ]------------\n  is_shadow_present_pte(*sptep)\n  WARNING: arch/x86/kvm/mmu/mmu.c:484 at mark_mmio_spte+0xb2/0xc0 [kvm], CPU#0: vmx_ept_stale_r/4292\n  Modules linked in: kvm_intel kvm irqbypass\n  CPU: 0 UID: 1000 PID: 4292 Comm: vmx_ept_stale_r Not tainted 7.0.0-rc2-eafebd2d2ab0-sink-vm #319 PREEMPT\n  Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015\n  RIP: 0010:mark_mmio_spte+0xb2/0xc0 [kvm]\n  Call Trace:\n   <TASK>\n   mmu_set_spte+0x237/0x440 [kvm]\n   ept_page_fault+0x535/0x7f0 [kvm]\n   kvm_mmu_do_page_fault+0xee/0x1f0 [kvm]\n   kvm_mmu_page_fault+0x8d/0x620 [kvm]\n   vmx_handle_exit+0x18c/0x5a0 [kvm_intel]\n   kvm_arch_vcpu_ioctl_run+0xc55/0x1c20 [kvm]\n   kvm_vcpu_ioctl+0x2d5/0x980 [kvm]\n   __x64_sys_ioctl+0x8a/0xd0\n   do_syscall_64+0xb5/0x730\n   entry_SYSCALL_64_after_hwframe+0x4b/0x53\n  RIP: 0033:0x47fa3f\n   </TASK>\n  ---[ end trace 0000000000000000 ]---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["arch/x86/kvm/mmu/mmu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"20656cd1f243d3a154aac5dd1b823110b6906fe1","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"ed5909992f344a7d3f4024261e9f751d9618a27d","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"fd28c5618699180cd69619801e9ae6a5266c0a22","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"459158151a158a6703b49f3c9de0e536d8bd553f","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"695320de6eadb75aaed8be1787c4ce4c189e4c7b","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"bce7fe59d43531623f3e43779127bfb33804925d","versionType":"git","status":"affected"},{"version":"a54aa15c6bda3ca7e2f9e040ba968a1da303e24f","lessThan":"aad885e774966e97b675dfe928da164214a71605","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["arch/x86/kvm/mmu/mmu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.13","status":"affected"},{"version":"0","lessThan":"5.13","versionType":"semver","status":"unaffected"},{"version":"5.15.203","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.168","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.131","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.80","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.21","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.11","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.0::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.4,"impactScore":6.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.13.1","versionEndExcluding":"5.15.203","matchCriteriaId":"CC3F58C6-09EC-41E6-8E82-613F5965C0DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.168","matchCriteriaId":"E2DDDCA1-6DAB-4018-B920-8F045DDD8D3B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.131","matchCriteriaId":"CE6ED4D4-0046-4573-BFA9-D64143B6A89F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.80","matchCriteriaId":"97EB19EC-A11E-49C6-9D2F-6F6EC6CB98B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.21","matchCriteriaId":"ED39847A-3B46-4729-B7CA-B2C30B9FA8FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.11","matchCriteriaId":"4CA2E747-A9EC-4518-9AA2-B4247FC748B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.13:-:*:*:*:*:*:*","matchCriteriaId":"8F0E7012-0BA3-4E6A-ADE9-57973CBDEE28"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","matchCriteriaId":"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","matchCriteriaId":"1D2315C0-D46F-4F85-9754-F9E5E11374A6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*","matchCriteriaId":"512EE3A8-A590-4501-9A94-5D4B268D6138"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/20656cd1f243d3a154aac5dd1b823110b6906fe1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/459158151a158a6703b49f3c9de0e536d8bd553f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/695320de6eadb75aaed8be1787c4ce4c189e4c7b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aad885e774966e97b675dfe928da164214a71605","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bce7fe59d43531623f3e43779127bfb33804925d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ed5909992f344a7d3f4024261e9f751d9618a27d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fd28c5618699180cd69619801e9ae6a5266c0a22","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13577","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13578","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13932","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13936","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14230","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14339","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15883","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19521","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19568","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19569","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19875","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20593","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36530","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36531","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36532","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36533","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36534","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-23401","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2453803","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-23401.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-20042","sourceIdentifier":"psirt@cisco.com","published":"2026-04-01T17:28:26.173","lastModified":"2026-07-08T13:24:15.127","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the configuration backup feature of Cisco Nexus Dashboard could allow an attacker who has the encryption password and access to Full or Config-only backup files to access sensitive information.\r\n\r\nThis vulnerability exists because authentication details are included in the encrypted backup files. An attacker with a valid backup file and encryption password from an affected device could decrypt the backup file. The attacker could then use the authentication details in the backup file to access internal-only APIs on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system as the root user."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Nexus Dashboard","defaultStatus":"unknown","versions":[{"version":"1.1(3e)","status":"affected"},{"version":"1.1(3c)","status":"affected"},{"version":"1.1(3d)","status":"affected"},{"version":"1.1(0d)","status":"affected"},{"version":"1.1(2i)","status":"affected"},{"version":"2.0(1b)","status":"affected"},{"version":"1.1(2h)","status":"affected"},{"version":"1.1(0c)","status":"affected"},{"version":"1.1(3f)","status":"affected"},{"version":"2.1(1d)","status":"affected"},{"version":"2.1(1e)","status":"affected"},{"version":"2.0(2g)","status":"affected"},{"version":"2.0(2h)","status":"affected"},{"version":"2.1(2d)","status":"affected"},{"version":"2.0(1d)","status":"affected"},{"version":"2.2(1h)","status":"affected"},{"version":"2.2(1e)","status":"affected"},{"version":"2.2(2d)","status":"affected"},{"version":"2.1(2f)","status":"affected"},{"version":"2.3(1c)","status":"affected"},{"version":"2.3(2b)","status":"affected"},{"version":"2.3(2c)","status":"affected"},{"version":"2.3(2d)","status":"affected"},{"version":"2.3(2e)","status":"affected"},{"version":"3.0(1f)","status":"affected"},{"version":"3.0(1i)","status":"affected"},{"version":"3.1(1k)","status":"affected"},{"version":"3.1(1l)","status":"affected"},{"version":"3.2(1e)","status":"affected"},{"version":"3.2(1i)","status":"affected"},{"version":"3.3(1a)","status":"affected"},{"version":"3.3(1b)","status":"affected"},{"version":"3.3(2b)","status":"affected"},{"version":"4.0(1i)","status":"affected"},{"version":"3.3(2g)","status":"affected"},{"version":"3.2(2f)","status":"affected"},{"version":"3.2(2g)","status":"affected"},{"version":"3.2(2m)","status":"affected"},{"version":"3.1(1n)","status":"affected"},{"version":"4.1(1g)","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-01T00:00:00+00:00","id":"CVE-2026-20042","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:nexus_dashboard:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.1","matchCriteriaId":"0045E301-38B4-4B35-96E4-A3F0F844AE3B"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-cbid-5YqkOSHu","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20151","sourceIdentifier":"psirt@cisco.com","published":"2026-04-01T17:28:31.097","lastModified":"2026-07-08T13:25:32.347","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system.\r\n\r\nThis vulnerability is due to the improper transmission of sensitive user information. An attacker could exploit this vulnerability by sending a crafted message to an affected Cisco SSM On-Prem host and retrieving session credentials from subsequent status messages. A successful exploit could allow the attacker to elevate privileges on the affected system from low to administrative.\r\nTo exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of System User.\r\nNote: This vulnerability exposes information only about users who logged in to the Cisco SSM On-Prem host using the web interface and who are currently logged in. SSH sessions are not affected."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Smart Software Manager On-Prem","defaultStatus":"unknown","versions":[{"version":"7-202001","status":"affected"},{"version":"8-202004","status":"affected"},{"version":"8-202006","status":"affected"},{"version":"8-202012","status":"affected"},{"version":"8-202010","status":"affected"},{"version":"8-202008","status":"affected"},{"version":"9-202201","status":"affected"},{"version":"8-202102","status":"affected"},{"version":"8-202105","status":"affected"},{"version":"8-202108","status":"affected"},{"version":"8-202112","status":"affected"},{"version":"8-202201","status":"affected"},{"version":"8-202206","status":"affected"},{"version":"8-202212","status":"affected"},{"version":"8-202302","status":"affected"},{"version":"8-202303","status":"affected"},{"version":"8-202304","status":"affected"},{"version":"8-202308","status":"affected"},{"version":"8-202401","status":"affected"},{"version":"8-202404","status":"affected"},{"version":"9-202406","status":"affected"},{"version":"9-202407","status":"affected"},{"version":"9-202410","status":"affected"},{"version":"9-202412","status":"affected"},{"version":"9-202501","status":"affected"},{"version":"9-202502","status":"affected"},{"version":"9-202504","status":"affected"},{"version":"9-202507","status":"affected"},{"version":"9-202510","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-01T00:00:00+00:00","id":"CVE-2026-20151","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:smart_software_manager_on-prem:*:*:*:*:*:*:*:*","versionEndExcluding":"9-202601","matchCriteriaId":"D2F0EA7E-9F9D-4A2A-B64D-8335F4A169E3"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-priv-esc-xRAnOuO8","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-32871","sourceIdentifier":"security-advisories@github.com","published":"2026-04-02T15:16:38.740","lastModified":"2026-07-08T13:16:36.240","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FastMCP is a Pythonic way to build MCP servers and clients. Prior to version 3.2.0, the OpenAPIProvider in FastMCP exposes internal APIs to MCP clients by parsing OpenAPI specifications. The RequestDirector class is responsible for constructing HTTP requests to the backend service. A vulnerability exists in the _build_url() method. When an OpenAPI operation defines path parameters (e.g., /api/v1/users/{user_id}), the system directly substitutes parameter values into the URL template string without URL-encoding. Subsequently, urllib.parse.urljoin() resolves the final URL. Since urljoin() interprets ../ sequences as directory traversal, an attacker controlling a path parameter can perform path traversal attacks to escape the intended API prefix and access arbitrary backend endpoints. This results in authenticated SSRF, as requests are sent with the authorization headers configured in the MCP provider. This issue has been patched in version 3.2.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"PrefectHQ","product":"fastmcp","versions":[{"version":"< 3.2.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.18::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-02T15:59:21.963304Z","id":"CVE-2026-32871","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jlowin:fastmcp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.0","matchCriteriaId":"4247F36F-7D37-47DF-A475-E607F1BAD799"}]}]}],"references":[{"url":"https://github.com/PrefectHQ/fastmcp/commit/40bdfb6b1de0ce30609ee9ba5bb95ecd04a9fb71","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/PrefectHQ/fastmcp/pull/3507","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/PrefectHQ/fastmcp/releases/tag/v3.2.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-vv7q-7jx5-f767","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36350","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32871","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454434","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/PrefectHQ/fastmcp/security/advisories/GHSA-vv7q-7jx5-f767","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32871.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-31402","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-04-03T16:16:39.283","lastModified":"2026-07-08T13:16:34.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: fix heap overflow in NFSv4.0 LOCK replay cache\n\nThe NFSv4.0 replay cache uses a fixed 112-byte inline buffer\n(rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses.\nThis size was calculated based on OPEN responses and does not account\nfor LOCK denied responses, which include the conflicting lock owner as\na variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT).\n\nWhen a LOCK operation is denied due to a conflict with an existing lock\nthat has a large owner, nfsd4_encode_operation() copies the full encoded\nresponse into the undersized replay buffer via read_bytes_from_xdr_buf()\nwith no bounds check. This results in a slab-out-of-bounds write of up\nto 944 bytes past the end of the buffer, corrupting adjacent heap memory.\n\nThis can be triggered remotely by an unauthenticated attacker with two\ncooperating NFSv4.0 clients: one sets a lock with a large owner string,\nthen the other requests a conflicting lock to provoke the denial.\n\nWe could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full\nopaque, but that would increase the size of every stateowner, when most\nlockowners are not that large.\n\nInstead, fix this by checking the encoded response length against\nNFSD4_REPLAY_ISIZE before copying into the replay buffer. If the\nresponse is too large, set rp_buflen to 0 to skip caching the replay\npayload. The status is still cached, and the client already received the\ncorrect response on the original request."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/nfsd/nfs4xdr.c","fs/nfsd/state.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"f9fcb4441f6c02bb20c2eb340101e27dfe23607c","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"2665887a69437a8a4f552f69509eecfb73d4aa19","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"c9452c0797c95cf2378170df96cf4f4b3bca7eff","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"8afb437ea1f70cacb4bbdf11771fb5c4d720b965","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"dad0c3c0a8e5d1d6eb0fc455694ce3e25e6c57d0","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"0f0e2a54a31a7f9ad2915db99156114872317388","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"ae8498337dfdfda71bdd0b807c9a23a126011d76","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"5133b61aaf437e5f25b1b396b14242a6bb0508e2","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/nfsd/nfs4xdr.c","fs/nfsd/state.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.10.253","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.167","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.130","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.78","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.20","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.10","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux for Real Time (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_extras_rt_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.0::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.10.253","matchCriteriaId":"5F0E43E1-33E5-4828-9B4A-F710AF2E7217"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"6.1.167","matchCriteriaId":"56D62904-7C85-4BED-9EC0-3982B880F72D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.130","matchCriteriaId":"C57BB918-DF28-46B3-94F7-144176841267"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.78","matchCriteriaId":"28D591F5-B196-4CC9-905C-DC80F116E7A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.20","matchCriteriaId":"E5571059-6552-48E7-9BEF-3E358C387171"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.10","matchCriteriaId":"96D34333-38BE-4414-9E79-6EB764329581"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0f0e2a54a31a7f9ad2915db99156114872317388","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2665887a69437a8a4f552f69509eecfb73d4aa19","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/5133b61aaf437e5f25b1b396b14242a6bb0508e2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8afb437ea1f70cacb4bbdf11771fb5c4d720b965","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ae8498337dfdfda71bdd0b807c9a23a126011d76","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9452c0797c95cf2378170df96cf4f4b3bca7eff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dad0c3c0a8e5d1d6eb0fc455694ce3e25e6c57d0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f9fcb4441f6c02bb20c2eb340101e27dfe23607c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10108","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11313","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13565","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13577","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13578","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13664","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13681","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13734","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13936","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14165","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14301","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14823","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14869","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14925","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15883","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19568","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19569","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36530","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36531","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36532","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36533","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36534","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-31402","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31402.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-5590","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-04-05T04:16:16.370","lastModified":"2026-07-08T13:38:21.667","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A race condition during TCP connection teardown can cause tcp_recv() to operate on a connection that has already been released. If tcp_conn_search() returns NULL while processing a SYN packet, a NULL pointer derived from stale context data is passed to tcp_backlog_is_full() and dereferenced without validation, leading to a crash."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-06T14:21:53.207121Z","id":"CVE-2026-5590","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4vqm-pw24-g9jp","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33815","sourceIdentifier":"security@golang.org","published":"2026-04-07T16:16:24.813","lastModified":"2026-07-09T13:17:00.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory-safety vulnerability in github.com/jackc/pgx/v5."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"github.com/jackc/pgx/v5","product":"github.com/jackc/pgx/v5/pgproto3","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"github.com/jackc/pgx/v5/pgproto3","programRoutines":[{"name":"Bind.Decode"},{"name":"Backend.Receive"}],"versions":[{"version":"0","lessThan":"5.9.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler 2.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.7.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.10::el8"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.8::el8"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.9::el8"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler operator for Red Hat Openshift","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-09T14:21:42.714758Z","id":"CVE-2026-33815","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*","matchCriteriaId":"81D42EBE-044D-46BF-B4CB-F3A92CF837C7"}]}]}],"references":[{"url":"https://pkg.go.dev/vuln/GO-2026-4771","source":"security@golang.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11070","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13829","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24475","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24479","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24482","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25273","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26636","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33815","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455975","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33815.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-33816","sourceIdentifier":"security@golang.org","published":"2026-04-07T16:16:24.920","lastModified":"2026-07-09T13:17:00.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory-safety vulnerability in github.com/jackc/pgx/v5."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"github.com/jackc/pgx/v5","product":"github.com/jackc/pgx/v5/pgproto3","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"github.com/jackc/pgx/v5/pgproto3","programRoutines":[{"name":"FunctionCall.Decode"},{"name":"Backend.Receive"}],"versions":[{"version":"0","lessThan":"5.9.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler 2.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.7.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.10::el8"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.8","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.8::el8"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.9::el8"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Pipelines 1.21","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1.21::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler operator for Red Hat Openshift","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift_pipelines:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-09T14:24:50.570972Z","id":"CVE-2026-33816","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jackc:pgx:*:*:*:*:*:go:*:*","versionEndExcluding":"5.9.0","matchCriteriaId":"AA69804B-B8E3-4C7D-AD5D-3CB7616C6E4B"}]}]}],"references":[{"url":"https://pkg.go.dev/vuln/GO-2026-4772","source":"security@golang.org","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:11070","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13829","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13907","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24475","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24479","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24482","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25273","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26519","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26636","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33816","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2455972","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33816.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-24156","sourceIdentifier":"psirt@nvidia.com","published":"2026-04-07T18:16:39.647","lastModified":"2026-07-09T02:44:04.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NVIDIA DALI contains a vulnerability where an attacker could cause a deserialization of untrusted data. A successful exploit of this vulnerability might lead to arbitrary code execution."}],"affected":[{"source":"psirt@nvidia.com","affectedData":[{"vendor":"NVIDIA","product":"DALI","defaultStatus":"unaffected","platforms":["All"],"versions":[{"version":"All versions prior to 2.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@nvidia.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.3,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-07T19:18:21.531960Z","id":"CVE-2026-24156","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@nvidia.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nvidia:data_loading_library:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0.0","matchCriteriaId":"CDC30C3C-65B8-41BE-9E24-AA38A3DE119C"}]}]}],"references":[{"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24156","source":"psirt@nvidia.com","tags":["US Government Resource"]},{"url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5811","source":"psirt@nvidia.com","tags":["Vendor Advisory"]},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-24156","source":"psirt@nvidia.com","tags":["Technical Description"]}]}},{"cve":{"id":"CVE-2026-27140","sourceIdentifier":"security@golang.org","published":"2026-04-08T02:16:02.887","lastModified":"2026-07-09T13:16:54.293","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go toolchain","product":"cmd/go","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"cmd/go","versions":[{"version":"0","lessThan":"1.25.9","versionType":"semver","status":"affected"},{"version":"1.26.0-0","lessThan":"1.26.2","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.17","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.17::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.18","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.18::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.19::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:hummingbird:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-09T03:55:58.901718Z","id":"CVE-2026-27140","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-641"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.25.9","matchCriteriaId":"C6C9C072-9817-402D-877F-F83584B07017"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.26.0","versionEndExcluding":"1.26.2","matchCriteriaId":"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D"}]}]}],"references":[{"url":"https://go.dev/cl/763768","source":"security@golang.org","tags":["Release Notes"]},{"url":"https://go.dev/issue/78335","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","source":"security@golang.org","tags":["Mailing List","Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4871","source":"security@golang.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10219","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10704","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16021","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16024","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16494","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16497","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16498","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16694","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16697","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16698","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23246","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25182","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34099","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-27140","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27140.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-32283","sourceIdentifier":"security@golang.org","published":"2026-04-08T02:16:03.580","lastModified":"2026-07-09T13:16:56.950","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go standard library","product":"crypto/tls","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"crypto/tls","programRoutines":[{"name":"Conn.handleKeyUpdate"},{"name":"clientHandshakeStateTLS13.establishHandshakeKeys"},{"name":"clientHandshakeStateTLS13.readServerFinished"},{"name":"serverHandshakeStateTLS13.sendServerParameters"},{"name":"serverHandshakeStateTLS13.readClientFinished"},{"name":"Conn.Handshake"},{"name":"Conn.HandshakeContext"},{"name":"Conn.Read"},{"name":"Conn.Write"},{"name":"Dial"},{"name":"DialWithDialer"},{"name":"Dialer.Dial"},{"name":"Dialer.DialContext"},{"name":"QUICConn.HandleData"},{"name":"QUICConn.Start"}],"versions":[{"version":"0","lessThan":"1.25.9","versionType":"semver","status":"affected"},{"version":"1.26.0-0","lessThan":"1.26.2","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 10","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el10","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el8","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el8"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.5 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.5::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9","cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9","cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"]},{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:17.1","cpe:/a:redhat:openstack:17.1::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler 2.19","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Lightspeed (formerly Insights) for Runtimes 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:assisted_installer:2"]},{"vendor":"Red Hat","product":"Builds for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1"]},{"vendor":"Red Hat","product":"cert-manager Operator for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:cert_manager:1"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Deployment Validation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:deployment_validator_operator"]},{"vendor":"Red Hat","product":"External Secrets Operator for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:external_secrets_operator:1"]},{"vendor":"Red Hat","product":"ExternalDNS Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:ext_dns_optr:1"]},{"vendor":"Red Hat","product":"Fence Agents Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_far:0"]},{"vendor":"Red Hat","product":"File Integrity Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1"]},{"vendor":"Red Hat","product":"Gatekeeper 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:gatekeeper:3"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Logical Volume Manager Storage","defaultStatus":"affected","cpes":["cpe:/a:redhat:lvms:4"]},{"vendor":"Red Hat","product":"Machine Deletion Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_mdr:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:mirror_registry:2"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"Node HealthCheck Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_nhc:0"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Power monitoring for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_power_monitoring"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_registry:2"]},{"vendor":"Red Hat","product":"Red Hat Certification Program for Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:certifications:9"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Cluster Manager CLI","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_cluster_manager_cli:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Workspaces Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:devworkspace"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:windows_machine_config"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift on AWS","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_service_on_aws:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:18.0"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1"]},{"vendor":"Red Hat","product":"Security Profiles Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"]},{"vendor":"Red Hat","product":"Service Telemetry Framework 1.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:stf:1.5"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-13T17:51:46.207289Z","id":"CVE-2026-32283","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-764"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.25.9","matchCriteriaId":"C6C9C072-9817-402D-877F-F83584B07017"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.26.0","versionEndExcluding":"1.26.2","matchCriteriaId":"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D"}]}]}],"references":[{"url":"https://go.dev/cl/763767","source":"security@golang.org","tags":["Patch"]},{"url":"https://go.dev/issue/78334","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","source":"security@golang.org","tags":["Mailing List","Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4870","source":"security@golang.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:10217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10219","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10704","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11507","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11514","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11704","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11711","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11712","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:11881","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14162","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14200","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14391","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:15980","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16021","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16024","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16101","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16102","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:16875","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17075","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17084","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:17287","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:18027","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:18032","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19126","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19132","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19133","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19134","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19135","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19136","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19139","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19144","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19156","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19350","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19351","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19352","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19369","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19450","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19550","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19714","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19715","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19719","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19720","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19721","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19722","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19750","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19839","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20556","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20569","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20570","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20571","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20607","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20608","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20609","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22450","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22485","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22713","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22714","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22937","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23102","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23103","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23228","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24337","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24470","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24761","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24762","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26447","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26571","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26636","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27076","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28038","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28047","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28074","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29035","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29195","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29455","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29703","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33722","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34192","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34196","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7291","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-32283","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-32283.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-33810","sourceIdentifier":"security@golang.org","published":"2026-04-08T02:16:03.950","lastModified":"2026-07-09T13:16:59.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go standard library","product":"crypto/x509","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"crypto/x509","programRoutines":[{"name":"newDNSConstraints"},{"name":"dnsConstraints.query"},{"name":"Certificate.Verify"}],"versions":[{"version":"1.26.0-0","lessThan":"1.26.2","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:17.1","cpe:/a:redhat:openstack:17.1::el9"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"HawtIO HawtIO 4.4.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4.4::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.0::el9"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection 1.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1.4::el9"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection 1.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1.5::el9"]},{"vendor":"Red Hat","product":"OpenShift Compliance Operator 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_compliance_operator:1::el9"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Lightspeed (formerly Insights) for Runtimes 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.6.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.28","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.28::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.3::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.11","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.11::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.12","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.12::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal 1.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1.15::el9"]},{"vendor":"Red Hat","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:assisted_installer:2"]},{"vendor":"Red Hat","product":"cert-manager Operator for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:cert_manager:1"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Deployment Validation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:deployment_validator_operator"]},{"vendor":"Red Hat","product":"Fence Agents Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_far:0"]},{"vendor":"Red Hat","product":"File Integrity Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1"]},{"vendor":"Red Hat","product":"Gatekeeper 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:gatekeeper:3"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:5"]},{"vendor":"Red Hat","product":"Machine Deletion Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_mdr:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:mirror_registry:1"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"affected","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Certification Program for Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:certifications:9"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Cluster Manager CLI","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_cluster_manager_cli:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Workspaces Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:devworkspace"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift on AWS","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_service_on_aws:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:18.0"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_interconnect:2"]},{"vendor":"Red Hat","product":"Security Profiles Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler operator for Red Hat Openshift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"]},{"vendor":"Red Hat","product":"External Secrets Operator for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:external_secrets_operator:1"]},{"vendor":"Red Hat","product":"ExternalDNS Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ext_dns_optr:1"]},{"vendor":"Red Hat","product":"Logical Volume Manager Storage","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:lvms:4"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:mirror_registry:2"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"Node HealthCheck Operator","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:workload_availability_nhc:0"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Power monitoring for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_power_monitoring"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:windows_machine_config"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 1","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:1"]},{"vendor":"Red Hat","product":"Service Telemetry Framework 1.5","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:stf:1.5"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-13T17:48:57.879958Z","id":"CVE-2026-33810","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1289"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.26.0","versionEndExcluding":"1.26.2","matchCriteriaId":"39FE9BAF-55E9-43AA-B14E-239E7EF1D65D"}]}]}],"references":[{"url":"https://go.dev/cl/763763","source":"security@golang.org","tags":["Patch"]},{"url":"https://go.dev/issue/78332","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","source":"security@golang.org","tags":["Mailing List","Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4866","source":"security@golang.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/19/4","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2026/04/20/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2026:10155","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:10158","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:13545","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14391","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19135","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19144","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19719","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19720","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19721","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21772","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22485","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22862","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22958","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22959","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22960","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22961","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22962","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24478","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25089","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26568","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26571","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26585","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28047","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29854","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7291","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:9385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-33810","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33810.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-29146","sourceIdentifier":"security@apache.org","published":"2026-04-09T20:16:24.577","lastModified":"2026-07-09T13:16:55.773","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Padding Oracle vulnerability in Apache Tomcat's EncryptInterceptor with default configuration.\n\nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.0.0-M1 through 10.1.52, from 9.0.13 through 9..115, from 8.5.38 through 8.5.100, from 7.0.100 through 7.0.109.\n\nUsers are recommended to upgrade to version 11.0.19, 10.1.53 and 9.0.116, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Tomcat","defaultStatus":"unaffected","versions":[{"version":"11.0.0-M1","lessThanOrEqual":"11.0.18","versionType":"semver","status":"affected"},{"version":"10.0.0-M1","lessThanOrEqual":"10.1.52","versionType":"semver","status":"affected"},{"version":"9.0.13","lessThanOrEqual":"9.0.115","versionType":"semver","status":"affected"},{"version":"8.5.38","lessThanOrEqual":"8.5.100","versionType":"semver","status":"affected"},{"version":"7.0.100","lessThanOrEqual":"7.0.109","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6.2 on RHEL 10","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6.2::el10"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6.2 on RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6.2::el8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6.2 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6.2.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:5"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-10T18:17:02.531112Z","id":"CVE-2026-29146","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-209"},{"lang":"en","value":"CWE-642"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1240"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.100","versionEndIncluding":"7.0.109","matchCriteriaId":"21FCAD61-9B9D-4780-9EE2-2F28B3F951F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.38","versionEndIncluding":"8.5.100","matchCriteriaId":"769FDDAB-B636-43A6-BB06-CCE9185D5EA6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.13","versionEndExcluding":"9.0.116","matchCriteriaId":"6CEA1F89-5276-42AF-819C-AF901A037E22"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndExcluding":"10.1.53","matchCriteriaId":"2092BF25-09E0-4601-B553-A2506C879028"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*","versionStartIncluding":"11.0.0","versionEndExcluding":"11.0.20","matchCriteriaId":"1F39B82B-0E67-459D-8065-2C6EE7970D0D"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lzt04z2pb3dc5tk85obn80xygw3z1p0w","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/09/24","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20405","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20406","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36787","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36788","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36790","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36876","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36877","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36878","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36879","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37136","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-29146","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457020","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-29146.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-34486","sourceIdentifier":"security@apache.org","published":"2026-04-09T20:16:25.063","lastModified":"2026-07-09T13:17:00.800","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Encryption of Sensitive Data vulnerability in Apache Tomcat due to the fix for CVE-2026-29146 allowing the bypass of the EncryptInterceptor.\n\nThis issue affects Apache Tomcat: 11.0.20, 10.1.53, 9.0.116.\n\nUsers are recommended to upgrade to version 11.0.21, 10.1.54 or 9.0.117, which fix the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Tomcat","defaultStatus":"unaffected","versions":[{"version":"11.0.20","versionType":"semver","status":"affected"},{"version":"10.1.53","versionType":"semver","status":"affected"},{"version":"9.0.116","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:5"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-10T20:20:09.561886Z","id":"CVE-2026-34486","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-311"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-807"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:9.0.116:*:*:*:*:*:*:*","matchCriteriaId":"CC160F23-A9D6-42DA-92E6-886B1B1F48A6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:10.1.53:*:*:*:*:*:*:*","matchCriteriaId":"0E7A0CE9-EBDF-4305-9C06-E7D4521AF422"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:tomcat:11.0.20:*:*:*:*:*:*:*","matchCriteriaId":"64BAAE4D-2355-43D8-83E5-01CA71D5DC0B"}]}]}],"references":[{"url":"https://lists.apache.org/thread/9510k5p5zdvt9pkkgtyp85mvwxo2qrly","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"https://www.vicarius.io/vsociety/posts/cve-2026-34486-detection-script-rce-on-apache-tomcat","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.vicarius.io/vsociety/posts/cve-2026-34486-mitigation-script-rce-on-apache-tomcat","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2026:36787","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36788","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36790","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36876","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36877","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36878","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36879","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37136","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-34486","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457027","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-34486.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-39848","sourceIdentifier":"security-advisories@github.com","published":"2026-04-09T22:16:34.407","lastModified":"2026-07-08T14:42:35.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dockyard is a Docker container management app. Prior to 1.1.0, Docker container start and stop operations are performed through GET requests without CSRF protection. A remote attacker can cause a logged-in administrator's browser to request /apps/action.php?action=stop&name=<container> or /apps/action.php?action=start&name=<container>, which starts or stops the target container. This vulnerability is fixed in 1.1.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"10ij","product":"dockyard","versions":[{"version":"< 1.1.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-10T13:54:19.256778Z","id":"CVE-2026-39848","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:10ij:dockyard:*:*:*:*:*:*:*:*","versionEndExcluding":"1.1.0","matchCriteriaId":"3015DA96-86AA-4CE0-B7E7-4C6E3159E02E"}]}]}],"references":[{"url":"https://github.com/10ij/dockyard/security/advisories/GHSA-jrf6-3j4j-q36g","source":"security-advisories@github.com","tags":["Broken Link"]},{"url":"https://github.com/10ij/dockyard/security/advisories/GHSA-jrf6-3j4j-q36g","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2026-5724","sourceIdentifier":"security@temporal.io","published":"2026-04-10T21:16:28.497","lastModified":"2026-07-08T20:17:00.123","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The frontend gRPC server's streaming interceptor chain did not include the authorization interceptor. When a ClaimMapper and Authorizer are configured, unary RPCs enforce authentication and authorization, but the streaming AdminService/StreamWorkflowReplicationMessages endpoint accepted requests without credentials. This endpoint is registered on the same port as WorkflowService and cannot be disabled independently. An attacker with network access to the frontend port could open the replication stream without authentication. Data exfiltration is possible, but  only when a configured replication target is correctly configured and the attacker has knowledge of the cluster configuration, as the history service validates cluster IDs and peer membership before returning replication data.\n\n\n\n\nThe fix was applied per release line: it is present in 1.28.4, 1.29.6, 1.30.4, 1.31.2, and 1.32.0 and later releases on each line. Releases 1.31.0 and 1.31.1 do not contain the fix and are affected.\n\n\n\n\nTemporal Cloud is not affected."}],"affected":[{"source":"security@temporal.io","affectedData":[{"vendor":"Temporal Technologies, Inc.","product":"temporal","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"temporal","repo":"https://github.com/temporalio/temporal","versions":[{"version":"1.24.0","lessThan":"1.28.4","versionType":"semver","status":"affected"},{"version":"1.29.0","lessThan":"1.29.6","versionType":"semver","status":"affected"},{"version":"1.30.0","lessThan":"1.30.4","versionType":"semver","status":"affected"},{"version":"1.31.0","lessThan":"1.31.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@temporal.io","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:U/V:X/RE:L/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NEGLIGIBLE","Automatable":"NO","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-13T16:10:36.242097Z","id":"CVE-2026-5724","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@temporal.io","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/temporalio/temporal/releases/tag/v1.28.4","source":"security@temporal.io"},{"url":"https://github.com/temporalio/temporal/releases/tag/v1.29.6","source":"security@temporal.io"},{"url":"https://github.com/temporalio/temporal/releases/tag/v1.30.4","source":"security@temporal.io"},{"url":"https://github.com/temporalio/temporal/releases/tag/v1.31.2","source":"security@temporal.io"}]}},{"cve":{"id":"CVE-2026-31419","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-04-13T14:16:11.447","lastModified":"2026-07-08T13:16:34.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix use-after-free in bond_xmit_broadcast()\n\nbond_xmit_broadcast() reuses the original skb for the last slave\n(determined by bond_is_last_slave()) and clones it for others.\nConcurrent slave enslave/release can mutate the slave list during\nRCU-protected iteration, changing which slave is \"last\" mid-loop.\nThis causes the original skb to be double-consumed (double-freed).\n\nReplace the racy bond_is_last_slave() check with a simple index\ncomparison (i + 1 == slaves_count) against the pre-snapshot slave\ncount taken via READ_ONCE() before the loop.  This preserves the\nzero-copy optimization for the last slave while making the \"last\"\ndetermination stable against concurrent list mutations.\n\nThe UAF can trigger the following crash:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in skb_clone\nRead of size 8 at addr ffff888100ef8d40 by task exploit/147\n\nCPU: 1 UID: 0 PID: 147 Comm: exploit Not tainted 7.0.0-rc3+ #4 PREEMPTLAZY\nCall Trace:\n <TASK>\n dump_stack_lvl (lib/dump_stack.c:123)\n print_report (mm/kasan/report.c:379 mm/kasan/report.c:482)\n kasan_report (mm/kasan/report.c:597)\n skb_clone (include/linux/skbuff.h:1724 include/linux/skbuff.h:1792 include/linux/skbuff.h:3396 net/core/skbuff.c:2108)\n bond_xmit_broadcast (drivers/net/bonding/bond_main.c:5334)\n bond_start_xmit (drivers/net/bonding/bond_main.c:5567 drivers/net/bonding/bond_main.c:5593)\n dev_hard_start_xmit (include/linux/netdevice.h:5325 include/linux/netdevice.h:5334 net/core/dev.c:3871 net/core/dev.c:3887)\n __dev_queue_xmit (include/linux/netdevice.h:3601 net/core/dev.c:4838)\n ip6_finish_output2 (include/net/neighbour.h:540 include/net/neighbour.h:554 net/ipv6/ip6_output.c:136)\n ip6_finish_output (net/ipv6/ip6_output.c:208 net/ipv6/ip6_output.c:219)\n ip6_output (net/ipv6/ip6_output.c:250)\n ip6_send_skb (net/ipv6/ip6_output.c:1985)\n udp_v6_send_skb (net/ipv6/udp.c:1442)\n udpv6_sendmsg (net/ipv6/udp.c:1733)\n __sys_sendto (net/socket.c:730 net/socket.c:742 net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n </TASK>\n\nAllocated by task 147:\n\nFreed by task 147:\n\nThe buggy address belongs to the object at ffff888100ef8c80\n which belongs to the cache skbuff_head_cache of size 224\nThe buggy address is located 192 bytes inside of\n freed 224-byte region [ffff888100ef8c80, ffff888100ef8d60)\n\nMemory state around the buggy address:\n ffff888100ef8c00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc\n ffff888100ef8c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n>ffff888100ef8d00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc\n                                                    ^\n ffff888100ef8d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb\n ffff888100ef8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n=================================================================="}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/bonding/bond_main.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4e5bd03ae34652cd932ab4c91c71c511793df75c","lessThan":"2de5c8eea0a9db99dae7c36f4b541b74b41d3a04","versionType":"git","status":"affected"},{"version":"4e5bd03ae34652cd932ab4c91c71c511793df75c","lessThan":"a0f661918edc79d7a75e468128af8d41e2a1a83a","versionType":"git","status":"affected"},{"version":"4e5bd03ae34652cd932ab4c91c71c511793df75c","lessThan":"d4cc7e4c80b1634c7b1497574a2fdb18df6c026c","versionType":"git","status":"affected"},{"version":"4e5bd03ae34652cd932ab4c91c71c511793df75c","lessThan":"f5b94654a4a19891a8108d66ef166de6c028c6cd","versionType":"git","status":"affected"},{"version":"4e5bd03ae34652cd932ab4c91c71c511793df75c","lessThan":"2884bf72fb8f03409e423397319205de48adca16","versionType":"git","status":"affected"},{"version":"20949c3816463e97c6f8fe84c0280c7e5ae83a8d","versionType":"git","status":"affected"},{"version":"f1d206181f19b00b275b258fea1418718a2f4173","versionType":"git","status":"affected"},{"version":"c1f1691ef84fa6d38fa5e5148eca073145e97ffa","versionType":"git","status":"affected"},{"version":"5.10.94","lessThan":"5.11","versionType":"semver","status":"affected"},{"version":"5.15.17","lessThan":"5.16","versionType":"semver","status":"affected"},{"version":"5.16.3","lessThan":"5.17","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/bonding/bond_main.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.95","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.22","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.12","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.94","versionEndExcluding":"5.11","matchCriteriaId":"D97173A0-CD12-4773-B2F5-A9037AAB0383"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.17","versionEndExcluding":"5.16","matchCriteriaId":"FE141E86-782B-4D36-B214-2FB7AC66A083"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16.3","versionEndExcluding":"5.17","matchCriteriaId":"7532EA4E-6958-4B4C-8270-4601DA8D95B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.12.86","matchCriteriaId":"E9F33D27-F3AA-49EF-8A71-D0AA86C50602"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.22","matchCriteriaId":"C9DF8BCE-36D3-475D-9D21-19E4F02F9029"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.12","matchCriteriaId":"0A2B9540-02D5-41B4-B16A-82AF66FD4F36"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","matchCriteriaId":"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","matchCriteriaId":"1D2315C0-D46F-4F85-9754-F9E5E11374A6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2884bf72fb8f03409e423397319205de48adca16","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2de5c8eea0a9db99dae7c36f4b541b74b41d3a04","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a0f661918edc79d7a75e468128af8d41e2a1a83a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/d4cc7e4c80b1634c7b1497574a2fdb18df6c026c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f5b94654a4a19891a8108d66ef166de6c028c6cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:13566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:19521","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21209","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22334","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22940","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23224","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25191","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27354","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35870","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36172","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36530","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36531","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36532","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36533","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36534","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-31419","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457829","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-31419.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-21742","sourceIdentifier":"psirt@fortinet.com","published":"2026-04-14T16:16:35.930","lastModified":"2026-07-08T13:16:30.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow an authenticated attacker to view cleartext password in response for Secure Message Exchange and Radius queries, if configured"}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiSOAR on-premise","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisoaron-premise:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.5.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.5.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.5.0","lessThanOrEqual":"7.5.1","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.3.0","lessThanOrEqual":"7.3.3","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSOAR PaaS","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisoarpaas:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.5.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.5.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.5.0","lessThanOrEqual":"7.5.1","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.3.0","lessThanOrEqual":"7.3.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-14T16:35:12.570489Z","id":"CVE-2026-21742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.5.3","matchCriteriaId":"CD42D7DF-B095-44E1-B7E1-D203678DF740"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"6E11F916-A349-4C7F-8F39-2A3C9F2FB006"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-106","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-22155","sourceIdentifier":"psirt@fortinet.com","published":"2026-04-14T16:16:36.267","lastModified":"2026-07-08T13:16:30.430","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A cleartext transmission of sensitive information vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR PaaS 7.4 all versions, FortiSOAR PaaS 7.3 all versions, FortiSOAR on-premise 7.6.0 through 7.6.2, FortiSOAR on-premise 7.5.0 through 7.5.1, FortiSOAR on-premise 7.4 all versions, FortiSOAR on-premise 7.3 all versions may allow attacker to information disclosure via <insert attack vector here>"}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiSOAR PaaS","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisoarpaas:7.6.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.5.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.5.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.5.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoarpaas:7.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.3","versionType":"semver","status":"affected"},{"version":"7.5.0","lessThanOrEqual":"7.5.2","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.3.0","lessThanOrEqual":"7.3.3","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSOAR on-premise","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisoaron-premise:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.5.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.5.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisoaron-premise:7.3.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.5.0","lessThanOrEqual":"7.5.1","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.3.0","lessThanOrEqual":"7.3.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-14T16:34:58.769731Z","id":"CVE-2026-22155","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-319"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.5.3","matchCriteriaId":"CD42D7DF-B095-44E1-B7E1-D203678DF740"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisoar:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.4","matchCriteriaId":"6E11F916-A349-4C7F-8F39-2A3C9F2FB006"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-106","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20147","sourceIdentifier":"psirt@cisco.com","published":"2026-04-15T17:17:02.410","lastModified":"2026-07-08T14:20:19.670","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node ISE deployments, successful exploitation of this vulnerability could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Identity Services Engine Software","defaultStatus":"unknown","versions":[{"version":"3.1.0","status":"affected"},{"version":"3.1.0 p1","status":"affected"},{"version":"3.1.0 p3","status":"affected"},{"version":"3.1.0 p2","status":"affected"},{"version":"3.2.0","status":"affected"},{"version":"3.1.0 p4","status":"affected"},{"version":"3.1.0 p5","status":"affected"},{"version":"3.2.0 p1","status":"affected"},{"version":"3.1.0 p6","status":"affected"},{"version":"3.2.0 p2","status":"affected"},{"version":"3.1.0 p7","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2.0 p3","status":"affected"},{"version":"3.2.0 p4","status":"affected"},{"version":"3.1.0 p8","status":"affected"},{"version":"3.2.0 p5","status":"affected"},{"version":"3.2.0 p6","status":"affected"},{"version":"3.1.0 p9","status":"affected"},{"version":"3.3 Patch 2","status":"affected"},{"version":"3.3 Patch 1","status":"affected"},{"version":"3.3 Patch 3","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.2.0 p7","status":"affected"},{"version":"3.3 Patch 4","status":"affected"},{"version":"3.4 Patch 1","status":"affected"},{"version":"3.1.0 p10","status":"affected"},{"version":"3.3 Patch 5","status":"affected"},{"version":"3.3 Patch 6","status":"affected"},{"version":"3.4 Patch 2","status":"affected"},{"version":"3.3 Patch 7","status":"affected"},{"version":"3.4 Patch 3","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.4 Patch 4","status":"affected"},{"version":"3.3 Patch 8","status":"affected"},{"version":"3.2 Patch 8","status":"affected"},{"version":"3.5 Patch 1","status":"affected"},{"version":"3.3 Patch 9","status":"affected"},{"version":"3.2 Patch 9","status":"affected"},{"version":"3.4 Patch 5","status":"affected"},{"version":"3.5 Patch 2","status":"affected"}]},{"vendor":"Cisco","product":"Cisco ISE Passive Identity Connector","defaultStatus":"unknown","versions":[{"version":"3.2.0","status":"affected"},{"version":"3.1.0","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-15T00:00:00+00:00","id":"CVE-2026-20147","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.0","matchCriteriaId":"BB8FD39E-819E-48CB-AD6C-2F9F6AEF600E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:-:*:*:*:*:*:*","matchCriteriaId":"006E0D77-534C-447F-8E97-EC0AB906D978"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch1:*:*:*:*:*:*","matchCriteriaId":"AC07A742-D194-425C-945C-3977E96B61B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch10:*:*:*:*:*:*","matchCriteriaId":"00D4B446-EDCE-41DC-A03B-97D8A371B0D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch2:*:*:*:*:*:*","matchCriteriaId":"97787372-9A0D-4916-A7A2-19237B84419F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch3:*:*:*:*:*:*","matchCriteriaId":"2E2D9D7C-A36E-489D-A2E1-ACE9E9C399BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch4:*:*:*:*:*:*","matchCriteriaId":"3ABA57DA-78C9-489B-88E5-6E5275E53388"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch5:*:*:*:*:*:*","matchCriteriaId":"2ABFB0CE-60CF-4969-A91E-186F457C8014"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B8CF7EF0-FBAA-47C7-8386-F67264CA8D0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5F08ACD7-2867-428A-966C-6509283FCA10"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch8:*:*:*:*:*:*","matchCriteriaId":"B365970F-9239-45F8-80C6-DA426FCA2E32"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch9:*:*:*:*:*:*","matchCriteriaId":"5A66142F-712F-4EFA-9FC4-E499D3015DD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"50D8B7DD-14A8-4C67-8B32-E1F9C7D9C01E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"CB65DFF8-33D8-4840-8A63-7C4797FF0B51"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"890FDA62-DED9-401B-9D44-26F3624118CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"604079BA-78F5-4D20-AF27-E7A9A899DA0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"25344C6F-8EB6-4709-A51B-DCA26AA885E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51DE5AD0-5DFA-460D-B22D-0F5E367A9A28"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"683F2E87-9759-4A98-B7C9-489E74837D59"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"22BF8687-84E4-4609-8100-FD2408DF3247"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch8:*:*:*:*:*:*","matchCriteriaId":"19F88640-BC3E-42D2-ADDC-59114974103C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch9:*:*:*:*:*:*","matchCriteriaId":"40A94055-EF01-4799-813D-7BFFDD13C685"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"3CA3315D-8A45-43F4-A0F0-094D325F285B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"B3736136-9FD8-4B12-B119-EA15201224D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch10:*:*:*:*:*:*","matchCriteriaId":"FB15AE6D-F4EF-40AD-A88E-D22612AEF2A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"654ED77E-22D3-4E76-9E6D-B1581F5982F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"A0648EE9-F042-479F-9AAB-C6B5DBC46511"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"83F3BA58-4F38-41C8-956F-38A2F44EECE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"6C30FA1D-91E2-48C5-B181-A88FDF668278"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"768215B1-80B7-40FF-8772-BA4C0B3913F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"40239DA8-43B6-466B-85B0-6D644D7027D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch8:*:*:*:*:*:*","matchCriteriaId":"9118B7ED-E678-47C3-9D17-F522D9362B2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch9:*:*:*:*:*:*","matchCriteriaId":"C2ED3257-CB9D-4FD5-A482-3648CF292128"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"CC0525FD-C4D7-4B48-BF35-1791391AB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"68C96F6B-51EE-4D03-9598-CBFD16DA22EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"62F25185-D19E-4EC5-8A68-7AB669B76E90"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"C457D2EC-FB63-49B7-A90E-CE67ED763BAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch4:*:*:*:*:*:*","matchCriteriaId":"6566330F-A048-44A1-9821-7A5844C82CEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch5:*:*:*:*:*:*","matchCriteriaId":"1154F196-2CB3-4AC2-BE00-11A8942EA999"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:-:*:*:*:*:*:*","matchCriteriaId":"2A7003EB-C578-4C02-B768-F8C4C8421382"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:patch1:*:*:*:*:*:*","matchCriteriaId":"16B32F60-CEB7-4816-AA7C-3130D1053DC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:patch2:*:*:*:*:*:*","matchCriteriaId":"755761D7-8DDD-4219-8E37-FA535757710A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.0","matchCriteriaId":"3283F4AC-CAD8-49B7-956E-05B1C1672A42"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:-:*:*:*:*:*:*","matchCriteriaId":"7A789B44-7E6C-4FE9-BD40-702A871AB8AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch1:*:*:*:*:*:*","matchCriteriaId":"93920663-445E-4456-A905-81CEC6CA1833"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch10:*:*:*:*:*:*","matchCriteriaId":"DF9CCBFA-0004-48F7-B142-6FDD4B3E1081"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch2:*:*:*:*:*:*","matchCriteriaId":"33DA5BB8-4CFE-44BD-9CEB-BC26577E8477"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch3:*:*:*:*:*:*","matchCriteriaId":"D3AEFA85-66B5-4145-A4AD-96D1FF86B46D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch4:*:*:*:*:*:*","matchCriteriaId":"7A6A0697-6A9E-48EF-82D8-36C75E0CDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch5:*:*:*:*:*:*","matchCriteriaId":"E939B65A-7912-4C36-8799-03A1526D7BD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch6:*:*:*:*:*:*","matchCriteriaId":"833B438F-0869-4C0D-9952-750C00702E8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch7:*:*:*:*:*:*","matchCriteriaId":"E8B2588D-01F9-450B-B2E3-ADC4125E354E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch8:*:*:*:*:*:*","matchCriteriaId":"E41016C0-19E6-4BCC-A8DD-F6C9A2B0003E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch9:*:*:*:*:*:*","matchCriteriaId":"654E946A-07C5-4036-BC54-85EF42B808DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"7932D5D5-83E1-4BEF-845A-D0783D4BB750"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1B818846-4A6E-4256-B344-281E8C786C43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"A44858A2-922A-425A-8B38-0C47DB911A3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"53484A32-757B-42F8-B655-554C34222060"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"0CCAC61F-C273-49B3-A631-31D3AE3EB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51AEFCE6-FB4A-4B1C-A23D-83CC3CF3FBBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B452B4F0-8510-475E-9AE8-B48FABB4D7D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5733512D-12B5-4098-AF90-9D68217FAC27"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch8:*:*:*:*:*:*","matchCriteriaId":"4ED98020-7BAF-4E5E-8B7B-22537200C283"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch9:*:*:*:*:*:*","matchCriteriaId":"4C6839DC-F3A2-4133-BF60-2E678E6DD4A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch10:*:*:*:*:*:*","matchCriteriaId":"43F3A55D-D4FC-4D93-9513-94B64B21A2B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"FF8B81A6-BF44-4E5F-B167-39F61DDCA026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"56E0F0EC-3E66-4866-89F5-89B331F3F517"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"2E3E8937-2859-4A2A-91C0-05F674EF0466"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"D4B14684-EB9E-405B-85FA-B62E57CB292C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch8:*:*:*:*:*:*","matchCriteriaId":"22B752D1-9E8F-4FB7-8EEB-F9234492372B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch9:*:*:*:*:*:*","matchCriteriaId":"85A1CC7D-FE54-4AC0-B98F-972C4B1F3189"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"D23905E0-E525-49B1-8E5F-4EB42D186768"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"74509498-38EF-4345-9583-CEF5C26CA1D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"0F9B6A8E-E773-44A3-9266-878F0C58EB41"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch4:*:*:*:*:*:*","matchCriteriaId":"D3727619-E0CA-4CA9-BE35-0C732BCF1741"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch5:*:*:*:*:*:*","matchCriteriaId":"2CFB7565-3930-409C-B5DB-CE77E6ED7C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:-:*:*:*:*:*:*","matchCriteriaId":"2610FD35-BC4B-41B7-9C92-E6E5264FEE54"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch1:*:*:*:*:*:*","matchCriteriaId":"3FEE4377-B238-4442-9892-28CECFB2319E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch2:*:*:*:*:*:*","matchCriteriaId":"6598563B-7E32-43FB-96A7-88C53E4CE226"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20148","sourceIdentifier":"psirt@cisco.com","published":"2026-04-15T17:17:02.637","lastModified":"2026-07-08T14:20:10.177","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system and read arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials.\r\n\r\nThis vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected system. A successful exploit could allow the attacker to access sensitive files on the affected system."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Identity Services Engine Software","defaultStatus":"unknown","versions":[{"version":"3.1.0","status":"affected"},{"version":"3.1.0 p1","status":"affected"},{"version":"3.1.0 p3","status":"affected"},{"version":"3.1.0 p2","status":"affected"},{"version":"3.2.0","status":"affected"},{"version":"3.1.0 p4","status":"affected"},{"version":"3.1.0 p5","status":"affected"},{"version":"3.2.0 p1","status":"affected"},{"version":"3.1.0 p6","status":"affected"},{"version":"3.2.0 p2","status":"affected"},{"version":"3.1.0 p7","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2.0 p3","status":"affected"},{"version":"3.2.0 p4","status":"affected"},{"version":"3.1.0 p8","status":"affected"},{"version":"3.2.0 p5","status":"affected"},{"version":"3.2.0 p6","status":"affected"},{"version":"3.1.0 p9","status":"affected"},{"version":"3.3 Patch 2","status":"affected"},{"version":"3.3 Patch 1","status":"affected"},{"version":"3.3 Patch 3","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.2.0 p7","status":"affected"},{"version":"3.3 Patch 4","status":"affected"},{"version":"3.4 Patch 1","status":"affected"},{"version":"3.1.0 p10","status":"affected"},{"version":"3.3 Patch 5","status":"affected"},{"version":"3.3 Patch 6","status":"affected"},{"version":"3.4 Patch 2","status":"affected"},{"version":"3.3 Patch 7","status":"affected"},{"version":"3.4 Patch 3","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.4 Patch 4","status":"affected"},{"version":"3.3 Patch 8","status":"affected"},{"version":"3.2 Patch 8","status":"affected"},{"version":"3.5 Patch 1","status":"affected"},{"version":"3.3 Patch 9","status":"affected"},{"version":"3.2 Patch 9","status":"affected"}]},{"vendor":"Cisco","product":"Cisco ISE Passive Identity Connector","defaultStatus":"unknown","versions":[{"version":"3.2.0","status":"affected"},{"version":"3.1.0","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.4.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-15T16:50:58.114801Z","id":"CVE-2026-20148","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1","matchCriteriaId":"742B3761-9FD6-4E67-BDDD-D4DD2C3111D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:-:*:*:*:*:*:*","matchCriteriaId":"7A789B44-7E6C-4FE9-BD40-702A871AB8AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch1:*:*:*:*:*:*","matchCriteriaId":"93920663-445E-4456-A905-81CEC6CA1833"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch10:*:*:*:*:*:*","matchCriteriaId":"DF9CCBFA-0004-48F7-B142-6FDD4B3E1081"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch2:*:*:*:*:*:*","matchCriteriaId":"33DA5BB8-4CFE-44BD-9CEB-BC26577E8477"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch3:*:*:*:*:*:*","matchCriteriaId":"D3AEFA85-66B5-4145-A4AD-96D1FF86B46D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch4:*:*:*:*:*:*","matchCriteriaId":"7A6A0697-6A9E-48EF-82D8-36C75E0CDFDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch5:*:*:*:*:*:*","matchCriteriaId":"E939B65A-7912-4C36-8799-03A1526D7BD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch6:*:*:*:*:*:*","matchCriteriaId":"833B438F-0869-4C0D-9952-750C00702E8D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch7:*:*:*:*:*:*","matchCriteriaId":"E8B2588D-01F9-450B-B2E3-ADC4125E354E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch8:*:*:*:*:*:*","matchCriteriaId":"E41016C0-19E6-4BCC-A8DD-F6C9A2B0003E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.1.0:patch9:*:*:*:*:*:*","matchCriteriaId":"654E946A-07C5-4036-BC54-85EF42B808DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"7932D5D5-83E1-4BEF-845A-D0783D4BB750"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1B818846-4A6E-4256-B344-281E8C786C43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"A44858A2-922A-425A-8B38-0C47DB911A3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"53484A32-757B-42F8-B655-554C34222060"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"0CCAC61F-C273-49B3-A631-31D3AE3EB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51AEFCE6-FB4A-4B1C-A23D-83CC3CF3FBBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B452B4F0-8510-475E-9AE8-B48FABB4D7D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5733512D-12B5-4098-AF90-9D68217FAC27"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch8:*:*:*:*:*:*","matchCriteriaId":"4ED98020-7BAF-4E5E-8B7B-22537200C283"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch9:*:*:*:*:*:*","matchCriteriaId":"4C6839DC-F3A2-4133-BF60-2E678E6DD4A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch10:*:*:*:*:*:*","matchCriteriaId":"43F3A55D-D4FC-4D93-9513-94B64B21A2B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"FF8B81A6-BF44-4E5F-B167-39F61DDCA026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"56E0F0EC-3E66-4866-89F5-89B331F3F517"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"2E3E8937-2859-4A2A-91C0-05F674EF0466"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"D4B14684-EB9E-405B-85FA-B62E57CB292C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch8:*:*:*:*:*:*","matchCriteriaId":"22B752D1-9E8F-4FB7-8EEB-F9234492372B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch9:*:*:*:*:*:*","matchCriteriaId":"85A1CC7D-FE54-4AC0-B98F-972C4B1F3189"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"D23905E0-E525-49B1-8E5F-4EB42D186768"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"74509498-38EF-4345-9583-CEF5C26CA1D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"0F9B6A8E-E773-44A3-9266-878F0C58EB41"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch4:*:*:*:*:*:*","matchCriteriaId":"D3727619-E0CA-4CA9-BE35-0C732BCF1741"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch5:*:*:*:*:*:*","matchCriteriaId":"2CFB7565-3930-409C-B5DB-CE77E6ED7C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:-:*:*:*:*:*:*","matchCriteriaId":"2610FD35-BC4B-41B7-9C92-E6E5264FEE54"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch1:*:*:*:*:*:*","matchCriteriaId":"3FEE4377-B238-4442-9892-28CECFB2319E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.5.0:patch2:*:*:*:*:*:*","matchCriteriaId":"6598563B-7E32-43FB-96A7-88C53E4CE226"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.0","matchCriteriaId":"BB8FD39E-819E-48CB-AD6C-2F9F6AEF600E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:-:*:*:*:*:*:*","matchCriteriaId":"006E0D77-534C-447F-8E97-EC0AB906D978"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch1:*:*:*:*:*:*","matchCriteriaId":"AC07A742-D194-425C-945C-3977E96B61B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch10:*:*:*:*:*:*","matchCriteriaId":"00D4B446-EDCE-41DC-A03B-97D8A371B0D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch2:*:*:*:*:*:*","matchCriteriaId":"97787372-9A0D-4916-A7A2-19237B84419F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch3:*:*:*:*:*:*","matchCriteriaId":"2E2D9D7C-A36E-489D-A2E1-ACE9E9C399BD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch4:*:*:*:*:*:*","matchCriteriaId":"3ABA57DA-78C9-489B-88E5-6E5275E53388"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch5:*:*:*:*:*:*","matchCriteriaId":"2ABFB0CE-60CF-4969-A91E-186F457C8014"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B8CF7EF0-FBAA-47C7-8386-F67264CA8D0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5F08ACD7-2867-428A-966C-6509283FCA10"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch8:*:*:*:*:*:*","matchCriteriaId":"B365970F-9239-45F8-80C6-DA426FCA2E32"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.1.0:patch9:*:*:*:*:*:*","matchCriteriaId":"5A66142F-712F-4EFA-9FC4-E499D3015DD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"50D8B7DD-14A8-4C67-8B32-E1F9C7D9C01E"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"CB65DFF8-33D8-4840-8A63-7C4797FF0B51"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"890FDA62-DED9-401B-9D44-26F3624118CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"604079BA-78F5-4D20-AF27-E7A9A899DA0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"25344C6F-8EB6-4709-A51B-DCA26AA885E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51DE5AD0-5DFA-460D-B22D-0F5E367A9A28"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"683F2E87-9759-4A98-B7C9-489E74837D59"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"22BF8687-84E4-4609-8100-FD2408DF3247"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch8:*:*:*:*:*:*","matchCriteriaId":"19F88640-BC3E-42D2-ADDC-59114974103C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.2.0:patch9:*:*:*:*:*:*","matchCriteriaId":"40A94055-EF01-4799-813D-7BFFDD13C685"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"3CA3315D-8A45-43F4-A0F0-094D325F285B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"B3736136-9FD8-4B12-B119-EA15201224D9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch10:*:*:*:*:*:*","matchCriteriaId":"FB15AE6D-F4EF-40AD-A88E-D22612AEF2A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"654ED77E-22D3-4E76-9E6D-B1581F5982F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"A0648EE9-F042-479F-9AAB-C6B5DBC46511"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"83F3BA58-4F38-41C8-956F-38A2F44EECE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"6C30FA1D-91E2-48C5-B181-A88FDF668278"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"768215B1-80B7-40FF-8772-BA4C0B3913F5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"40239DA8-43B6-466B-85B0-6D644D7027D1"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch8:*:*:*:*:*:*","matchCriteriaId":"9118B7ED-E678-47C3-9D17-F522D9362B2F"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.3.0:patch9:*:*:*:*:*:*","matchCriteriaId":"C2ED3257-CB9D-4FD5-A482-3648CF292128"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"CC0525FD-C4D7-4B48-BF35-1791391AB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"68C96F6B-51EE-4D03-9598-CBFD16DA22EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"62F25185-D19E-4EC5-8A68-7AB669B76E90"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"C457D2EC-FB63-49B7-A90E-CE67ED763BAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch4:*:*:*:*:*:*","matchCriteriaId":"6566330F-A048-44A1-9821-7A5844C82CEC"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch5:*:*:*:*:*:*","matchCriteriaId":"1154F196-2CB3-4AC2-BE00-11A8942EA999"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:-:*:*:*:*:*:*","matchCriteriaId":"2A7003EB-C578-4C02-B768-F8C4C8421382"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:patch1:*:*:*:*:*:*","matchCriteriaId":"16B32F60-CEB7-4816-AA7C-3130D1053DC5"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.5.0:patch2:*:*:*:*:*:*","matchCriteriaId":"755761D7-8DDD-4219-8E37-FA535757710A"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20180","sourceIdentifier":"psirt@cisco.com","published":"2026-04-15T17:17:03.460","lastModified":"2026-07-08T14:24:46.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have at least Read Only Admin credentials.\r\n\r\nThis vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to&nbsp;root. In single-node ISE deployments, successful exploitation of these vulnerabilities could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Identity Services Engine Software","defaultStatus":"unknown","versions":[{"version":"3.1.0","status":"affected"},{"version":"3.1.0 p1","status":"affected"},{"version":"3.1.0 p3","status":"affected"},{"version":"3.1.0 p2","status":"affected"},{"version":"3.2.0","status":"affected"},{"version":"3.1.0 p4","status":"affected"},{"version":"3.1.0 p5","status":"affected"},{"version":"3.2.0 p1","status":"affected"},{"version":"3.1.0 p6","status":"affected"},{"version":"3.2.0 p2","status":"affected"},{"version":"3.1.0 p7","status":"affected"},{"version":"3.3.0","status":"affected"},{"version":"3.2.0 p3","status":"affected"},{"version":"3.2.0 p4","status":"affected"},{"version":"3.1.0 p8","status":"affected"},{"version":"3.2.0 p5","status":"affected"},{"version":"3.2.0 p6","status":"affected"},{"version":"3.1.0 p9","status":"affected"},{"version":"3.3 Patch 2","status":"affected"},{"version":"3.3 Patch 1","status":"affected"},{"version":"3.3 Patch 3","status":"affected"},{"version":"3.4.0","status":"affected"},{"version":"3.2.0 p7","status":"affected"},{"version":"3.3 Patch 4","status":"affected"},{"version":"3.4 Patch 1","status":"affected"},{"version":"3.1.0 p10","status":"affected"},{"version":"3.3 Patch 5","status":"affected"},{"version":"3.3 Patch 6","status":"affected"},{"version":"3.4 Patch 2","status":"affected"},{"version":"3.3 Patch 7","status":"affected"},{"version":"3.4 Patch 3","status":"affected"},{"version":"3.5.0","status":"affected"},{"version":"3.2 Patch 8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-15T00:00:00+00:00","id":"CVE-2026-20180","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:*:*:*:*:*:*:*:*","versionEndExcluding":"3.2.0","matchCriteriaId":"68181711-C28D-4464-8C67-0A4FA0F338BF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:-:*:*:*:*:*:*","matchCriteriaId":"7932D5D5-83E1-4BEF-845A-D0783D4BB750"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch1:*:*:*:*:*:*","matchCriteriaId":"1B818846-4A6E-4256-B344-281E8C786C43"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch2:*:*:*:*:*:*","matchCriteriaId":"A44858A2-922A-425A-8B38-0C47DB911A3C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch3:*:*:*:*:*:*","matchCriteriaId":"53484A32-757B-42F8-B655-554C34222060"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch4:*:*:*:*:*:*","matchCriteriaId":"0CCAC61F-C273-49B3-A631-31D3AE3EB148"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch5:*:*:*:*:*:*","matchCriteriaId":"51AEFCE6-FB4A-4B1C-A23D-83CC3CF3FBBD"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch6:*:*:*:*:*:*","matchCriteriaId":"B452B4F0-8510-475E-9AE8-B48FABB4D7D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.2.0:patch7:*:*:*:*:*:*","matchCriteriaId":"5733512D-12B5-4098-AF90-9D68217FAC27"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:-:*:*:*:*:*:*","matchCriteriaId":"F1B9C2C1-59A4-49A0-9B74-83CCB063E55D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch1:*:*:*:*:*:*","matchCriteriaId":"DFD29A0B-0D75-4EAB-BCE0-79450EC75DD0"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch2:*:*:*:*:*:*","matchCriteriaId":"E6C94CC4-CC08-4DAF-A606-FDAFC92720A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch3:*:*:*:*:*:*","matchCriteriaId":"BB069EA3-7B8C-42B5-8035-2EE5ED3F56E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch4:*:*:*:*:*:*","matchCriteriaId":"FF8B81A6-BF44-4E5F-B167-39F61DDCA026"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch5:*:*:*:*:*:*","matchCriteriaId":"56E0F0EC-3E66-4866-89F5-89B331F3F517"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch6:*:*:*:*:*:*","matchCriteriaId":"2E3E8937-2859-4A2A-91C0-05F674EF0466"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.3.0:patch7:*:*:*:*:*:*","matchCriteriaId":"D4B14684-EB9E-405B-85FA-B62E57CB292C"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*","matchCriteriaId":"D23905E0-E525-49B1-8E5F-4EB42D186768"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*","matchCriteriaId":"74509498-38EF-4345-9583-CEF5C26CA1D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch2:*:*:*:*:*:*","matchCriteriaId":"CD05FF93-7B8C-4283-9DB7-E03FE98FAADF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch3:*:*:*:*:*:*","matchCriteriaId":"0F9B6A8E-E773-44A3-9266-878F0C58EB41"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40500","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-04-15T22:17:22.377","lastModified":"2026-07-09T23:17:05.123","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. The \"Add Module from URL\" feature requires superuser privileges (root-equivalent in ProcessWire) who already has unrestricted arbitrary code execution via standard module upload, making the SSRF vector incapable of providing incremental attack surface. The feature is also disabled by default and requires direct filesystem access to enable."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-40293","sourceIdentifier":"security-advisories@github.com","published":"2026-04-17T21:16:34.567","lastModified":"2026-07-09T13:17:04.597","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.1, when OpenFGA is configured to use preshared-key authentication with the built-in playground enabled, the local server includes the preshared API key in the HTML response of the /playground endpoint. The /playground endpoint is enabled by default and does not require authentication. It is intended for local development and debugging and is not designed to be exposed to production environments. Only those who run OpenFGA with `--authn-method` preshared, with the playground enabled, and with the playground endpoint accessible beyond localhost or trusted networks are vulnerable. To remediate the issue, users should upgrade to OpenFGA v1.14.0, or disable the playground by running `./openfga run --playground-enabled=false.`"}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"openfga","product":"openfga","versions":[{"version":">= 0.1.4, < 1.14.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.7.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:6"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-20T16:19:32.851531Z","id":"CVE-2026-40293","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openfga:openfga:*:*:*:*:*:*:*:*","versionStartIncluding":"0.1.4","versionEndExcluding":"1.14.0","matchCriteriaId":"16E139C5-9250-4B93-9B6A-4223AE8FC977"}]}]}],"references":[{"url":"https://github.com/openfga/openfga/releases/tag/v1.14.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/openfga/openfga/security/advisories/GHSA-68m9-983m-f3v5","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:24503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-40293","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2459341","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40293.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-6587","sourceIdentifier":"cna@vuldb.com","published":"2026-04-20T00:16:34.703","lastModified":"2026-07-09T13:17:31.270","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_local_file/_try_process_url of the file src/ragas/metrics/collections/multi_modal_faithfulness/util.py of the component Collections Module. Performing a manipulation of the argument retrieved_contexts results in server-side request forgery. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The security patch for CVE-2025-45691 was applied to a different module only. The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"vibrantlabsai","product":"RAGAS","modules":["Collections Module"],"versions":[{"version":"0.4.0","status":"affected"},{"version":"0.4.1","status":"affected"},{"version":"0.4.2","status":"affected"},{"version":"0.4.3","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.3}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-20T12:25:46.684852Z","id":"CVE-2026-6587","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://adithyanak.com/ragas-v0214-arbitrary-file-read-vulnerability","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/791088","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/358222","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/358222/cti","source":"cna@vuldb.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-6587","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2459576","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6587.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-40938","sourceIdentifier":"security-advisories@github.com","published":"2026-04-21T21:16:46.283","lastModified":"2026-07-08T13:16:41.590","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1, the git resolver's revision parameter is passed directly as a positional argument to git fetch without any validation that it does not begin with a - character. Because git parses flags from mixed positional arguments, an attacker can inject arbitrary git fetch flags such as --upload-pack=<binary>. Combined with the validateRepoURL function explicitly permitting URLs that begin with / (local filesystem paths), a tenant who can submit ResolutionRequest objects can chain these two behaviors to execute an arbitrary binary on the resolver pod. The tekton-pipelines-resolvers ServiceAccount holds cluster-wide get/list/watch on all Secrets, so code execution on the resolver pod enables full cluster-wide secret exfiltration. Versions 1.0.2, 1.3.4, 1.6.2, 1.9.3, and 1.11.1 fix the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"tektoncd","product":"pipeline","versions":[{"version":">= 1.0.0, < 1.0.2","status":"affected"},{"version":">= 1.2.0, < 1.3.4","status":"affected"},{"version":">= 1.4.0, < 1.6.2","status":"affected"},{"version":">= 1.7.0, < 1.9.3","status":"affected"},{"version":">= 1.10.0, < 1.11.1","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.8.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.8::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Pipelines 1.21","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1.21::el9"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-22T18:31:54.871943Z","id":"CVE-2026-40938","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:tekton_pipelines:*:*:*:*:*:go:*:*","versionStartIncluding":"1.0.0","versionEndExcluding":"1.11.0","matchCriteriaId":"64DC28D5-E9D3-4D6A-8006-ADDE91D144BA"}]}]}],"references":[{"url":"https://github.com/tektoncd/pipeline/releases/tag/v1.11.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:17546","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24359","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24484","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26519","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26538","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-40938","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460292","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/tektoncd/pipeline/security/advisories/GHSA-94jr-7pqp-xhcq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40938.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-0711","sourceIdentifier":"security@zyxel.com.tw","published":"2026-04-28T03:16:02.167","lastModified":"2026-07-08T15:26:09.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with administrator privileges to execute OS commands on an affected device."}],"affected":[{"source":"security@zyxel.com.tw","affectedData":[{"vendor":"Zyxel","product":"DX3300-T0 firmware","defaultStatus":"unaffected","versions":[{"version":"<= 5.50(ABVY.7.1)C0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@zyxel.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T00:00:00+00:00","id":"CVE-2026-0711","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@zyxel.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nr5307_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.00\\(acjt.3\\)c0","matchCriteriaId":"E3CFB41B-C3A8-42FC-98F2-D0CA9FC4B2C5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nr5307:-:*:*:*:*:*:*:*","matchCriteriaId":"27C408EF-36D8-4111-8CC5-C1278A884F67"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa515_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.60\\(acpz.0\\)v0","matchCriteriaId":"82904F03-AE99-434C-AFDD-8AC6605269AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa515:-:*:*:*:*:*:*:*","matchCriteriaId":"7C814005-F021-4AFC-8043-0B00EED3FBA6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"3D1FA8F1-2B41-41AA-82DD-97A8CE957A57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"6D3E176E-F728-4385-8533-4C694D43898A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"A30578C5-2232-4596-ADD3-3826D5AC7298"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"2456F691-C182-4BE6-A08F-5E1717366DCA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"4D323A56-1FC9-4B18-A73B-83369558039A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"3BBDC072-5D40-4130-9B5F-22FDA9BF909A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx5401-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"333EADF7-021A-447E-A741-20924B05E874"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx5401-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"B293E564-2C48-442A-A415-34383DF3ADBA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"A1166223-0BC7-44A9-9941-D22EFFEE903D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee3301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acmu.3.1\\)c0","matchCriteriaId":"5C612237-6809-4820-97A2-D7A1E177971F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee3301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"6360F4D5-AFA7-4BE2-A3DE-8936453FF7ED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee5301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acld.3.1\\)c0","matchCriteriaId":"78231491-3C65-47AD-9F59-1CDD5EF3A381"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee5301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"B28CD570-8DF0-428D-9EF6-87B05DD019D7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.19\\(acjq.4.2\\)c0","matchCriteriaId":"CB6321BA-7B09-4758-A55C-55EBD73ED6B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*","matchCriteriaId":"CD4AE46D-E374-4224-9A66-4291B6A10C00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"6D365F50-DE02-4861-AB54-67CEBC7E634C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"9259E2F6-885D-4B44-8D40-20758DA599D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"8C47A92E-1595-4A9F-A10E-F6195CD4CD46"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"F3ECE0EB-C429-4716-ABFB-73540847EB9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C4E173F5-57FA-429E-8CAA-E47D6CA79436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"137F8B94-4176-4D9B-8704-28525E7352D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C41A2CEB-DD8A-4396-809A-F4C5259373B8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"F766221F-7478-4E39-B4CD-A2498ACEE754"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C413302B-9472-4C39-A5A2-3C3F18D8A4DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(achr.6\\)c0","matchCriteriaId":"94FC0334-D656-419E-9F6F-CE1F0BB63880"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"8714EB1B-38E5-4295-AD26-EE13E2161DEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(achr.6\\)c0","matchCriteriaId":"38BB03D3-A558-484C-AB85-707763F8853F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"A98F76BD-0404-46DD-AE6A-EB630FEC8904"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acif.3\\)c0","matchCriteriaId":"4E52AF49-FF16-4A0F-9F50-6F8F9C0EFA7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5401-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"F459F871-7B1A-4140-9202-CDEA9BF2CFE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5401-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"6B1B9D0C-AB6C-43E1-BFCA-50EF231510FC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"49F5F019-919C-4912-B2B6-4D6A5624F774"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"7213FA12-5CD6-4E9B-8387-A52AEF17EA10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(aceg.5.5\\)c0","matchCriteriaId":"ECFF8291-4F5E-4E34-98C6-BC985DD98AFF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"F32FA3FB-CE89-4CC1-9D8D-765B90A122DF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acdz.6\\)c0","matchCriteriaId":"1659651E-11BA-4A5E-AC88-51B56FE951FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"ABFF2039-5DCC-4850-8BDA-3D418629C226"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acdz.6\\)c0","matchCriteriaId":"F416BF40-DB7A-4F78-A887-45E62E25B58D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"D629D4B6-B2F2-45F1-9295-71751570C231"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.18\\(achn.3.2\\)c0","matchCriteriaId":"4166B089-90E7-4B42-B968-6CB6336C5973"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"F35B4F0C-53E5-454F-B187-B9BDCDD7CABA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"BB5E8468-D12F-4CBE-AC7E-27D5A928A85A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"FD94B78C-9F9E-406C-A940-434B4DDE21E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"C3535B63-318C-4EB5-ADC8-0AF3FB443DFC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ax7501-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abpc.7.2\\)c0","matchCriteriaId":"A402953C-88D0-4797-9B6C-D649E3CB4555"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ax7501-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"78473083-F702-4B81-AAA0-B66A0984FF6B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abpc.7.2\\)c0","matchCriteriaId":"AA956C29-AA9E-433D-8613-D700B34C7C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"780BBA7D-7E2C-4624-AA15-8A51F3DF428F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:pe3301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acmt.3.1\\)c0","matchCriteriaId":"CFCE007D-5E4D-42ED-9F38-6909C7976745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:pe3301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"B4171802-2480-4F21-A17A-49D8D0E3727A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:pe5301-01_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acoj.3.1\\)c0","matchCriteriaId":"30CBAF7B-4B7B-4764-9DDA-A4A2FC710B0C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:pe5301-01:-:*:*:*:*:*:*:*","matchCriteriaId":"8CFFB6F6-F8ED-4AFA-B1D7-4E9C5D1F7897"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:px5302-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(acnm.0.1\\)c0","matchCriteriaId":"B3888E31-CE3A-416E-B24A-E6AA160D3E4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:px5302-00:-:*:*:*:*:*:*:*","matchCriteriaId":"27CF1A98-893C-4586-A6EF-A205B2204645"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(ackb.0.7\\)c0","matchCriteriaId":"B23A6540-2FE2-4B4B-A86C-B3F16D32BA68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"7EBB4C27-DAEB-4297-98DC-3B22353B5184"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:we3300-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acka.2\\)c0","matchCriteriaId":"B3DF52F9-8AF0-49BB-8482-82562BE1AAC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:we3300-00:-:*:*:*:*:*:*:*","matchCriteriaId":"532CBEBB-0D42-42F7-9916-7D8E360E0776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:wx3100-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvl.4.10\\)c0","matchCriteriaId":"906387F0-9AC2-4355-A7CE-08E13C76EEB5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:wx3100-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"C2C56248-D12F-46DC-A52F-0607E4A5DCCC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:we4600-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.70\\(ackt.1\\)c0","matchCriteriaId":"DDA6A438-CDD1-41F0-9216-BC3C042D9CA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:we4600-00:-:*:*:*:*:*:*:*","matchCriteriaId":"39E894F1-DA55-4E1A-90F6-002271E55B88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(aceb.6\\)c0","matchCriteriaId":"AB90CEA7-B554-49BF-9B23-C7B75AA5DAE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE"}]}]}],"references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wireless-extenders-04-28-2026","source":"security@zyxel.com.tw","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-1460","sourceIdentifier":"security@zyxel.com.tw","published":"2026-04-28T03:16:02.313","lastModified":"2026-07-08T15:29:20.913","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected device."}],"affected":[{"source":"security@zyxel.com.tw","affectedData":[{"vendor":"Zyxel","product":"DX3301-T0 firmware","defaultStatus":"unaffected","versions":[{"version":"<= 5.50(ABVY.7.1)C0","status":"affected"}]},{"vendor":"Zyxel","product":"EX3301-T0 firmware","defaultStatus":"unaffected","versions":[{"version":"<= 5.50(ABVY.7.1)C0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@zyxel.com.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T00:00:00+00:00","id":"CVE-2026-1460","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@zyxel.com.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa70_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.51\\(acrf.0\\)v0","matchCriteriaId":"ACA5EF54-F74E-49CC-B8C1-73ECCE348C40"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa70:-:*:*:*:*:*:*:*","matchCriteriaId":"5D6EB26F-F986-4051-A50F-46CB32096635"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa505_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.60\\(acko.3\\)v0","matchCriteriaId":"830BF8ED-3CE2-476D-8529-CA55A8647CAD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa505:-:*:*:*:*:*:*:*","matchCriteriaId":"5052039B-5273-4CDF-AFA5-609855801D24"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa510_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.60\\(acgd.1\\)v0","matchCriteriaId":"CACF5A53-A5B5-40ED-90E1-EE95F7870BBD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa510:-:*:*:*:*:*:*:*","matchCriteriaId":"80B7099C-DAA5-4902-A62B-B680C9450575"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa515_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.60\\(acpz.1\\)v0","matchCriteriaId":"54F76733-2D49-4888-9678-3E506FE8265E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa515:-:*:*:*:*:*:*:*","matchCriteriaId":"7C814005-F021-4AFC-8043-0B00EED3FBA6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_fwa710_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.60\\(acgc.2\\)v0","matchCriteriaId":"C9934637-E668-45CF-8375-8A7C12E43646"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_fwa710:-:*:*:*:*:*:*:*","matchCriteriaId":"92221518-C7EA-46D7-8037-A580CEA01093"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_lte3301-plus_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.18\\(acca.7\\)v0","matchCriteriaId":"EEEDA6F0-765C-4121-AAF7-9CE42CDAA853"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_lte3301-plus:-:*:*:*:*:*:*:*","matchCriteriaId":"42297A6A-3E50-4E9E-ABF6-58C77F222DC1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_lte7461-m602_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.15\\(acev.4\\)v0","matchCriteriaId":"6AEE1A81-4D5C-42B2-B10B-BB1F9D106DF7"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_lte7461-m602:-:*:*:*:*:*:*:*","matchCriteriaId":"44AA94AF-24B0-4C91-A990-9418EA5A5DAC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_nr5101_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.16\\(accg.1\\)v0","matchCriteriaId":"7D0775F7-602B-47A7-B07E-1BC4AB8BF29E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_nr5101:-:*:*:*:*:*:*:*","matchCriteriaId":"F9F605B8-A892-4119-AB7A-D14CDC5DFC88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:nebula_nr7101_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.16\\(accc.2\\)v0","matchCriteriaId":"A7D775A9-9D21-435D-A7AC-8F3D849554E1"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:nebula_nr7101:-:*:*:*:*:*:*:*","matchCriteriaId":"52096C1F-F73C-413E-9D37-82EFA4703AEC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3300-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"3D1FA8F1-2B41-41AA-82DD-97A8CE957A57"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3300-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"6D3E176E-F728-4385-8533-4C694D43898A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3300-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"A30578C5-2232-4596-ADD3-3826D5AC7298"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3300-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"2456F691-C182-4BE6-A08F-5E1717366DCA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx3301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"4D323A56-1FC9-4B18-A73B-83369558039A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx3301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"3BBDC072-5D40-4130-9B5F-22FDA9BF909A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:dx5401-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"A1166223-0BC7-44A9-9941-D22EFFEE903D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:dx5401-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"AFE5C53C-4255-4AEE-A49E-36C1A2CF10F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee3301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acmu.3.1\\)c0","matchCriteriaId":"5C612237-6809-4820-97A2-D7A1E177971F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee3301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"6360F4D5-AFA7-4BE2-A3DE-8936453FF7ED"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee5301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acld.3.1\\)c0","matchCriteriaId":"78231491-3C65-47AD-9F59-1CDD5EF3A381"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee5301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"B28CD570-8DF0-428D-9EF6-87B05DD019D7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ee6510-10_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.19\\(acjq.4.2\\)c0","matchCriteriaId":"CB6321BA-7B09-4758-A55C-55EBD73ED6B6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ee6510-10:-:*:*:*:*:*:*:*","matchCriteriaId":"CD4AE46D-E374-4224-9A66-4291B6A10C00"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:emg3525-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"6D365F50-DE02-4861-AB54-67CEBC7E634C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:emg3525-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"9259E2F6-885D-4B44-8D40-20758DA599D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:emg5523-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"8C47A92E-1595-4A9F-A10E-F6195CD4CD46"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:emg5523-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"F3ECE0EB-C429-4716-ABFB-73540847EB9E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex2210-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(acdi.2.5\\)c0","matchCriteriaId":"6B8CDF27-C9F7-4B6F-925F-28B20AF606EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex2210-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"A71E4E6F-357E-4DAA-B7D7-7CF44000F0CF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3300-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C4E173F5-57FA-429E-8CAA-E47D6CA79436"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3300-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"137F8B94-4176-4D9B-8704-28525E7352D1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3300-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C41A2CEB-DD8A-4396-809A-F4C5259373B8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3300-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"F766221F-7478-4E39-B4CD-A2498ACEE754"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abvy.7.2\\)c0","matchCriteriaId":"C413302B-9472-4C39-A5A2-3C3F18D8A4DA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"B37B17D8-76CF-4A26-B2DB-41B1BC9FD0A2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3500-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(achr.6\\)c0","matchCriteriaId":"94FC0334-D656-419E-9F6F-CE1F0BB63880"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3500-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"8714EB1B-38E5-4295-AD26-EE13E2161DEA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3501-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(achr.6\\)c0","matchCriteriaId":"38BB03D3-A558-484C-AB85-707763F8853F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3501-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"A98F76BD-0404-46DD-AE6A-EB630FEC8904"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex3600-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acif.3\\)c0","matchCriteriaId":"4E52AF49-FF16-4A0F-9F50-6F8F9C0EFA7F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex3600-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"D3BCC6A9-1CAE-459D-BE7D-AAB956BD1B92"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5401-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abyo.7.2\\)c0","matchCriteriaId":"49F5F019-919C-4912-B2B6-4D6A5624F774"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5401-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"7213FA12-5CD6-4E9B-8387-A52AEF17EA10"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5512-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(aceg.5.5\\)c0","matchCriteriaId":"ECFF8291-4F5E-4E34-98C6-BC985DD98AFF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5512-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"F32FA3FB-CE89-4CC1-9D8D-765B90A122DF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5601-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acdz.6\\)c0","matchCriteriaId":"1659651E-11BA-4A5E-AC88-51B56FE951FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5601-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"ABFF2039-5DCC-4850-8BDA-3D418629C226"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex5601-t1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acdz.6\\)c0","matchCriteriaId":"F416BF40-DB7A-4F78-A887-45E62E25B58D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex5601-t1:-:*:*:*:*:*:*:*","matchCriteriaId":"D629D4B6-B2F2-45F1-9295-71751570C231"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex7501-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.18\\(achn.3.2\\)c0","matchCriteriaId":"4166B089-90E7-4B42-B968-6CB6336C5973"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex7501-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"1CE049DE-A5DA-4A4F-BA30-BBD09FF34DE0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ex7710-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.18\\(acak.1.7\\)c0","matchCriteriaId":"6EE63106-FEEE-4722-A4BE-12A1BD3E407C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ex7710-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"07727D9C-723B-4761-B6B6-07FE1784D3C1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:gm4100-b0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.18\\(accl.2.1\\)c0","matchCriteriaId":"8543CC65-F1EA-4D19-97E9-8EFC028E212D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:gm4100-b0:-:*:*:*:*:*:*:*","matchCriteriaId":"182AB7CA-DFD4-4C0A-958B-6794A39FFAEF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg3625-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"F35B4F0C-53E5-454F-B187-B9BDCDD7CABA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg3625-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"BB5E8468-D12F-4CBE-AC7E-27D5A928A85A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg4005-b50a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abqa.3.3\\)c0","matchCriteriaId":"E62FCD44-DBBD-4809-ADD8-C6596AB9C71D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg4005-b50a:-:*:*:*:*:*:*:*","matchCriteriaId":"88F74228-AC0C-4150-974D-54D77BBF9A90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg4005-b60a_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abqa.3.3\\)c0","matchCriteriaId":"434F9EDF-91E2-4113-B358-A51E1B33D488"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg4005-b60a:-:*:*:*:*:*:*:*","matchCriteriaId":"30C1B91D-3EA0-4A1D-833A-6767A6C84DA3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:vmg8623-t50b_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.50\\(abpm.9.8\\)c0","matchCriteriaId":"FD94B78C-9F9E-406C-A940-434B4DDE21E6"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:vmg8623-t50b:-:*:*:*:*:*:*:*","matchCriteriaId":"C3535B63-318C-4EB5-ADC8-0AF3FB443DFC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:am7510-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acor.0.2\\)c0","matchCriteriaId":"753A36DC-BC06-408D-90B3-00D7CE5261F3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:am7510-00:-:*:*:*:*:*:*:*","matchCriteriaId":"0B70256B-4916-4CBC-ADCB-6CB31E805564"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:ax7501-b1_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.17\\(abpc.7.2\\)c0","matchCriteriaId":"AA956C29-AA9E-433D-8613-D700B34C7C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:ax7501-b1:-:*:*:*:*:*:*:*","matchCriteriaId":"780BBA7D-7E2C-4624-AA15-8A51F3DF428F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:pe3301-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acmt.3.1\\)c0","matchCriteriaId":"CFCE007D-5E4D-42ED-9F38-6909C7976745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:pe3301-00:-:*:*:*:*:*:*:*","matchCriteriaId":"B4171802-2480-4F21-A17A-49D8D0E3727A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:pe5301-01_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.63\\(acoj.3.1\\)c0","matchCriteriaId":"30CBAF7B-4B7B-4764-9DDA-A4A2FC710B0C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:pe5301-01:-:*:*:*:*:*:*:*","matchCriteriaId":"8CFFB6F6-F8ED-4AFA-B1D7-4E9C5D1F7897"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:px5301-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(ackb.0.7\\)c0","matchCriteriaId":"B23A6540-2FE2-4B4B-A86C-B3F16D32BA68"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:px5301-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"7EBB4C27-DAEB-4297-98DC-3B22353B5184"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:px5302-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.44\\(acnm.0.1\\)c0","matchCriteriaId":"B3888E31-CE3A-416E-B24A-E6AA160D3E4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:px5302-00:-:*:*:*:*:*:*:*","matchCriteriaId":"27CF1A98-893C-4586-A6EF-A205B2204645"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:we3300-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(acka.2\\)c0","matchCriteriaId":"B3DF52F9-8AF0-49BB-8482-82562BE1AAC5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:we3300-00:-:*:*:*:*:*:*:*","matchCriteriaId":"532CBEBB-0D42-42F7-9916-7D8E360E0776"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:we4600-00_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"6.70\\(ackt.1\\)c0","matchCriteriaId":"DDA6A438-CDD1-41F0-9216-BC3C042D9CA4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:we4600-00:-:*:*:*:*:*:*:*","matchCriteriaId":"39E894F1-DA55-4E1A-90F6-002271E55B88"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zyxel:wx5600-t0_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"5.70\\(aceb.6\\)c0","matchCriteriaId":"AB90CEA7-B554-49BF-9B23-C7B75AA5DAE3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:zyxel:wx5600-t0:-:*:*:*:*:*:*:*","matchCriteriaId":"303DB62A-2A7E-4CB7-ADA0-29C23BFD41BE"}]}]}],"references":[{"url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-command-injection-vulnerabilities-in-certain-4g-lte-5g-nr-cpe-dsl-ethernet-cpe-fiber-onts-and-wireless-extenders-04-28-2026","source":"security@zyxel.com.tw","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40355","sourceIdentifier":"cve@mitre.org","published":"2026-04-28T06:16:03.663","lastModified":"2026-07-08T12:48:28.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, causing the process to terminate in parse_nego_message."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"MIT","product":"Kerberos 5","defaultStatus":"unaffected","versions":[{"version":"1.18","lessThan":"1.22.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T12:53:15.785781Z","id":"CVE-2026-40355","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18.0","versionEndIncluding":"1.22.2","matchCriteriaId":"7A5665F4-71F4-4A71-A0A0-1E1F2BECA288"}]}]}],"references":[{"url":"https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","Patch"]},{"url":"https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://web.mit.edu/kerberos/advisories/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory","Patch"]}]}},{"cve":{"id":"CVE-2026-40356","sourceIdentifier":"cve@mitre.org","published":"2026-04-28T07:16:03.197","lastModified":"2026-07-08T12:48:10.117","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on a system with a NegoEx mechanism registered in /etc/gss/mech. An unauthenticated remote attacker can trigger this, possibly causing the process to terminate in parse_message."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"MIT","product":"Kerberos 5","defaultStatus":"unaffected","versions":[{"version":"1.18","lessThan":"1.22.3","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T13:10:05.740836Z","id":"CVE-2026-40356","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mit:kerberos_5:*:*:*:*:*:*:*:*","versionStartIncluding":"1.18.0","versionEndIncluding":"1.22.2","matchCriteriaId":"7A5665F4-71F4-4A71-A0A0-1E1F2BECA288"}]}]}],"references":[{"url":"https://cems.fun/2026/04/27/krb5-two-unauthenticated-network-vulnerabilities.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","Patch"]},{"url":"https://github.com/krb5/krb5/commit/2e75f0d9362fb979f5fc92829431a590a130929f","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://web.mit.edu/kerberos/advisories/","source":"cve@mitre.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-48431","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:02.153","lastModified":"2026-07-09T13:16:40.297","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue.\n\nDescription: Specially crafted requests can crash an c_glib-based Thrift server with a clean but fatal \"free(): invalid pointer\" error message."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.16::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.10.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.10::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:5"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:6"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:8"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T13:54:53.014882Z","id":"CVE-2025-48431","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-762"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25273","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27126","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28010","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-48431","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463410","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-48431.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41602","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.000","lastModified":"2026-07-09T13:17:05.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.7.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.16::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:5"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:6"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:09:11.801841Z","id":"CVE-2026-41602","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14162","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25273","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41602","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463407","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41602.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41603","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.113","lastModified":"2026-07-09T13:17:05.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:13:58.705528Z","id":"CVE-2026-41603","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-297"},{"lang":"en","value":"CWE-306"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41603","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463411","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41603.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41604","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.230","lastModified":"2026-07-09T13:17:06.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Read vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:35:54.435082Z","id":"CVE-2026-41604","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41604","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463416","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41604.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41605","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.350","lastModified":"2026-07-09T13:17:06.323","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Integer Overflow or Wraparound vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:27:07.615327Z","id":"CVE-2026-41605","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41605","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463418","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41605.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41606","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.463","lastModified":"2026-07-09T13:17:06.533","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Uncontrolled Recursion vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:25:44.400933Z","id":"CVE-2026-41606","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-674"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-606"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41606","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463408","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41606.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41607","sourceIdentifier":"security@apache.org","published":"2026-04-28T10:16:03.573","lastModified":"2026-07-09T13:17:06.740","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Read vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.9.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-04-28T14:24:06.308974Z","id":"CVE-2026-41607","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/lb4j0zyd5f3g36cos0wql925przpnwql","source":"security@apache.org","tags":["Mailing List","Patch","Release Notes"]},{"url":"http://www.openwall.com/lists/oss-security/2026/04/28/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List"]},{"url":"https://access.redhat.com/errata/RHSA-2026:14885","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41607","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2463412","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41607.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-24781","sourceIdentifier":"security-advisories@github.com","published":"2026-05-04T17:16:21.960","lastModified":"2026-07-09T13:16:52.020","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been patched in version 3.11.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"patriksimek","product":"vm2","versions":[{"version":"< 3.11.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.10::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-04T17:13:58.015290Z","id":"CVE-2026-24781","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"},{"lang":"en","value":"CWE-693"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-653"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vm2_project:vm2:*:*:*:*:*:node.js:*:*","versionEndExcluding":"3.11.0","matchCriteriaId":"6DD48308-6219-4C66-9BE7-246EE56FB834"}]}]}],"references":[{"url":"https://github.com/patriksimek/vm2/commit/8d30d93213c1898b3e035298b89a814970dd1189","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/patriksimek/vm2/commit/bdd3d15e57bc4ec5e70365cd79f7cb0256e5f88c","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/patriksimek/vm2/commit/fd266d084e0a3322d0f71ba2a8dc4c96cd030228","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/patriksimek/vm2/releases/tag/v3.11.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/patriksimek/vm2/security/advisories/GHSA-v37h-5mfm-c47c","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26234","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36754","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-24781","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466531","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-24781.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-42154","sourceIdentifier":"security-advisories@github.com","published":"2026-05-04T19:16:04.397","lastModified":"2026-07-09T13:17:09.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a snappy-compressed request body before allocating memory. An unauthenticated attacker can send a small payload that causes a huge heap allocation per request. Under concurrent load this can exhaust available memory and crash the Prometheus process. This issue has been patched in versions 3.5.3 and 3.11.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"prometheus","product":"prometheus","versions":[{"version":"< 3.5.3","status":"affected"},{"version":">= 3.6.0, < 3.11.3","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"RHEM 1.0 for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift 6.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6.4::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1.0::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"File Integrity Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:logging:6"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:5"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:6"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:7"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:8"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:9"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-04T20:18:48.754025Z","id":"CVE-2026-42154","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-789"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:prometheus:prometheus:*:*:*:*:*:*:*:*","versionEndExcluding":"3.5.3","matchCriteriaId":"36FDEDDF-199E-43DA-93AF-51C8E40BF389"},{"vulnerable":true,"criteria":"cpe:2.3:a:prometheus:prometheus:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6.0","versionEndExcluding":"3.11.3","matchCriteriaId":"26BB9EEC-D049-4268-953C-E90B253745CE"}]}]}],"references":[{"url":"https://github.com/prometheus/prometheus/pull/18584","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/prometheus/prometheus/pull/18585","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/prometheus/prometheus/releases/tag/v3.11.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/prometheus/prometheus/releases/tag/v3.5.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/prometheus/prometheus/security/advisories/GHSA-8rm2-7qqf-34qm","source":"security-advisories@github.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25039","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25245","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29770","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34357","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34359","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34364","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36796","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42154","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466505","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42154.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43869","sourceIdentifier":"security@apache.org","published":"2026-05-05T08:16:01.063","lastModified":"2026-07-09T13:17:16.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift.\n\nThis issue affects Apache Thrift: before 0.23.0.\n\nUsers are recommended to upgrade to version 0.23.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Thrift","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"0.23.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Cryostat 4 on RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.3.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.3::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.4.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.4::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.5.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.5::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.6.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.6::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub 1.7.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.13","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.13::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.15","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.15::el9"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.16","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.16::el9"]},{"vendor":"Red Hat","product":"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_quarkus:3.33"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3.10.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3.10::el9"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel 4 for Quarkus 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:camel_quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T13:01:36.994667Z","id":"CVE-2026-43869","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-297"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:thrift:*:*:*:*:*:*:*:*","versionEndExcluding":"0.23.0","matchCriteriaId":"0CE7604A-DA43-44E3-9840-9E3696223DD5"}]}]}],"references":[{"url":"https://lists.apache.org/thread/3hsgl1b69wzq3ry39scqbv2dhyl3j52r","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/05/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21769","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22347","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22423","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:23345","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24503","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:24539","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25273","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26586","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27126","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28010","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30651","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-43869","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466660","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43869.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-42997","sourceIdentifier":"cve@mitre.org","published":"2026-05-05T19:16:22.817","lastModified":"2026-07-08T13:16:44.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent to a remote endpoint. The credential forwarded is a time-limited Keystone token (which provides access to all OpenStack services Ironic is authorized for); or basic credentials configured for molds storage. The fixed versions are 26.1.6, 29.0.5, 32.0.1, and 35.0.1."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenStack","product":"Ironic","defaultStatus":"unaffected","versions":[{"version":"17.0.0","lessThan":"26.1.6","versionType":"semver","status":"affected"},{"version":"27.0.0","lessThan":"29.0.5","versionType":"semver","status":"affected"},{"version":"30.0.0","lessThan":"32.0.1","versionType":"semver","status":"affected"},{"version":"33.0.0","lessThan":"35.0.1","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:18.0"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:16.2"]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-05T18:38:38.789483Z","id":"CVE-2026-42997","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-669"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-201"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"17.0.0","versionEndExcluding":"26.1.6","matchCriteriaId":"175C310D-6E5A-49AE-94DA-7B0FCD5DA2E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"27.0.0","versionEndExcluding":"29.0.5","matchCriteriaId":"4F948886-9748-40E0-A3C2-2C95CCB2D498"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"30.0.0","versionEndExcluding":"32.0.1","matchCriteriaId":"23B410FC-0DC1-4BB8-98C2-6EB01DF839CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"33.0.0","versionEndExcluding":"35.0.1","matchCriteriaId":"40C73777-6AE0-4FAE-BBE6-C499CD51A3C0"}]}]}],"references":[{"url":"https://security.openstack.org/ossa/OSSA-2026-010.html","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"https://www.openwall.com/lists/oss-security/2026/05/05/10","source":"cve@mitre.org","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/05/10","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-42997","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42997.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-28780","sourceIdentifier":"security@apache.org","published":"2026-05-05T22:16:00.390","lastModified":"2026-07-09T13:16:54.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based Buffer Overflow vulnerability in mod_proxy_ajp of Apache HTTP Server.\nIf mod_proxy_ajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to mod_proxy_ajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer.\n\nThis issue affects Apache HTTP Server: through 2.4.66.\n\nUsers are recommended to upgrade to version 2.4.67, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache HTTP Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.4.66","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss Core Services on RHEL 7 Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1::el7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services on RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1::el8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP4","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T15:49:38.049896Z","id":"CVE-2026-28780","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2.4.67","matchCriteriaId":"8FF781BA-CF81-400B-A155-4DAE0BD856EE"}]}]}],"references":[{"url":"https://httpd.apache.org/security/vulnerabilities_24.html","source":"security@apache.org","tags":["Release Notes","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/05/05/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:21391","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:21433","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22140","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27200","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27201","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36373","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36831","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36846","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-28780","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2466913","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-28780.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43112","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-06T10:16:24.927","lastModified":"2026-07-08T13:16:44.780","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/smb/client/fs_context.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c63433a09d6ae4c226fcbc66da4c58fc189fd746","lessThan":"a2ba20c17de8eb028f96b1d85f119d3d25655bd9","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"fbced33599653471b4581dfe1abc7b467031f126","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"5d4fe469fe7dbff7d874c196bb680a82f2625d95","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"2d29214448ec0f4e7e18bb1c14dd4a6c07f1c439","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"86f9c23e0814cfdffda9eedf0c591c51ba209010","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"49b1ce6d7cfb6c5a49f68bf5ccfcfb6ba14e63c3","versionType":"git","status":"affected"},{"version":"a31080899d5fdafcccf7f39dd214a814a2c82626","lessThan":"78ec5bf2f589ec7fd8f169394bfeca541b077317","versionType":"git","status":"affected"},{"version":"5.15.11","lessThan":"5.15.209","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/smb/client/fs_context.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.16","status":"affected"},{"version":"0","lessThan":"5.16","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.136","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.83","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.24","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.14","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16.1","versionEndExcluding":"6.6.136","matchCriteriaId":"005FE1BE-809A-4536-BE37-C2437DE0927E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.83","matchCriteriaId":"7F0AE5B5-23AC-4DCC-B37A-51CA1DAE7BA8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.24","matchCriteriaId":"8126B8B8-6D0B-4443-86C1-672AEE893555"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.14","matchCriteriaId":"D6A8A074-BBF4-4803-ABED-519A839435BB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.16:-:*:*:*:*:*:*","matchCriteriaId":"FF588A58-013F-4DBF-A3AB-70EC054B1892"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.16:rc6:*:*:*:*:*:*","matchCriteriaId":"8A0915FE-A4AA-4C94-B783-CF29D81E7E54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.16:rc7:*:*:*:*:*:*","matchCriteriaId":"4EAC2750-F7C6-4A4E-9C04-1E450722B853"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.16:rc8:*:*:*:*:*:*","matchCriteriaId":"ED611C74-E83A-4AFA-8688-9B829C02B038"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*","matchCriteriaId":"02259FDA-961B-47BC-AE7F-93D7EC6E90C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*","matchCriteriaId":"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*","matchCriteriaId":"1D2315C0-D46F-4F85-9754-F9E5E11374A6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2d29214448ec0f4e7e18bb1c14dd4a6c07f1c439","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/49b1ce6d7cfb6c5a49f68bf5ccfcfb6ba14e63c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5d4fe469fe7dbff7d874c196bb680a82f2625d95","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/78ec5bf2f589ec7fd8f169394bfeca541b077317","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/86f9c23e0814cfdffda9eedf0c591c51ba209010","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a2ba20c17de8eb028f96b1d85f119d3d25655bd9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/fbced33599653471b4581dfe1abc7b467031f126","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://access.redhat.com/errata/RHSA-2026:34911","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36365","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36366","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-43112","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467015","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43112.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43125","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-06T12:16:29.450","lastModified":"2026-07-09T13:17:16.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndlm: validate length in dlm_search_rsb_tree\n\nThe len parameter in dlm_dump_rsb_name() is not validated and comes\nfrom network messages. When it exceeds DLM_RESNAME_MAXLEN, it can\ncause out-of-bounds write in dlm_search_rsb_tree().\n\nAdd length validation to prevent potential buffer overflow."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/dlm/lock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7210cb7a72a22303cdb225bd1aea28697a17bbae","lessThan":"67288113c5e6cf9e659b4065c0ed6f16100e0c71","versionType":"git","status":"affected"},{"version":"7210cb7a72a22303cdb225bd1aea28697a17bbae","lessThan":"082083c9fbd99422a0370fe2102144a231c9f5d6","versionType":"git","status":"affected"},{"version":"7210cb7a72a22303cdb225bd1aea28697a17bbae","lessThan":"5f053a2e7209d326cbbc07738fa6d6893d307438","versionType":"git","status":"affected"},{"version":"7210cb7a72a22303cdb225bd1aea28697a17bbae","lessThan":"080e5563f878c64e697b89e7439d730d0daad882","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/dlm/lock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.4","status":"affected"},{"version":"0","lessThan":"3.4","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.16","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.6","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-130"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4","versionEndExcluding":"6.12.75","matchCriteriaId":"29152BBE-96F9-4D35-A99C-E61CF2C0DDEB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.16","matchCriteriaId":"B4B8CDA9-BADF-4CF5-8B3B-702DE8EEA40B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.6","matchCriteriaId":"373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/080e5563f878c64e697b89e7439d730d0daad882","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/082083c9fbd99422a0370fe2102144a231c9f5d6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5f053a2e7209d326cbbc07738fa6d6893d307438","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/67288113c5e6cf9e659b4065c0ed6f16100e0c71","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25120","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25121","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33899","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34095","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36767","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-43125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467234","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43125.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43198","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-06T12:16:38.857","lastModified":"2026-07-08T13:16:45.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet->pinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["include/net/inet_connection_sock.h","include/net/tcp.h","net/ipv4/syncookies.c","net/ipv4/tcp_fastopen.c","net/ipv4/tcp_ipv4.c","net/ipv4/tcp_minisocks.c","net/ipv6/tcp_ipv6.c","net/mptcp/subflow.c","net/smc/af_smc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"fe89b2f05b854847784f91127319172945c1fadd","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"7178e2a8027423b2af17ab95df73a749a5b72e5b","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"858d2a4f67ff69e645a43487ef7ea7f28f06deae","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["include/net/inet_connection_sock.h","include/net/tcp.h","net/ipv4/syncookies.c","net/ipv4/tcp_fastopen.c","net/ipv4/tcp_ipv4.c","net/ipv4/tcp_minisocks.c","net/ipv6/tcp_ipv6.c","net/mptcp/subflow.c","net/smc/af_smc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"6.18.16","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.6","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-821"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"6.18.16","matchCriteriaId":"0565F020-6741-42F7-A887-6FEBC0627804"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.6","matchCriteriaId":"373EEEDA-FAA1-4FB4-B6ED-DB4DD99DBE67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7178e2a8027423b2af17ab95df73a749a5b72e5b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/858d2a4f67ff69e645a43487ef7ea7f28f06deae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fe89b2f05b854847784f91127319172945c1fadd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:30129","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33285","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34443","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35894","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35896","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35904","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36073","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36216","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36348","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36349","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-43198","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467228","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-43198.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-20035","sourceIdentifier":"psirt@cisco.com","published":"2026-05-06T17:16:20.280","lastModified":"2026-07-08T13:15:03.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through an affected device.\r\n\r\nThis vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to send arbitrary network requests that are sourced from the affected device."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Unity Connection","defaultStatus":"unknown","versions":[{"version":"12.5(1)","status":"affected"},{"version":"12.5(1)SU1","status":"affected"},{"version":"12.5(1)SU2","status":"affected"},{"version":"12.5(1)SU3","status":"affected"},{"version":"12.5(1)SU4","status":"affected"},{"version":"14","status":"affected"},{"version":"12.5(1)SU5","status":"affected"},{"version":"14SU1","status":"affected"},{"version":"12.5(1)SU6","status":"affected"},{"version":"14SU2","status":"affected"},{"version":"12.5(1)SU7","status":"affected"},{"version":"14SU3","status":"affected"},{"version":"12.5(1)SU8","status":"affected"},{"version":"14SU3a","status":"affected"},{"version":"12.5(1)SU8a","status":"affected"},{"version":"15","status":"affected"},{"version":"15SU1","status":"affected"},{"version":"14SU4","status":"affected"},{"version":"12.5(1)SU9","status":"affected"},{"version":"15SU2","status":"affected"},{"version":"15SU3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-06T17:27:15.669186Z","id":"CVE-2026-20035","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:*:*:*:*:*:*:*:*","versionEndExcluding":"14.0","matchCriteriaId":"6313AB2B-8CBB-48FF-BCBF-B24DE98855EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:14.0:*:*:*:*:*:*:*","matchCriteriaId":"A85D56C0-D4A3-43A7-9CD1-FCEB6C8AEF66"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:14su1:*:*:*:*:*:*:*","matchCriteriaId":"774C01A1-9328-45E8-9BDD-470A10BC3C2A"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:14su2:*:*:*:*:*:*:*","matchCriteriaId":"CD8AB4B5-12C2-4F02-A4C3-4B8C06AFFD53"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:14su3:*:*:*:*:*:*:*","matchCriteriaId":"181866CE-6279-4422-8EF8-7A12DB5B21F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:14su4:*:*:*:*:*:*:*","matchCriteriaId":"D09F3655-B513-48F6-82A8-F0F946C52D25"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:15.0:*:*:*:*:*:*:*","matchCriteriaId":"97CC6719-1A7F-48BA-8014-802E235ED80D"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:15su1:*:*:*:*:*:*:*","matchCriteriaId":"2C9412EC-282C-4926-83F8-932E24E0FC22"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:15su2:*:*:*:*:*:*:*","matchCriteriaId":"37EFE547-7D3C-4D71-8D46-2C5734B9D64B"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:unity_connection:15su3:*:*:*:*:*:*:*","matchCriteriaId":"CE6AF25B-E6F9-4E15-902D-4516DFE8C8E2"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-rce-ssrf-hENhuASy","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42010","sourceIdentifier":"secalert@redhat.com","published":"2026-05-07T12:16:17.977","lastModified":"2026-07-08T13:16:42.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202607010620-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.21","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.21::el9"],"versions":[{"version":"4.21.9.6.202607011303-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.22","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.22::el9"],"versions":[{"version":"4.22.9.8.202606301732-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/model-opt-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951051","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951244","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"gnutls-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"3.8.13-1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.20::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.21","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.21::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.22","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.22::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-07T13:47:12.364306Z","id":"CVE-2026-42010","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-170"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-626"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-170"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*","matchCriteriaId":"33A22858-21E1-479F-A9C4-AD2EFD059B93"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34764","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34788","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34790","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42010","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467289","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-4","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34764","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34788","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34790","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42010","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467289","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42010.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43414","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-08T15:16:53.353","lastModified":"2026-07-08T21:23:03.137","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Completely fix fcport double free\n\nIn qla24xx_els_dcmd_iocb() sp->free is set to qla2x00_els_dcmd_sp_free().\nWhen an error happens, this function is called by qla2x00_sp_release(),\nwhen kref_put() releases the first and the last reference.\n\nqla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().\nDoing it one more time after kref_put() is a bad idea."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/scsi/qla2xxx/qla_iocb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4895009c4bb72f71f2e682f1e7d2c2d96e482087","lessThan":"d48ea85463f5b34f7b92ea0a13eddf1ab993da7b","versionType":"git","status":"affected"},{"version":"4895009c4bb72f71f2e682f1e7d2c2d96e482087","lessThan":"c0b7da13a04bd70ef6070bfb9ea85f582294560a","versionType":"git","status":"affected"},{"version":"7861213201838480dc222634c56fb6db113d010d","versionType":"git","status":"affected"},{"version":"3b9d72442adfbc9ddb0f76dd1b03977b3a578b16","versionType":"git","status":"affected"},{"version":"ef23850940d9a52c39936d27254824ccf5e9b6bd","versionType":"git","status":"affected"},{"version":"6c6bf6cacf9461f8d301cfac4f9c175d80cbcc63","versionType":"git","status":"affected"},{"version":"cd10dee1f07a782f5aa05703c55299ca86a85ee4","versionType":"git","status":"affected"},{"version":"b03e626bd6d3f0684f56ee1890d70fc9ca991c04","versionType":"git","status":"affected"},{"version":"282877633b25d67021a34169c5b5519b1d4ef65e","versionType":"git","status":"affected"},{"version":"f85af9f1aa5e2f53694a6cbe72010f754b5ff862","versionType":"git","status":"affected"},{"version":"9b43d2884b54d415caab48878b526dfe2ae9921b","versionType":"git","status":"affected"},{"version":"846fb9f112f618ec6ae181d8dae7961652574774","versionType":"git","status":"affected"},{"version":"5.15.154","lessThan":"5.16","versionType":"semver","status":"affected"},{"version":"6.1.84","lessThan":"6.2","versionType":"semver","status":"affected"},{"version":"6.6.24","lessThan":"6.7","versionType":"semver","status":"affected"},{"version":"6.7.12","lessThan":"6.8","versionType":"semver","status":"affected"},{"version":"6.8.3","lessThan":"6.9","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/scsi/qla2xxx/qla_iocb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.9","versionType":"semver","status":"unaffected"},{"version":"6.19.9","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.154","versionEndExcluding":"5.16","matchCriteriaId":"21EE109E-592F-4A01-B5D2-F078967481BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.84","versionEndExcluding":"6.2","matchCriteriaId":"E945D81E-D8F5-4962-8003-F5DA3F1FABE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.24","versionEndExcluding":"6.7","matchCriteriaId":"8F4D74DB-5E7E-416A-BE8D-4ED1E2EE5D07"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7.12","versionEndExcluding":"6.8","matchCriteriaId":"D6A2C3EC-DA7B-4144-8BAF-2DBB7E8CE4C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8.3","versionEndExcluding":"6.9","matchCriteriaId":"9974CA02-5BD5-4DE2-9DC2-46DDF0748BB5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9.1","versionEndExcluding":"6.19.9","matchCriteriaId":"A794A9A0-D396-422A-9095-DAE3BFB4BC47"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:-:*:*:*:*:*:*","matchCriteriaId":"3F2A4A3D-068A-4CF2-A09F-9C7937DDB0A5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*","matchCriteriaId":"DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*","matchCriteriaId":"52048DDA-FC5A-4363-95A0-A6357B4D7F8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*","matchCriteriaId":"A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*","matchCriteriaId":"F850DCEC-E08B-4317-A33B-D2DCF39F601B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*","matchCriteriaId":"91326417-E981-482E-A5A3-28BC1327521B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.9:rc7:*:*:*:*:*:*","matchCriteriaId":"DAECDCD8-F556-4606-8D7B-5C6D47A501F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F253B622-8837-4245-BCE5-A7BF8FC76A16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*","matchCriteriaId":"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*","matchCriteriaId":"F666C8D8-6538-46D4-B318-87610DE64C34"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/c0b7da13a04bd70ef6070bfb9ea85f582294560a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d48ea85463f5b34f7b92ea0a13eddf1ab993da7b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-1677","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-05-11T06:16:08.683","lastModified":"2026-07-08T13:36:24.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level protocol selection is not propagated to mbedTLS (e.g. via `mbedtls_ssl_conf_min_tls_version`). The ClientHello advertises both versions and the peer can establish TLS 1.2, so applications that assumed `IPPROTO_TLS_1_3` enforces TLS 1.3 may silently use TLS 1.2 and remain exposed to TLS 1.2-specific weaknesses. As a workaround, the `TLS_CIPHERSUITE_LIST` socket option can be restricted to TLS 1.3-only cipher suites."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-11T16:31:12.694213Z","id":"CVE-2026-1677","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-757"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-23r2-m5wx-4rvq","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-23r2-m5wx-4rvq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-1681","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-05-12T07:16:09.843","lastModified":"2026-07-08T13:34:13.990","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter the input path on the same system work-queue stack. Because the destination is recognized as a local address, both the echo request and the resulting echo reply are processed inline before the current frame returns. The nested input-path frames exceed the work-queue stack and trigger a stack overflow."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T13:15:37.113227Z","id":"CVE-2026-1681","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-674"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-6fcc-8rwr-w7xx","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-53680","sourceIdentifier":"psirt@fortinet.com","published":"2026-05-12T18:16:35.687","lastModified":"2026-07-08T14:16:54.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper neutralization of special elements used in an OS command (\"OS Command Injection\") vulnerability [CWE-78] vulnerability in Fortinet FortiAP 7.6.0 through 7.6.2, FortiAP 7.4.0 through 7.4.5, FortiAP 7.2 all versions, FortiAP 7.0 all versions, FortiAP 6.4 all versions, FortiAP-U 7.0.0 through 7.0.5, FortiAP-U 6.2 all versions, FortiAP-W2 7.4.0 through 7.4.4, FortiAP-W2 7.2 all versions, FortiAP-W2 7.0 all versions allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiAP-U","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiap-u:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-u:6.2.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.0.0","lessThanOrEqual":"7.0.5","versionType":"semver","status":"affected"},{"version":"6.2.0","lessThanOrEqual":"6.2.6","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiAP-W2","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiap-w2:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap-w2:7.0.0:*:*:*:*:*:*:*"],"versions":[{"version":"7.4.0","lessThanOrEqual":"7.4.4","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.5","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.8","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiAP","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortiap:7.6.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.6.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.6.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.2.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:7.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.9:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortiap:6.4.3:*:*:*:*:*:*:*"],"versions":[{"version":"7.6.0","lessThanOrEqual":"7.6.2","versionType":"semver","status":"affected"},{"version":"7.4.0","lessThanOrEqual":"7.4.5","versionType":"semver","status":"affected"},{"version":"7.2.0","lessThanOrEqual":"7.2.6","versionType":"semver","status":"affected"},{"version":"7.0.0","lessThanOrEqual":"7.0.7","versionType":"semver","status":"affected"},{"version":"6.4.3","lessThanOrEqual":"6.4.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T00:00:00+00:00","id":"CVE-2025-53680","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiap:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.0","versionEndExcluding":"7.4.6","matchCriteriaId":"18EEF706-844E-42A4-A8A7-A76EDFD75CA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiap:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.3","matchCriteriaId":"4CC1B150-4BDE-473A-833E-C680933B585F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiap-u:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.6","matchCriteriaId":"3A204363-7F30-46EB-AB10-9A40235EE24F"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortiap-w2:*:*:*:*:*:*:*:*","versionStartIncluding":"7.2.0","versionEndExcluding":"7.4.5","matchCriteriaId":"D0616584-0837-4800-9A3D-90D0F0F43278"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-131","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-26083","sourceIdentifier":"psirt@fortinet.com","published":"2026-05-12T18:16:39.817","lastModified":"2026-07-08T14:16:57.307","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21.3 all versions, FortiSandbox PaaS 5.0.0 through 5.0.1, FortiSandbox PaaS 4.4.5 through 4.4.8 may allow an unauthenticated attacker to execute unauthorized code or commands via HTTP requests."}],"affected":[{"source":"psirt@fortinet.com","affectedData":[{"vendor":"Fortinet","product":"FortiSandbox","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisandbox:5.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:5.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.4.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.5:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.4:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.3:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.2:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandbox:4.2.1:*:*:*:*:*:*:*"],"versions":[{"version":"5.0.0","lessThanOrEqual":"5.0.1","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThanOrEqual":"4.4.8","versionType":"semver","status":"affected"},{"version":"4.2.1","lessThanOrEqual":"4.2.8","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSandbox PaaS","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4374:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.4.4350:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.3.4329:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:23.1.4245:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4151:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.2.4134:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:22.1.4113:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:21.4.4072:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:21.3.4055:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:5.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:4.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:4.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:4.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxpaas:4.4.5:*:*:*:*:*:*:*"],"versions":[{"version":"23.4.4374","status":"affected"},{"version":"23.4.4350","status":"affected"},{"version":"23.3.4329","status":"affected"},{"version":"23.1.4245","status":"affected"},{"version":"22.2.4151","status":"affected"},{"version":"22.2.4134","status":"affected"},{"version":"22.1.4113","status":"affected"},{"version":"21.4.4072","status":"affected"},{"version":"21.3.4055","status":"affected"},{"version":"5.0.0","lessThanOrEqual":"5.0.1","versionType":"semver","status":"affected"},{"version":"4.4.5","lessThanOrEqual":"4.4.8","versionType":"semver","status":"affected"}]},{"vendor":"Fortinet","product":"FortiSandbox Cloud","defaultStatus":"unaffected","cpes":["cpe:2.3:a:fortinet:fortisandboxcloud:5.0.1:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:5.0.0:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:4.4.8:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:4.4.7:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:4.4.6:*:*:*:*:*:*:*","cpe:2.3:a:fortinet:fortisandboxcloud:4.4.5:*:*:*:*:*:*:*"],"versions":[{"version":"5.0.0","lessThanOrEqual":"5.0.1","versionType":"semver","status":"affected"},{"version":"4.4.5","lessThanOrEqual":"4.4.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@fortinet.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-12T00:00:00+00:00","id":"CVE-2026-26083","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@fortinet.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.9","matchCriteriaId":"0025C9C0-8D61-4563-96F9-F4E09DD83B26"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.2","matchCriteriaId":"42640C50-5490-4B50-840B-D35031671C42"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.2","versionEndExcluding":"5.0.6","matchCriteriaId":"BB973322-626C-4821-882A-125DD5177251"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_cloud:*:*:*:*:*:*:*:*","versionStartIncluding":"23.1.4245","versionEndIncluding":"23.4.4374","matchCriteriaId":"7100CD0B-358B-4610-BB84-6E378571176D"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_cloud:24.1.4436:*:*:*:*:*:*:*","matchCriteriaId":"529FB46C-C0E5-43F5-A753-DD9E928FD4E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_paas:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.5","versionEndExcluding":"4.4.9","matchCriteriaId":"251F88A0-B42A-475B-80BA-1A6B53620EF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_paas:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.0.2","matchCriteriaId":"704EB14E-435A-4AC6-9FBC-C8A926BA22F0"},{"vulnerable":true,"criteria":"cpe:2.3:a:fortinet:fortisandbox_paas:*:*:*:*:*:*:*:*","versionStartIncluding":"21.3.4055","versionEndIncluding":"23.4.4374","matchCriteriaId":"594E2353-2D20-400E-B9EA-7A08A49104B3"}]}]}],"references":[{"url":"https://fortiguard.fortinet.com/psirt/FG-IR-26-136","source":"psirt@fortinet.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42338","sourceIdentifier":"security-advisories@github.com","published":"2026-05-12T20:16:41.130","lastModified":"2026-07-09T13:17:10.853","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ip-address is a library for parsing and manipulating IPv4 and IPv6 addresses in JavaScript. Prior to 10.1.1, Address6.group() and Address6.link() do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage (emitted by the Address6 constructor for invalid input) can contain unescaped attacker-controlled content in one branch. An application that (1) passes untrusted input to Address6 and (2) renders the output of these methods, or the thrown error's parseMessage, as HTML (e.g. via innerHTML) is vulnerable to cross-site scripting. This vulnerability is fixed in 10.1.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"beaugunderson","product":"ip-address","versions":[{"version":"< 10.1.1","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.10::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2.6::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.0::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.1::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.3::el9"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Exploit Intelligence","defaultStatus":"affected","cpes":["cpe:/a:redhat:exploit_intelligence:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:1"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_portal:2"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel for Spring Boot 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:camel_spring_boot:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T14:46:11.633277Z","id":"CVE-2026-42338","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:beaugunderson:ip-address:*:*:*:*:*:node.js:*:*","versionEndExcluding":"10.1.1","matchCriteriaId":"2A574108-EE16-449B-8729-B727C061036B"}]}]}],"references":[{"url":"https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:33155","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33160","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33163","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33173","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33183","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33574","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34374","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35841","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35842","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35891","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35892","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36754","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42338","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2476810","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/beaugunderson/ip-address/security/advisories/GHSA-v2v4-37r5-5v8g","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42338.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-44241","sourceIdentifier":"security-advisories@github.com","published":"2026-05-12T22:16:35.473","lastModified":"2026-07-10T01:16:29.297","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, 3.10.6, and 3.8.14, TimeConverterRegistrar caches DateTimeFormatter instances in an unbounded ConcurrentHashMap<String, DateTimeFormatter> whose key is derived from the @Format annotation pattern concatenated with the locale from the HTTP Accept-Language header. Because Locale.forLanguageTag() accepts arbitrary BCP 47 private-use extensions (en-x-a001, en-x-a002, …), an unauthenticated attacker can generate an unlimited number of unique cache keys by sending requests with novel locale tags, growing the cache until heap memory is exhausted and the JVM crashes. This vulnerability is fixed in 4.10.22, 3.10.6, and 3.8.14."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"micronaut-projects","product":"micronaut-core","versions":[{"version":">= 4.3.0, < 4.10.22","status":"affected"},{"version":">= 3.10.0, < 3.10.6","status":"affected"},{"version":"< 3.8.14","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-13T15:29:50.739699Z","id":"CVE-2026-44241","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/micronaut-projects/micronaut-core/commit/48f05ae8dc4157816fe0050c5cf730be7d44f8b3","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/commit/c2048ab740c2efdfe227813f203176e0ef93f892","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/commit/c6ca8782de7338732e887d090f38c9e941bcb284","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/releases/tag/v3.10.6","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/releases/tag/v3.8.14","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/releases/tag/v4.10.22","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/security/advisories/GHSA-8hjv-92q9-g4xj","source":"security-advisories@github.com"},{"url":"https://github.com/micronaut-projects/micronaut-core/security/advisories/GHSA-8hjv-92q9-g4xj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-44774","sourceIdentifier":"security-advisories@github.com","published":"2026-05-15T17:16:48.210","lastModified":"2026-07-09T13:17:19.587","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the REST provider handler, bypassing the providers.rest.insecure=false setting. The Gateway provider accepts any TraefikService backend reference whose name ends with @internal, making it possible to route traffic to rest@internal in addition to the intended api@internal. In shared Gateway deployments where the REST provider is enabled, this allows a low-privileged actor to gain live dynamic configuration write access to Traefik, enabling unauthorized reconfiguration of routers and services. This vulnerability is fixed in 2.11.46, 3.6.17, and 3.7.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"traefik","product":"traefik","versions":[{"version":"< 2.11.46","status":"affected"},{"version":">= 3.0.0-beta1, < 3.6.17","status":"affected"},{"version":">= 3.7.0-rc.0, < 3.7.1","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_gitops:1"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-16T01:12:38.060089Z","id":"CVE-2026-44774","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-15"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.46","matchCriteriaId":"2FBDBA4B-9AFC-4B78-9847-01614C64A2D7"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.6.17","matchCriteriaId":"3C7FED20-2311-46D0-B184-2B9EC98C66BA"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0","versionEndExcluding":"3.7.1","matchCriteriaId":"D7C792C4-828F-413A-8BC9-A8AF1EBAFCC3"}]}]}],"references":[{"url":"https://github.com/traefik/traefik/releases/tag/v2.11.46","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/releases/tag/v3.6.17","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/releases/tag/v3.7.1","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/traefik/traefik/security/advisories/GHSA-96qj-4jj5-wcjc","source":"security-advisories@github.com","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-44774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477937","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44774.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-42009","sourceIdentifier":"secalert@redhat.com","published":"2026-05-18T13:16:32.707","lastModified":"2026-07-08T13:16:42.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:3.3.29-9.el7_9.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.20::el9"],"versions":[{"version":"4.20.9.6.202607010620-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.21","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.21::el9"],"versions":[{"version":"4.21.9.6.202607011303-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.22","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4.22::el9"],"versions":[{"version":"4.22.9.8.202606230855-0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/model-opt-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951051","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-cuda-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951012","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhaiis/vllm-rocm-rhel9","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"],"versions":[{"version":"1782951244","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"gnutls-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"3.8.13-1.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.20","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.20::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.21","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.21::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4.22","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4.22::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server 3.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ai_inference_server:3.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-18T19:05:03.965288Z","id":"CVE-2026-42009","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-475"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-475"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*","matchCriteriaId":"33A22858-21E1-479F-A9C4-AD2EFD059B93"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:arm64:*","matchCriteriaId":"07670103-FC39-4797-AF5F-1604DA1E6BF5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:x64:*","matchCriteriaId":"C22199FA-BF64-4181-86AE-C0F2DAABF9FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:8.10:*:*:*:*:*:arm64:*","matchCriteriaId":"376CC134-BC5D-4454-B9B5-5D929E24014A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:8.10:*:*:*:*:*:x64:*","matchCriteriaId":"75F13C81-5F6A-47FE-9CB0-44DE040B80F4"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"32AF225E-94C0-4D07-900C-DD868C05F554"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:8.10:*:*:*:*:*:*:*","matchCriteriaId":"33BA8164-7E51-4A33-9409-795AFA2B8572"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"23D471AC-7DCA-4425-AD91-E5D928753A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:8.10:*:*:*:*:*:*:*","matchCriteriaId":"6C663446-AA2F-44FE-8520-E4F9460EA401"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:arm64:*","matchCriteriaId":"153FA4D1-CEA5-4D70-A452-22D492C2E419"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:x64:*","matchCriteriaId":"4E76AE2B-667E-4A9A-AC4B-CC8CFA9B159E"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.8:*:*:*:*:*:arm64:*","matchCriteriaId":"FEDF9ADA-C9F7-4FB5-9180-DA7C45426231"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:9.8:*:*:*:*:*:arm64:*","matchCriteriaId":"EB5DCB28-C27E-45A1-8B2E-A129FE2CA419"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:9.8:*:*:*:*:*:x64:*","matchCriteriaId":"DF68EF0A-21CD-4914-B888-CFF8C7E7F4A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_eus:9.8:*:*:*:*:*:arm64:*","matchCriteriaId":"5DE13BC8-C141-4E3A-9C45-5FB35F03E411"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_eus:9.8:*:*:*:*:*:x64:*","matchCriteriaId":"A97CC58D-4A37-4B58-A718-BB9A5B5B1A19"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.8:*:*:*:*:*:*:*","matchCriteriaId":"19942CC8-3B44-416B-92FB-3AE705E57D34"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.8:*:*:*:*:*:*:*","matchCriteriaId":"AF3926BD-3724-4870-98F9-274FBC575EC5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*","matchCriteriaId":"E07C1C58-0E5F-4B56-9B8D-5DE67DB00F79"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.8:*:*:*:*:*:*:*","matchCriteriaId":"5C5E1710-FD30-4A31-895F-FD91A5B55F4F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.8:*:*:*:*:*:*:*","matchCriteriaId":"DDBCD07C-C8A3-488F-B000-DBBCAEE78811"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.8:*:*:*:*:*:x64:*","matchCriteriaId":"1229A296-33D0-4C29-A50B-69BD84B32D99"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.8:*:*:*:*:*:*:*","matchCriteriaId":"C3A304C9-C1CB-40FE-9A8B-EC3AB507BDAD"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:arm64:*","matchCriteriaId":"63D81CCC-AECF-436A-B019-B3149585F92C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:x64:*","matchCriteriaId":"472208E5-9850-47CD-8C7D-E1EBF7FDB2C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.2:*:*:*:*:*:arm64:*","matchCriteriaId":"4DBA7603-2980-42BE-981C-FAE97568B00B"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.2:*:*:*:*:*:x64:*","matchCriteriaId":"D28BC9F4-ECC6-411B-B445-B247FACD9530"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:10.2:*:*:*:*:*:arm64:*","matchCriteriaId":"C78AA720-6EBB-4CA7-8831-22A7CBFE7A1C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_els:10.2:*:*:*:*:*:x64:*","matchCriteriaId":"1D055CB8-FA3A-4DB8-AB58-9B17F7EC552B"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_eus:10.2:*:*:*:*:*:arm64:*","matchCriteriaId":"ADFDF403-9B07-48CF-8BB2-11054879BCF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_eus:10.2:*:*:*:*:*:x64:*","matchCriteriaId":"E7AB6D4F-D513-45F8-BC00-5F6C93D0002D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*","matchCriteriaId":"FB056B47-1F45-4CE4-81F6-872F66C24C29"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.2:*:*:*:*:*:*:*","matchCriteriaId":"157996FE-FC8B-4D4E-9538-E14BC0D8466F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:10.2:*:*:*:*:*:*:*","matchCriteriaId":"1B8AC302-55C1-44FB-B66C-C6D0D6F5DBFE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.2:*:*:*:*:*:*:*","matchCriteriaId":"F7F02954-7CB7-46F9-BBF1-3FAD6736F712"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0:*:*:*:*:*:*:*","matchCriteriaId":"06A3271F-112F-4FB7-A2F7-6401A365FCBA"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.2:*:*:*:*:*:*:*","matchCriteriaId":"D6F30042-532F-4A7C-897B-1084C0587957"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:10.2:*:*:*:*:*:*:*","matchCriteriaId":"9BB0DAF9-794A-4DAF-A4C6-3DDD8E42F48D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.2:*:*:*:*:*:*:*","matchCriteriaId":"DDDCBC52-F003-4776-8D21-B525CF8D8B8D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29794","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34764","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:34788","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42009","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467279","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-2","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:13274","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29794","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34372","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34764","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34788","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36004","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36005","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36006","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42009","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467279","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42009.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-43499","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-21T13:16:19.300","lastModified":"2026-07-08T23:16:54.523","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::task instead of current in remove_waiter()\n\nremove_waiter() is used by the slowlock paths, but it is also used for\nproxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from\nfutex_requeue().\n\nIn the latter case waiter::task is not current, but remove_waiter()\noperates on current for the dequeue operation. That results in several\nproblems:\n\n  1) the rbtree dequeue happens without waiter::task::pi_lock being held\n\n  2) the waiter task's pi_blocked_on state is not cleared, which leaves a\n     dangling pointer primed for UAF around.\n\n  3) rt_mutex_adjust_prio_chain() operates on the wrong top priority waiter\n     task\n\nUse waiter::task instead of current in all related operations in\nremove_waiter() to cure those problems.\n\n[ tglx: Fixup rt_mutex_adjust_prio_chain(), add a comment and amend the\n  \tchangelog ]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["kernel/locking/rtmutex.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"d8cce4773c2b23d819baf5abedc62f7b430e8745","versionType":"git","status":"affected"},{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"8a1fc8d698ac5e5916e3082a0f74450d71f9611f","versionType":"git","status":"affected"},{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"6d52dfcb2a5db86e346cf51f8fcf2071b8085166","versionType":"git","status":"affected"},{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"3fb7394a837740770f0d6b4b30567e60786a63f2","versionType":"git","status":"affected"},{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"88614876370aac8ad1050ad785a4c095ba17ac11","versionType":"git","status":"affected"},{"version":"8161239a8bcce9ad6b537c04a1fa3b5c68bae693","lessThan":"3bfdc63936dd4773109b7b8c280c0f3b5ae7d349","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["kernel/locking/rtmutex.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.39","status":"affected"},{"version":"0","lessThan":"2.6.39","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.39","versionEndExcluding":"6.1.175","matchCriteriaId":"0C6D7D14-6525-4171-992F-7F8ADC8215B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3bfdc63936dd4773109b7b8c280c0f3b5ae7d349","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3fb7394a837740770f0d6b4b30567e60786a63f2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6d52dfcb2a5db86e346cf51f8fcf2071b8085166","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/88614876370aac8ad1050ad785a4c095ba17ac11","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8a1fc8d698ac5e5916e3082a0f74450d71f9611f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d8cce4773c2b23d819baf5abedc62f7b430e8745","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/12","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-5072","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-05-22T08:16:15.027","lastModified":"2026-07-08T13:31:40.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bitwise shift vulnerability in Zephyr's PTP subsystem allows a remote attacker to cause undefined behavior and potential system crashes. An attacker sends a crafted PTP_MSG_MANAGEMENT message to set an unvalidated negative log_announce_interval value in the port's data set. When a subsequent PTP_MSG_ANNOUNCE message is processed, port_timer_set_timeout_random computes a timeout as NSEC_PER_SEC >> -log_seconds; if the attacker-supplied value is sufficiently negative (e.g., -127), the shift amount exceeds the 64-bit integer width, triggering undefined behavior in C. This can cause a system crash via a compiler-generated illegal instruction trap on some architectures, or produce an erroneous zero timeout leading to resource starvation loops or other logical errors."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-22T16:27:18.853870Z","id":"CVE-2026-5072","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-1335"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3v98-458v-388r","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-40033","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-05-26T15:16:34.480","lastModified":"2026-07-08T13:16:41.350","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdi_CacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because rectangle validation clamps coordinates to UINT16_MAX but performs copy operations using unclamped cache entry dimensions, enabling malicious RDP servers to trigger large out-of-bounds writes and potentially achieve remote code execution or client crash."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"FreeRDP","product":"FreeRDP","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.26.0","versionType":"semver","status":"affected"},{"version":"3.26.0","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-26T00:00:00+00:00","id":"CVE-2026-40033","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.26.0","matchCriteriaId":"186FAA8A-CF9D-40F3-8509-DAC168BFDA2F"}]}]}],"references":[{"url":"https://github.com/FreeRDP/FreeRDP/commit/d7508ebcd82842a691ae4941e5104d14240a89ae","source":"disclosure@vulncheck.com"},{"url":"https://github.com/FreeRDP/FreeRDP/pull/12713","source":"disclosure@vulncheck.com"},{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff","source":"disclosure@vulncheck.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/freerdp-heap-buffer-overflow-in-gdi-cachetosurface-via-rectangle-validation-bypass","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36203","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-40033","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481473","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40033.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-48864","sourceIdentifier":"secalert@redhat.com","published":"2026-05-26T17:16:54.050","lastModified":"2026-07-09T16:16:41.847","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:0.7.33-5.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/a:redhat:enterprise_linux:8::crb","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:0.7.20-7.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"libsolv-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"0.7.38-2.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/libsolv","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 4 for Cloud Providers","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsolv","cpes":["cpe:/a:redhat:rhui:4::el8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-28T03:55:45.469552Z","id":"CVE-2026-48864","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:opensuse:libsolv:0.7.36:*:*:*:*:*:*:*","matchCriteriaId":"2E5F661C-8F2D-41F8-9A8B-99611AFADC0C"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:6.0:*:*:*:*:*:*:*","matchCriteriaId":"848C92A9-0677-442B-8D52-A448F2019903"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:update_infrastructure:4:*:*:*:*:*:*:*","matchCriteriaId":"E8D92E10-0E79-479F-A963-5657D1BC4E03"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:21333","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:28236","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36730","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-48864","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2460425","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-42015","sourceIdentifier":"secalert@redhat.com","published":"2026-05-26T22:16:42.180","lastModified":"2026-07-09T07:16:23.513","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T12:47:07.830892Z","id":"CVE-2026-42015","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-193"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42015","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467678","source":"secalert@redhat.com"},{"url":"https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-11","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-5260","sourceIdentifier":"secalert@redhat.com","published":"2026-05-26T22:16:44.170","lastModified":"2026-07-09T07:16:24.843","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.8.10-4.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.8.9-9.el10_0.19","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/o:redhat:enterprise_linux:8::baseos"],"versions":[{"version":"0:3.6.16-8.el8_10.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:3.6.14-10.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","cpe:/o:redhat:rhel_aus:8.4::baseos","cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"],"versions":[{"version":"0:4.13-3.el8_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:3.6.16-5.el8_6.5","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","cpe:/o:redhat:rhel_aus:8.6::baseos","cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"],"versions":[{"version":"0:4.13-3.el8_6.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:3.6.16-7.el8_8.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libtasn1","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream","cpe:/o:redhat:rhel_e4s:8.8::baseos","cpe:/o:redhat:rhel_tus:8.8::baseos"],"versions":[{"version":"0:4.13-4.el8_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/o:redhat:enterprise_linux:9::baseos"],"versions":[{"version":"0:3.8.10-4.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream","cpe:/o:redhat:rhel_e4s:9.4::baseos"],"versions":[{"version":"0:3.8.3-4.el9_4.6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/o:redhat:rhel_eus:9.6::baseos"],"versions":[{"version":"0:3.8.3-6.el9_6.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-server-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782159791","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"discovery/discovery-ui-rhel9","cpes":["cpe:/a:redhat:discovery:2::el9"],"versions":[{"version":"1782166952","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/cds-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525684","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/haproxy-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525671","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/installer-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525693","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"rhui5/rhua-rhel9","cpes":["cpe:/a:redhat:rhui:5::el9"],"versions":[{"version":"1781525739","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gnutls","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-27T13:36:46.793551Z","id":"CVE-2026-5260","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:20611","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20612","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:20613","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26409","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30004","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30849","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:30850","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:32962","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33125","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-5260","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467450","source":"secalert@redhat.com"},{"url":"https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-10","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-45984","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-27T14:17:15.640","lastModified":"2026-07-09T13:17:21.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in iomap inline data write path\n\nThe inline data buffer head (dibh) is being released prematurely in\ngfs2_iomap_begin() via release_metapath() while iomap->inline_data\nstill points to dibh->b_data. This causes a use-after-free when\niomap_write_end_inline() later attempts to write to the inline data\narea.\n\nThe bug sequence:\n1. gfs2_iomap_begin() calls gfs2_meta_inode_buffer() to read inode\n   metadata into dibh\n2. Sets iomap->inline_data = dibh->b_data + sizeof(struct gfs2_dinode)\n3. Calls release_metapath() which calls brelse(dibh), dropping refcount\n   to 0\n4. kswapd reclaims the page (~39ms later in the syzbot report)\n5. iomap_write_end_inline() tries to memcpy() to iomap->inline_data\n6. KASAN detects use-after-free write to freed memory\n\nFix by storing dibh in iomap->private and incrementing its refcount\nwith get_bh() in gfs2_iomap_begin(). The buffer is then properly\nreleased in gfs2_iomap_end() after the inline write completes,\nensuring the page stays alive for the entire iomap operation.\n\nNote: A C reproducer is not available for this issue. The fix is based\non analysis of the KASAN report and code review showing the buffer head\nis freed before use.\n\n[agruenba: Take buffer head reference in gfs2_iomap_begin() to avoid\nleaks in gfs2_iomap_get() and gfs2_iomap_alloc().]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/gfs2/bmap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"1403989d1b502f4a2c0d0b42ccf1c25748442eff","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"1cae1bafdf9caa9b462b19af06b1a06902e4e142","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"764c3c84b5683e608f43735c803a5f415046686c","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"d87268326b277af3665237ac76a73dd9fa8e21b4","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"87d4954b5c59735a99ea98cb208d47130f6dce7d","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"6d76febba07c40bcf358f63216d36ea68cf1c215","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"815ddd27c0c7171a99fe802fdb19098ddef8b19d","versionType":"git","status":"affected"},{"version":"d0a22a4b03b8475b7aa3fa41243c26c291407844","lessThan":"faddeb848305e79db89ee0479bb0e33380656321","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/gfs2/bmap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.2","status":"affected"},{"version":"0","lessThan":"5.2","versionType":"semver","status":"unaffected"},{"version":"5.10.252","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.202","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.165","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.128","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux for NVIDIA 26","defaultStatus":"unknown","cpes":["cpe:/a:redhat:enterprise_linux_nvidia:"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-826"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.10.252","matchCriteriaId":"60080FD7-0394-4349-8DD9-10D099A3D189"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.202","matchCriteriaId":"4002FC2B-1456-4666-B240-0EBF590C4671"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.165","matchCriteriaId":"797C7F46-D0BE-4FB8-A502-C5EF8E6B6654"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.128","matchCriteriaId":"851E9353-6C09-4CC9-877E-E09DB164A3C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.75","matchCriteriaId":"BCE16369-98ED-41CF-8995-DFDC10B288D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.14","matchCriteriaId":"BF463CB7-1F58-4607-B847-77ED23E4B9B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1403989d1b502f4a2c0d0b42ccf1c25748442eff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1cae1bafdf9caa9b462b19af06b1a06902e4e142","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6d76febba07c40bcf358f63216d36ea68cf1c215","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/764c3c84b5683e608f43735c803a5f415046686c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/815ddd27c0c7171a99fe802fdb19098ddef8b19d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/87d4954b5c59735a99ea98cb208d47130f6dce7d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d87268326b277af3665237ac76a73dd9fa8e21b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/faddeb848305e79db89ee0479bb0e33380656321","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33743","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35894","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36049","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36767","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-45984","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481922","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45984.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46152","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:30.827","lastModified":"2026-07-09T13:17:21.267","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: drop stray 'static' from fast-RX rx_result\n\nieee80211_invoke_fast_rx() is documented as safe for parallel RX, but\nits per-invocation rx_result is declared static. Concurrent callers then\nshare one instance and can overwrite each other's result between\nieee80211_rx_mesh_data() and the switch on res.\n\nThat can make a packet that was queued or consumed by\nieee80211_rx_mesh_data() fall through into ieee80211_rx_8023(), or make\na packet that should continue return as queued.\n\nMake res an automatic variable so each invocation keeps its own result."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/mac80211/rx.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3468e1e0c639032a603450f0830ccabfa76f5806","lessThan":"03584528bfffb195e384698af9148b94e42e3f14","versionType":"git","status":"affected"},{"version":"3468e1e0c639032a603450f0830ccabfa76f5806","lessThan":"1739fc31b4de06c5c78ce0741182770fb079091e","versionType":"git","status":"affected"},{"version":"3468e1e0c639032a603450f0830ccabfa76f5806","lessThan":"e131562d6f2b958148c35c98831b007f47f0e3d3","versionType":"git","status":"affected"},{"version":"3468e1e0c639032a603450f0830ccabfa76f5806","lessThan":"3ef44f96ccc3e06e059dec57842e366f0c4b1893","versionType":"git","status":"affected"},{"version":"3468e1e0c639032a603450f0830ccabfa76f5806","lessThan":"7a5b81e0c87a075afd572f659d8eb68c9c4cd2ba","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/mac80211/rx.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.4","status":"affected"},{"version":"0","lessThan":"6.4","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1058"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.6.140","matchCriteriaId":"FA2B001B-CDB2-4EF3-8FCE-74CFF813CACD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/03584528bfffb195e384698af9148b94e42e3f14","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1739fc31b4de06c5c78ce0741182770fb079091e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3ef44f96ccc3e06e059dec57842e366f0c4b1893","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7a5b81e0c87a075afd572f659d8eb68c9c4cd2ba","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e131562d6f2b958148c35c98831b007f47f0e3d3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26427","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26428","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27288","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36767","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46152","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482563","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46152.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46166","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:32.250","lastModified":"2026-07-09T13:17:21.513","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: use safe list iteration in radar detect work\n\nThe call to ieee80211_dfs_cac_cancel can cause the iterated chanctx to\nbe freed and removed from the list. Guard against this to avoid a\nslab-use-after-free error."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/mac80211/util.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"bca8bc0399ac2efd56e6adbed0307e10125a556c","lessThan":"887ece6c23b49d02a6678e7a8d5ad213d75883ce","versionType":"git","status":"affected"},{"version":"bca8bc0399ac2efd56e6adbed0307e10125a556c","lessThan":"7577a4b8a10fab45a6ee2045ea038a5adadbb585","versionType":"git","status":"affected"},{"version":"bca8bc0399ac2efd56e6adbed0307e10125a556c","lessThan":"120149fb3ebcf674832ca3cafd32bedcdb686dde","versionType":"git","status":"affected"},{"version":"bca8bc0399ac2efd56e6adbed0307e10125a556c","lessThan":"ac8eb3e18f41e2cc8492cc1d358bcb786c850270","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/mac80211/util.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.88","matchCriteriaId":"C8A48616-157E-46FF-A9A9-400C7E9B0718"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/120149fb3ebcf674832ca3cafd32bedcdb686dde","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7577a4b8a10fab45a6ee2045ea038a5adadbb585","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/887ece6c23b49d02a6678e7a8d5ad213d75883ce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ac8eb3e18f41e2cc8492cc1d358bcb786c850270","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27288","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27708","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27789","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46166","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482645","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46166.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46181","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:33.743","lastModified":"2026-07-08T13:16:48.147","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()\n\nSashiko points out the radix_tree itself is RCU safe, but nothing ever\nfrees the mlx4_srq struct with RCU, and it isn't even accessed within the\nRCU critical section. It also will crash if an event is delivered before\nthe srq object is finished initializing.\n\nUse the spinlock since it isn't easy to make RCU work, use\nrefcount_inc_not_zero() to protect against partially initialized objects,\nand order the refcount_set() to be after the srq is fully initialized."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ethernet/mellanox/mlx4/srq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"30353bfc43a1602c020f31d95cf27182ffd23824","lessThan":"1e2a44875b6afb4add1115f7f3351dcbeb6f273d","versionType":"git","status":"affected"},{"version":"30353bfc43a1602c020f31d95cf27182ffd23824","lessThan":"8b7833f3bce35cb0d01c1503781523c099c675f0","versionType":"git","status":"affected"},{"version":"30353bfc43a1602c020f31d95cf27182ffd23824","lessThan":"c9341307ea16b9395c2e4c9c94d8499d91fe31d0","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ethernet/mellanox/mlx4/srq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.9","status":"affected"},{"version":"0","lessThan":"4.9","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-366"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"6.18.30","matchCriteriaId":"30E456CE-E137-4419-A5F0-4A21EECAC362"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1e2a44875b6afb4add1115f7f3351dcbeb6f273d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8b7833f3bce35cb0d01c1503781523c099c675f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9341307ea16b9395c2e4c9c94d8499d91fe31d0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25120","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25121","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33900","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34095","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34443","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35863","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35894","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35896","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36216","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46181","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482532","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46181.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46189","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:34.540","lastModified":"2026-07-09T13:17:21.743","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/vmw_pvrdma: Fix double free on pvrdma_alloc_ucontext() error path\n\nSashiko points out that pvrdma_uar_free() is already called within\npvrdma_dealloc_ucontext(), so calling it before triggers a double free."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/infiniband/hw/vmw_pvrdma/pvrdma_verbs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"269967d7693304e1f06ed2dff4ebbbeeb397cda4","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"1df5711121cdc11e76b889408fdbe459feba1d39","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"3a231c34c5bc3d3cfc850b877758ec9fdaa8a483","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"ecc36a82ecfcfdf3c6606d209f22ec5543c410e0","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"45d25e3ec17900bf5a9d6876ff16ceee31c4c0e0","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"0c63333ff97bd1275294fd12840a0efe9d7a4c59","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"935ee27d0904aa944cbcc979094c20e5ef62eead","versionType":"git","status":"affected"},{"version":"29c8d9eba550c6d73d17cc1618a9f5f2a7345aa1","lessThan":"e38e86995df27f1f854063dab1f0c6a513db3faf","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/infiniband/hw/vmw_pvrdma/pvrdma_verbs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.10","status":"affected"},{"version":"0","lessThan":"4.10","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-1341"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.10.258","matchCriteriaId":"CE5B9066-4DF6-4452-B9C5-B22E69A91B92"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0c63333ff97bd1275294fd12840a0efe9d7a4c59","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1df5711121cdc11e76b889408fdbe459feba1d39","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/269967d7693304e1f06ed2dff4ebbbeeb397cda4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3a231c34c5bc3d3cfc850b877758ec9fdaa8a483","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/45d25e3ec17900bf5a9d6876ff16ceee31c4c0e0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/935ee27d0904aa944cbcc979094c20e5ef62eead","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e38e86995df27f1f854063dab1f0c6a513db3faf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ecc36a82ecfcfdf3c6606d209f22ec5543c410e0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:30848","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33685","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33743","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35904","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36049","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36073","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36767","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46189","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482588","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46189.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46215","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:37.147","lastModified":"2026-07-10T05:16:37.103","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Set old handle to NULL before prime swap in change_handle\n\nThere was a potential race condition in change_handle. The ioctl\nbriefly had a single object with two idr entries; a concurrent\ngem_close could delete the object and remove one of the handles\nwhile leaving the other one dangling, which could subsequently\nbe dereferenced for a use-after-free.\n\nTo fix this, do the same dance that gem_close itself does.\n(f6cd7daecff5 drm: Release driver references to handle before making it available again)\nFirst idr_replace the old handle to NULL. Later, if the prime\noperations are successful, actually close it.\n\ncreate_tail required a similar dance to avoid a similar problem.\n(bd46cece51a3 drm/gem: Fix race in drm_gem_handle_create_tail())\nIt idr_allocs the new handle with NULL, then swaps in the correct\nobject later to avoid races. We don't need to do that here, since\nthe only operations that could race are drm_prime, and\nchange_handle holds the prime lock for the entire duration.\n\nv2: cleanups of error paths"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/drm_gem.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"53096728b8910c6916ecc6c46a5abc5c678b58d9","lessThan":"672464dd53231509c9c771110798c56d4660e19e","versionType":"git","status":"affected"},{"version":"53096728b8910c6916ecc6c46a5abc5c678b58d9","lessThan":"61bd96d3e5472c253f9c1ab77608f0c8aaa9d025","versionType":"git","status":"affected"},{"version":"53096728b8910c6916ecc6c46a5abc5c678b58d9","lessThan":"5e28b7b94408897e41c63477aabc9e1db439bc8c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/drm_gem.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-46215","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.32","matchCriteriaId":"C29FBB84-11C5-4598-8812-17C64D98F7F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5e28b7b94408897e41c63477aabc9e1db439bc8c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/61bd96d3e5472c253f9c1ab77608f0c8aaa9d025","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/672464dd53231509c9c771110798c56d4660e19e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://github.com/0xCyberstan/CVE-2026-46215-POC","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-46227","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-28T10:16:38.317","lastModified":"2026-07-09T13:17:21.990","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep->asocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs.  The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep->asocs), and optionally close the new socket which frees the\nassociation via kfree_rcu().  The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc->base.sk\" and \"asoc->base.dead\" checks, but nothing\nrevalidates @tmp.  After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint's list head (type\nconfusion of &newep->asocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched->init_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns.  @asoc is known to still be on ep->asocs at that point: the\nonly callers that list_del an association from ep->asocs are\nsctp_association_free() (which sets asoc->base.dead) and\nsctp_assoc_migrate() (which changes asoc->base.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err < 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits 'continue' before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/sctp/socket.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"f3a3f0b406b4b7eb3cea35a23fa2bf170848b104","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"0dbc8cde64280fc37cdd678cced34eaf96cfb197","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"0c7b55974f97b78d1109025eadf084e74cbf330f","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"1bfb06ecb00f7fdf35dba8e8f2877346cbe5e078","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"6187a172d6ed57d6b2c327836e4407c6456e639d","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"c9dadb31f36045a8cb65df4bd75e7237ef21a4b5","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"bf0f40d8107e2ce827521968dc6926f3e13728ae","versionType":"git","status":"affected"},{"version":"4910280503f3af2857d5aa77e35b22d93a8960a8","lessThan":"abb5f36771cc4c05899b34000829a787572a8817","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/sctp/socket.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.17","status":"affected"},{"version":"0","lessThan":"4.17","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.90","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17","versionEndExcluding":"5.10.258","matchCriteriaId":"CF9EFBB4-E004-479B-A237-DECC87FD4D0E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.90","matchCriteriaId":"3BAAA2BE-6EEC-45D5-AD66-50F63CA20483"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.32","matchCriteriaId":"CB9F1FA8-6D5E-42B1-9877-57BACFE5C886"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0c7b55974f97b78d1109025eadf084e74cbf330f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0dbc8cde64280fc37cdd678cced34eaf96cfb197","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1bfb06ecb00f7fdf35dba8e8f2877346cbe5e078","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6187a172d6ed57d6b2c327836e4407c6456e639d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/abb5f36771cc4c05899b34000829a787572a8817","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bf0f40d8107e2ce827521968dc6926f3e13728ae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9dadb31f36045a8cb65df4bd75e7237ef21a4b5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f3a3f0b406b4b7eb3cea35a23fa2bf170848b104","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26462","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26515","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26535","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26563","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27731","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27735","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33899","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34094","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36348","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36349","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36956","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46227","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482564","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46227.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-45292","sourceIdentifier":"security-advisories@github.com","published":"2026-05-28T17:16:32.060","lastModified":"2026-07-09T13:17:20.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"opentelemetry-java is the Java implementation of the OpenTelemetry API for recording telemetry, and SDK for managing telemetry recorded by the API. Prior to 1.62.0, a vulnerability affects the baggage propagation implementation in opentelemetry-api and opentelemetry-extension-trace-propagators. Parsing oversized baggage causes unbounded memory allocation and CPU consumption. Because baggage is automatically re-injected into every outgoing request, the effect can fan out to downstream services that never received the original malicious request. This vulnerability is fixed in 1.62.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"open-telemetry","product":"opentelemetry-java","versions":[{"version":"< 1.62.0","status":"affected"}]},{"vendor":"io.opentelemetry","product":"opentelemetry-api","versions":[{"version":"1.62.0","status":"affected"}]},{"vendor":"io.opentelemetry","product":"opentelemetry-extension-trace-propagators","versions":[{"version":"1.62.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Offline Knowledge Portal 1.2.7","defaultStatus":"affected","cpes":["cpe:/a:redhat:offline_knowledge_portal:1.2::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Exploit Intelligence","defaultStatus":"affected","cpes":["cpe:/a:redhat:exploit_intelligence:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unknown","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-05-28T17:27:00.066477Z","id":"CVE-2026-45292","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://github.com/open-telemetry/opentelemetry-java/commit/03837d3c1763bc35464aea1078671e2ef2336a5f","source":"security-advisories@github.com"},{"url":"https://github.com/open-telemetry/opentelemetry-java/pull/8380","source":"security-advisories@github.com"},{"url":"https://github.com/open-telemetry/opentelemetry-java/releases/tag/v1.62.0","source":"security-advisories@github.com"},{"url":"https://github.com/open-telemetry/opentelemetry-java/security/advisories/GHSA-rcgg-9c38-7xpx","source":"security-advisories@github.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28573","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-45292","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2482785","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45292.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-44420","sourceIdentifier":"security-advisories@github.com","published":"2026-05-29T20:16:24.383","lastModified":"2026-07-08T13:16:45.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel by sending a CB_CLIP_CAPS PDU with a too-small capabilitySetLength. This can crash the server process (remote DoS) and may be exploitable for code execution because it corrupts heap memory. This vulnerability is fixed in 3.26.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FreeRDP","product":"FreeRDP","versions":[{"version":"< 3.26.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-01T00:00:00+00:00","id":"CVE-2026-44420","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.26.0","matchCriteriaId":"186FAA8A-CF9D-40F3-8509-DAC168BFDA2F"}]}]}],"references":[{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-mvpx-xj7r-3p3r","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36203","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-44420","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483480","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/yhirose/cpp-httplib/security/advisories/GHSA-h6wq-j5mv-f3q8","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44420.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-44421","sourceIdentifier":"security-advisories@github.com","published":"2026-05-29T20:16:24.513","lastModified":"2026-07-08T13:16:45.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs. The bug is in gdi_CacheToSurface: it validates a destination rectangle that is clamped to UINT16_MAX, but then performs the copy using the original cacheEntry->width/height. This can cause a large out-of-bounds heap write and may lead to client crashes or code execution. This bug is reachable from a malicious RDP server, but only when the client has RDPGFX enabled. This vulnerability is fixed in 3.26.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FreeRDP","product":"FreeRDP","versions":[{"version":"< 3.26.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-01T00:00:00+00:00","id":"CVE-2026-44421","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.26.0","matchCriteriaId":"186FAA8A-CF9D-40F3-8509-DAC168BFDA2F"}]}]}],"references":[{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36203","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-44421","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483471","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-p6r2-4hgm-m6ff","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44421.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-44422","sourceIdentifier":"security-advisories@github.com","published":"2026-05-29T20:16:24.660","lastModified":"2026-07-08T13:16:46.123","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without tracking the pointed object's expected NDR type or ownership. When the same ref-id is reused across two pointer fields, the parser assigns the same heap object to both output fields. The generic destructor later walks each field independently and destroys/frees both pointers. This causes a malicious-server-triggerable heap use-after-free / double-free in the FreeRDP client's RDPEAR authentication-redirection path. This vulnerability is fixed in 3.26.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FreeRDP","product":"FreeRDP","versions":[{"version":"< 3.26.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-01T00:00:00+00:00","id":"CVE-2026-44422","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-415"},{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*","versionEndExcluding":"3.26.0","matchCriteriaId":"186FAA8A-CF9D-40F3-8509-DAC168BFDA2F"}]}]}],"references":[{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-j9q5-7g8m-jc9v","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36203","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-44422","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483467","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-j9q5-7g8m-jc9v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44422.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-5071","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-05-30T08:16:16.370","lastModified":"2026-07-08T13:30:31.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The SocketCAN implementation validates the length of a user-provided buffer containing a socketcan_frame object using only a NET_ASSERT statement in zcan_sendto_ctx() before dereferencing it in socketcan_to_can_frame(). In production builds where assertions are disabled, a userspace application that controls the length passed to a sendto syscall can supply an incomplete or truncated frame, causing socketcan_to_can_frame() to dereference fields beyond the end of the buffer. This results in an out-of-bounds read that can cause denial-of-service crashes or, because the parsed frame contents are transmitted on the network, leak adjacent memory."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-01T13:51:23.839460Z","id":"CVE-2026-5071","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-c3w6-x7m3-3c58","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46242","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-05-30T13:16:21.980","lastModified":"2026-07-09T01:19:06.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: fix ep_remove struct eventpoll / struct file UAF\n\nep_remove() (via ep_remove_file()) cleared file->f_ep under\nfile->f_lock but then kept using @file inside the critical section\n(is_file_epoll(), hlist_del_rcu() through the head, spin_unlock).\nA concurrent __fput() taking the eventpoll_release() fastpath in\nthat window observed the transient NULL, skipped\neventpoll_release_file() and ran to f_op->release / file_free().\n\nFor the epoll-watches-epoll case, f_op->release is\nep_eventpoll_release() -> ep_clear_and_put() -> ep_free(), which\nkfree()s the watched struct eventpoll. Its embedded ->refs\nhlist_head is exactly where epi->fllink.pprev points, so the\nsubsequent hlist_del_rcu()'s \"*pprev = next\" scribbles into freed\nkmalloc-192 memory.\n\nIn addition, struct file is SLAB_TYPESAFE_BY_RCU, so the slot\nbacking @file could be recycled by alloc_empty_file() --\nreinitializing f_lock and f_ep -- while ep_remove() is still\nnominally inside that lock. The upshot is an attacker-controllable\nkmem_cache_free() against the wrong slab cache.\n\nPin @file via epi_fget() at the top of ep_remove() and gate the\ncritical section on the pin succeeding. With the pin held @file\ncannot reach refcount zero, which holds __fput() off and\ntransitively keeps the watched struct eventpoll alive across the\nhlist_del_rcu() and the f_lock use, closing both UAFs.\n\nIf the pin fails @file has already reached refcount zero and its\n__fput() is in flight. Because we bailed before clearing f_ep,\nthat path takes the eventpoll_release() slow path into\neventpoll_release_file() and blocks on ep->mtx until the waiter\nside's ep_clear_and_put() drops it. The bailed epi's share of\nep->refcount stays intact, so the trailing ep_refcount_dec_and_test()\nin ep_clear_and_put() cannot free the eventpoll out from under\neventpoll_release_file(); the orphaned epi is then cleaned up\nthere.\n\nA successful pin also proves we are not racing\neventpoll_release_file() on this epi, so drop the now-redundant\nre-check of epi->dying under f_lock. The cheap lockless\nREAD_ONCE(epi->dying) fast-path bailout stays."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/eventpoll.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"58c9b016e12855286370dfb704c08498edbc857a","lessThan":"2de4db145b2992da496fea6c51f9839be678ae24","versionType":"git","status":"affected"},{"version":"58c9b016e12855286370dfb704c08498edbc857a","lessThan":"9324de74a3a59b9fde9b62ee45ebaa71458ba2e5","versionType":"git","status":"affected"},{"version":"58c9b016e12855286370dfb704c08498edbc857a","lessThan":"ef4ca02e95363e78977ca04340d44fe3b4b2b81f","versionType":"git","status":"affected"},{"version":"58c9b016e12855286370dfb704c08498edbc857a","lessThan":"ced39b6a8062bac5c18a1c3df85634107eb8664a","versionType":"git","status":"affected"},{"version":"58c9b016e12855286370dfb704c08498edbc857a","lessThan":"a6dc643c69311677c574a0f17a3f4d66a5f3744b","versionType":"git","status":"affected"},{"version":"f2451def095c1743adcfcb0cb5dadc86034e162a","versionType":"git","status":"affected"},{"version":"a1f93804449d13f97dabd4b996817de4bf1ed67a","versionType":"git","status":"affected"},{"version":"5.15.209","lessThan":"5.16","versionType":"semver","status":"affected"},{"version":"6.1.175","lessThan":"6.2","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/eventpoll.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.4","status":"affected"},{"version":"0","lessThan":"6.4","versionType":"semver","status":"unaffected"},{"version":"6.6.144","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.95","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.209","versionEndExcluding":"5.16","matchCriteriaId":"DA466B5F-044E-47F0-A6CE-AB474F8A9361"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.175","versionEndExcluding":"6.2","matchCriteriaId":"67892698-2698-487E-B4D2-EFCD2D933D19"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.18.33","matchCriteriaId":"51601BBF-BF40-48AF-8132-2582D7E56D71"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2de4db145b2992da496fea6c51f9839be678ae24","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/9324de74a3a59b9fde9b62ee45ebaa71458ba2e5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/a6dc643c69311677c574a0f17a3f4d66a5f3744b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ced39b6a8062bac5c18a1c3df85634107eb8664a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ef4ca02e95363e78977ca04340d44fe3b4b2b81f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/14","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-27145","sourceIdentifier":"security@golang.org","published":"2026-06-02T23:16:35.570","lastModified":"2026-07-09T13:16:54.550","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"(*x509.Certificate).VerifyHostname previously called matchHostnames in a loop over all DNS Subject Alternative Name (SAN) entries. This caused strings.Split(host, \".\") to execute repeatedly on the same input hostname. With a large DNS SAN list, verification costs scaled quadratically based on the number of SAN entries multiplied by the hostname's label count. Because x509.Verify validates hostnames before building the certificate chain, this overhead occurred even for untrusted certificates."}],"affected":[{"source":"security@golang.org","affectedData":[{"vendor":"Go standard library","product":"crypto/x509","defaultStatus":"unaffected","collectionURL":"https://pkg.go.dev","packageName":"crypto/x509","programRoutines":[{"name":"HostnameError.Error"},{"name":"matchHostnames"},{"name":"Certificate.Verify"},{"name":"Certificate.VerifyHostname"}],"versions":[{"version":"0","lessThan":"1.25.11","versionType":"semver","status":"affected"},{"version":"1.26.0-0","lessThan":"1.26.4","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.9::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"Red Hat Trusted Artifact Signer 1.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:trusted_artifact_signer:1.4::el9"]},{"vendor":"Red Hat","product":"Assisted Installer for Red Hat OpenShift Container Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:assisted_installer:2"]},{"vendor":"Red Hat","product":"cert-manager Operator for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:cert_manager:1"]},{"vendor":"Red Hat","product":"Compliance Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_compliance_operator:1"]},{"vendor":"Red Hat","product":"Confidential Compute Attestation","defaultStatus":"affected","cpes":["cpe:/a:redhat:confidential_compute_attestation:1"]},{"vendor":"Red Hat","product":"Deployment Validation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:deployment_validator_operator"]},{"vendor":"Red Hat","product":"External Secrets Operator for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:external_secrets_operator:1"]},{"vendor":"Red Hat","product":"Fence Agents Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_far:0"]},{"vendor":"Red Hat","product":"File Integrity Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_file_integrity_operator:1"]},{"vendor":"Red Hat","product":"Machine Deletion Remediation Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_mdr:0"]},{"vendor":"Red Hat","product":"Migration Toolkit for Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhmt:1"]},{"vendor":"Red Hat","product":"Multiarch Tuning Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:multiarch_tuning_operator"]},{"vendor":"Red Hat","product":"Multicluster Global Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_globalhub"]},{"vendor":"Red Hat","product":"Network Observability Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:network_observ_optr:1"]},{"vendor":"Red Hat","product":"Node HealthCheck Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:workload_availability_nhc:0"]},{"vendor":"Red Hat","product":"OpenShift API for Data Protection","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_api_data_protection:1"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3"]},{"vendor":"Red Hat","product":"OpenShift Source-to-Image (S2I)","defaultStatus":"affected","cpes":["cpe:/a:redhat:source_to_image:1"]},{"vendor":"Red Hat","product":"Power monitoring for Red Hat OpenShift","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_power_monitoring"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:5"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:ceph_storage:6"]},{"vendor":"Red Hat","product":"Red Hat Connectivity Link 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:connectivity_link:1"]},{"vendor":"Red Hat","product":"Red Hat Edge Manager 1","defaultStatus":"affected","cpes":["cpe:/a:redhat:edge_manager:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Lightspeed for Runtimes Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:lightspeed_for_runtimes:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Cluster Manager CLI","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_cluster_manager_cli:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Workspaces Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:devworkspace"]},{"vendor":"Red Hat","product":"Red Hat OpenShift on AWS","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_service_on_aws:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:openstack:18.0"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]},{"vendor":"Red Hat","product":"Red Hat Web Terminal","defaultStatus":"affected","cpes":["cpe:/a:redhat:webterminal:1"]},{"vendor":"Red Hat","product":"Security Profiles Operator","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_security_profiles_operator:1"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:1"]},{"vendor":"Red Hat","product":"Zero Trust Workload Identity Manager - Tech Preview","defaultStatus":"affected","cpes":["cpe:/a:redhat:zero_trust_workload_identity_manager:0"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Custom Metric Autoscaler operator for Red Hat Openshift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"]},{"vendor":"Red Hat","product":"Gatekeeper 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:gatekeeper:3"]},{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:logging:6"]},{"vendor":"Red Hat","product":"Logical Volume Manager Storage","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:lvms:4"]},{"vendor":"Red Hat","product":"Migration Toolkit for Applications 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:migration_toolkit_applications:8"]},{"vendor":"Red Hat","product":"mirror registry for Red Hat OpenShift 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:mirror_registry:2"]},{"vendor":"Red Hat","product":"Multicluster Engine for Kubernetes","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:multicluster_engine"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Service Mesh 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_mesh:2"]},{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:advanced_cluster_security:4"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ceph_storage:7"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ceph_storage:8"]},{"vendor":"Red Hat","product":"Red Hat Ceph Storage 9","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:ceph_storage:9"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift distributed tracing 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_distributed_tracing:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:windows_machine_config"]},{"vendor":"Red Hat","product":"Red Hat OpenShift GitOps","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_gitops:1"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Service Interconnect 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:service_interconnect:2"]},{"vendor":"Red Hat","product":"Service Telemetry Framework 1.5","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:stf:1.5"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-04T12:34:03.859208Z","id":"CVE-2026-27145","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-606"}]}],"references":[{"url":"https://go.dev/cl/783621","source":"security@golang.org"},{"url":"https://go.dev/issue/79694","source":"security@golang.org"},{"url":"https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw","source":"security@golang.org"},{"url":"https://pkg.go.dev/vuln/GO-2026-5037","source":"security@golang.org"},{"url":"https://access.redhat.com/errata/RHSA-2026:29981","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:33574","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34357","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34359","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35832","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36317","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36648","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36797","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-27145","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484207","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27145.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-41283","sourceIdentifier":"cve@mitre.org","published":"2026-06-04T04:17:12.700","lastModified":"2026-07-08T13:16:41.930","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenStack","product":"Mistral","defaultStatus":"unaffected","versions":[{"version":"20.0.0","lessThan":"20.1.1","versionType":"semver","status":"affected"},{"version":"21.0.0","versionType":"semver","status":"affected"},{"version":"22.0.0","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:16.2"]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-04T13:09:33.475751Z","id":"CVE-2026-41283","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-749"}]}],"references":[{"url":"https://github.com/openstack/mistral/tags","source":"cve@mitre.org"},{"url":"https://security.openstack.org/ossa/OSSA-2026-020.html","source":"cve@mitre.org"},{"url":"https://www.openwall.com/lists/oss-security/2026/06/03/14","source":"cve@mitre.org"},{"url":"http://www.openwall.com/lists/oss-security/2026/06/03/14","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/security/cve/CVE-2026-41283","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484607","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-41283.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-10840","sourceIdentifier":"secalert@redhat.com","published":"2026-06-04T12:16:24.813","lastModified":"2026-07-08T13:16:27.410","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are present on the cluster, any authenticated user can disrupt workload scheduling, tamper with scheduling priorities, delete other tenants' Workload objects, or induce cert-manager to overwrite TLS Secrets including the default ingress controller certificate."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openshift-builds/openshift-builds-rhel9-operator","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"],"versions":[{"version":"1783341609","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-proxy-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel8","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-operator-webhook-rhel9","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel8-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-pipelines/pipelines-rhel9-operator","cpes":["cpe:/a:redhat:openshift_pipelines:1"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Builds 1.7.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_builds:1.7::el9"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-04T13:11:57.092142Z","id":"CVE-2026-10840","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36648","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-10840","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484720","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36648","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-10840","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484720","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-10840.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-5589","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-06-04T20:16:58.540","lastModified":"2026-07-08T13:28:55.243","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An integer underflow in bt_mesh_sol_recv() in the Bluetooth Mesh solicitation handling (subsys/bluetooth/mesh/solicitation.c) leads to an out-of-bounds write. When CONFIG_BT_MESH_OD_PRIV_PROXY_SRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an attacker-controlled length byte (reported_len) and computes reported_len - 3 without checking that reported_len >= 3. When reported_len is less than 3, the subtraction is performed in signed int arithmetic and yields a negative value that bypasses the length guard and is then implicitly converted to a very large size_t when passed to net_buf_simple_pull_mem(). In builds without assertions, this wraps the buffer length and advances the data pointer far out of bounds, so subsequent reads dereference invalid memory. A nearby BLE device can trigger this with a non-connectable advertisement carrying a UUID16 AD structure and a crafted length byte, with no pairing or prior association required, potentially leading to denial of service or arbitrary code execution."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3.0","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T18:27:34.569513Z","id":"CVE-2026-5589","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-4pm9-4v7f-x6gr","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5066","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-06-04T21:16:30.907","lastModified":"2026-07-08T13:27:57.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A potential out-of-bounds write/read exists in the TLS socket connect path of the network sockets subsystem (subsys/net/lib/sockets/sockets_tls.c). When the TLS session cache is enabled, tls_session_store() and tls_session_restore() memcpy the caller-supplied address into a fixed-size buffer using the caller-controlled addrlen value without validating it against the destination size. struct net_sockaddr is an opaque type, so an application can pass an addrlen larger than sizeof(struct net_sockaddr) (for example 128 bytes into a 24-byte stack buffer), causing the memcpy to read and write past the end of the address memory used by the TLS session cache. This out-of-bounds write can lead to a crash and denial of service, and potentially to arbitrary code execution."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"*","lessThanOrEqual":"4.3","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T18:26:28.322491Z","id":"CVE-2026-5066","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.3.0","matchCriteriaId":"7D912614-A39E-4C9B-AA54-187BC26337B9"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wgrc-jrf6-24f3","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wgrc-jrf6-24f3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42824","sourceIdentifier":"secure@microsoft.com","published":"2026-06-04T23:17:32.077","lastModified":"2026-07-09T00:17:06.030","vulnStatus":"Modified","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Copilot","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-06T17:26:03.554586Z","id":"CVE-2026-42824","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:copilot:-:*:*:*:*:*:*:*","matchCriteriaId":"4460C154-CAA1-49B9-8016-EFE5602C6E1C"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42824","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50589","sourceIdentifier":"cve@mitre.org","published":"2026-06-05T00:17:09.213","lastModified":"2026-07-08T13:16:53.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenStack","product":"Ironic","defaultStatus":"unaffected","repo":"https://opendev.org/openstack/ironic","versions":[{"version":"32.0.0","lessThan":"37.0.0","versionType":"semver","status":"unknown"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 17.1","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:17.1"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 18.0","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:18.0"]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T15:08:27.511506Z","id":"CVE-2026-50589","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openstack:ironic:*:*:*:*:*:*:*:*","versionStartIncluding":"32.0.0","versionEndExcluding":"37.0.0","matchCriteriaId":"481D4CB3-6333-4EEB-A4E0-BCF17129F83A"}]}]}],"references":[{"url":"https://bugs.launchpad.net/ironic/+bug/2154288","source":"cve@mitre.org","tags":["Issue Tracking","Mitigation"]},{"url":"https://wiki.openstack.org/wiki/OSSN/OSSN-0099","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/06/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Patch","Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-50589","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugs.launchpad.net/ironic/+bug/2154288","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking","Mitigation"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50589.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50256","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:38.727","lastModified":"2026-07-09T13:17:25.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias target name length is 1024 bytes. A font alias name between 257 and 1023 bytes causes the X server to copy that name into the undersized stack buffer without further checks. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:58:53.147448Z","id":"CVE-2026-50256","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50256","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485380","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/bb5158f962dc935e58ef8b4b5fcb31be201a6e07","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50256","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485380","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50256.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50257","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:38.907","lastModified":"2026-07-09T13:17:25.577","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection destroys the fence, causing the use-after-free. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-50257","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50257","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485382","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50257","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485382","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50257.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50258","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.070","lastModified":"2026-07-09T13:17:25.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key types to excessive shift levels and trigger stack overflows. This is caused by an incomplete fix of CVE-2025-26597. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-50258","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50258","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485383","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/543e108516428fc8c3bea91d6563ad266f9a801e","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50258","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485383","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50258.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50259","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.240","lastModified":"2026-07-09T13:17:26.307","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a stack buffer overflow. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-50259","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50259","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485384","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/867b59b33bee669cb412f1314e47c52eacf6e00b","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Third Party Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50259","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485384","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50259.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50260","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.430","lastModified":"2026-07-09T13:17:26.677","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-50260","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50260","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485385","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/f5abfb61994471023d8c6470428c8e30c411cc0b","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Vendor Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50260","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485385","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50260.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50261","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.617","lastModified":"2026-07-09T13:17:27.050","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-50261","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50261","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485386","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/bdd7bf57af208b1ddf57d4683d67104443b44812","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Vendor Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50261","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485386","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50261.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50262","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.770","lastModified":"2026-07-08T20:16:51.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapped clients which is disabled by default."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T13:37:02.899907Z","id":"CVE-2026-50262","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50262","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485387","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/6d459e4daf715bea8abdafa8fb130be2f8a1d145","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Vendor Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-50263","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:39.927","lastModified":"2026-07-08T20:16:51.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-08T16:01:18.730750Z","id":"CVE-2026-50263","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50263","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485388","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/ecc634f1b2f7aa473d3a267eada98c4918bf9e05","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Vendor Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-50264","sourceIdentifier":"secalert@redhat.com","published":"2026-06-05T12:16:40.080","lastModified":"2026-07-09T13:17:27.473","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for privilege escalation if the X server runs as root."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:24.1.9-4.el10_2.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:24.1.5-6.el10_0.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.20.4-35.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:21.1.3-20.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.20.11-28.el8_10.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.15.0-10.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"0:1.20.10-5.el8_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"0:1.20.11-8.el8_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"0:1.20.11-19.el8_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:24.1.9-4.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.20.11-34.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.15.0-7.el9_8.2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:1.20.11-21.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:21.1.3-10.el9_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:1.20.11-29.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:22.1.9-8.el9_4.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:1.20.11-34.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server-Xwayland","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:23.2.7-6.el9_6.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"xorg-x11-server","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"tigervnc","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T00:00:00+00:00","id":"CVE-2026-50264","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.1.23","matchCriteriaId":"2F16F762-98D6-437F-8771-0F6C70AF65FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.12","matchCriteriaId":"ED4EB1F5-9BBA-4751-9BC6-1639C7E02E0C"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50264","source":"secalert@redhat.com","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485389","source":"secalert@redhat.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/339c279514326134b0878fc23ce6e9520440ce7f","source":"secalert@redhat.com","tags":["Patch"]},{"url":"https://lists.x.org/archives/xorg-announce/2026-June/003702.html","source":"secalert@redhat.com","tags":["Mailing List","Vendor Advisory"]},{"url":"https://redhat.atlassian.net/browse/PSIRTSUPT-16950","source":"secalert@redhat.com","tags":["Permissions Required"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26562","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26566","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26590","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26610","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26709","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:28923","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29844","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36083","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36085","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36086","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36087","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36632","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36633","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36634","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36768","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36791","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36792","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36798","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50264","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485389","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50264.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2025-71315","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T16:16:33.500","lastModified":"2026-07-08T14:42:50.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Convert to DRM's vblank timer\n\nReplace vkms' vblank timer with the DRM implementation. The DRM\ncode is identical in concept, but differs in implementation.\n\nVblank timers are covered in vblank helpers and initializer macros,\nso remove the corresponding hrtimer in struct vkms_output. The\nvblank timer calls vkms' custom timeout code via handle_vblank_timeout\nin struct drm_crtc_helper_funcs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/vkms/vkms_crtc.c","drivers/gpu/drm/vkms/vkms_drv.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3a0709928b172a4123a76078f70e0a706265690c","lessThan":"a0582cc923985c6b72fe871b5f7aa7c682bfc230","versionType":"git","status":"affected"},{"version":"3a0709928b172a4123a76078f70e0a706265690c","lessThan":"02e2681ffe1addde1fc8c35d05657b16bfa79613","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/vkms/vkms_crtc.c","drivers/gpu/drm/vkms/vkms_drv.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.19","status":"affected"},{"version":"0","lessThan":"4.19","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19","versionEndExcluding":"6.18.34","matchCriteriaId":"BDE475CD-6157-49FF-8571-10BDC3180DF3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/02e2681ffe1addde1fc8c35d05657b16bfa79613","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a0582cc923985c6b72fe871b5f7aa7c682bfc230","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46274","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T16:16:40.707","lastModified":"2026-07-08T14:46:03.700","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio-wq: check that the predecessor is hashed in io_wq_remove_pending()\n\nio_wq_remove_pending() needs to fix up wq->hash_tail[] if the cancelled\nwork was the tail of its hash bucket. When doing this, it checks whether\nthe preceding entry in acct->work_list has the same hash value, but\nnever checks that the predecessor is hashed at all. io_get_work_hash()\nis simply atomic_read(&work->flags) >> IO_WQ_HASH_SHIFT, and the hash\nbits are never set for non-hashed work, so it returns 0. Thus, when a\nhashed bucket-0 work is cancelled while a non-hashed work is its list\npredecessor, the check spuriously passes and a pointer to the non-hashed\nio_kiocb is stored in wq->hash_tail[0].\n\nBecause non-hashed work is dequeued via the fast path in\nio_get_next_work(), which never touches hash_tail[], the stale pointer\nis never cleared. Therefore, after the non-hashed io_kiocb completes and\nis freed back to req_cachep, wq->hash_tail[0] is a dangling pointer. The\nio_wq is per-task (tctx->io_wq) and survives ring open/close, so the\ndangling pointer persists for the lifetime of the task; the next hashed\nbucket-0 enqueue dereferences it in io_wq_insert_work() and\nwq_list_add_after() writes through freed memory.\n\nAdd the missing io_wq_is_hashed() check so a non-hashed predecessor\nnever inherits a hash_tail[] slot."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["io_uring/io-wq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"204361a77f4018627addd4a06877448f088ddfc0","lessThan":"d6bda9df0c0a3080804181464d5c0f4d78a4e769","versionType":"git","status":"affected"},{"version":"204361a77f4018627addd4a06877448f088ddfc0","lessThan":"5a20ebf0c81b61f5ea3b1b529c100cad69b9f603","versionType":"git","status":"affected"},{"version":"204361a77f4018627addd4a06877448f088ddfc0","lessThan":"252c5051dba9c709b6a72f2866f93e5e618b3f06","versionType":"git","status":"affected"},{"version":"204361a77f4018627addd4a06877448f088ddfc0","lessThan":"d376c131af7c7739a87ff037ed2fdb67c2542c8a","versionType":"git","status":"affected"},{"version":"204361a77f4018627addd4a06877448f088ddfc0","lessThan":"d6a2d7b04b5a093021a7a0e2e69e9d5237dfa8cc","versionType":"git","status":"affected"},{"version":"13f35a2c0fd5c6a4fcd8903542b053bcc914fcf5","versionType":"git","status":"affected"},{"version":"5.8.6","lessThan":"5.9","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["io_uring/io-wq.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.9","status":"affected"},{"version":"0","lessThan":"5.9","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8.6","versionEndExcluding":"5.9","matchCriteriaId":"D1A2FB6C-A45E-4E1B-8FE3-D0CDD7BE36C3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.9.1","versionEndExcluding":"6.6.141","matchCriteriaId":"971F5EF2-3F57-4AF7-8366-2D4437ABE0FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:-:*:*:*:*:*:*","matchCriteriaId":"F79A2EB6-623E-4749-AEE0-DCB58C4C42F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc3:*:*:*:*:*:*","matchCriteriaId":"A52A4ABE-5C24-4CD4-A348-E303B7F23C71"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc4:*:*:*:*:*:*","matchCriteriaId":"12019CF2-FD8E-4D59-BA4C-7093DF0BB091"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc5:*:*:*:*:*:*","matchCriteriaId":"9B1AB90E-C0C6-4027-B27D-BA214BE33561"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc6:*:*:*:*:*:*","matchCriteriaId":"103FE5BA-7315-4263-9C95-EABEAD7E174F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc7:*:*:*:*:*:*","matchCriteriaId":"47E31D6A-31EC-4F63-9CAE-B7A52B58E149"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.9:rc8:*:*:*:*:*:*","matchCriteriaId":"3497462B-A3DA-47CC-A5DD-C1C2D2E6DFDE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/252c5051dba9c709b6a72f2866f93e5e618b3f06","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5a20ebf0c81b61f5ea3b1b529c100cad69b9f603","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d376c131af7c7739a87ff037ed2fdb67c2542c8a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6a2d7b04b5a093021a7a0e2e69e9d5237dfa8cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6bda9df0c0a3080804181464d5c0f4d78a4e769","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46275","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T16:16:40.863","lastModified":"2026-07-08T14:46:18.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_uart: fix UAFs and race conditions in close and init paths\n\nVulnerabilities leading to Use-After-Free (UAF) and Null Pointer\nDereference (NPD) conditions were observed in the lifecycle management\nof hci_uart.\n\nThe primary issue arises because the workqueues (init_ready and\nwrite_work) are only flushed/cancelled if the HCI_UART_PROTO_READY\nflag is set during TTY close. If a hangup occurs before setup completes,\nhci_uart_tty_close() skips the teardown of these workqueues and\nproceeds to free the `hu` struct. When the scheduled work executes\nlater, it blindly dereferences the freed `hu` struct.\n\nFurthermore, several data races and UAFs were identified in the teardown\nsequence:\n1. Calling hci_uart_flush() from hci_uart_close() without effectively\n   disabling write_work causes a race condition where both can concurrently\n   double-free hu->tx_skb. This happens because protocol timers can\n   concurrently invoke hci_uart_tx_wakeup() and requeue write_work.\n2. Calling hci_free_dev(hdev) before hu->proto->close(hu) causes a UAF\n   when vendor specific protocol close callbacks dereference hu->hdev.\n3. In the initialization error paths, failing to take the proto_lock\n   write lock before clearing PROTO_READY leads to races with active\n   readers. Additionally, hci_uart_tty_receive() accesses hu->hdev\n   outside the read lock, leading to UAFs if the initialization error\n   path frees hdev concurrently.\n\nFix these synchronization and lifecycle issues by:\n1. Re-ordering hci_uart_tty_close() to clear HCI_UART_PROTO_READY first,\n   followed immediately by a cancel_work_sync(&hu->write_work). Clearing\n   the flag locks out concurrent protocol timers from successfully invoking\n   hci_uart_tx_wakeup(), effectively rendering the cancellation permanent\n   and preventing the tx_skb double-free.\n2. Note: Clearing PROTO_READY early causes hci_uart_close() to skip\n   hu->proto->flush(). This is perfectly safe in the tty_close path\n   because hu->proto->close() executes shortly after, which intrinsically\n   purges all protocol SKB queues and tears down the state.\n3. Relocating hu->proto->close(hu) strictly prior to hci_free_dev(hdev)\n   across all close and error paths to prevent vendor-level UAFs.\n4. Moving the hdev->stat.byte_rx increment in hci_uart_tty_receive()\n   inside the proto_lock read-side critical section to safely synchronize\n   with device unregistration.\n5. Adding cancel_work_sync(&hu->write_work) to hci_uart_close() to safely\n   flush the workqueue before hci_uart_flush() is invoked via the HCI core.\n6. Utilizing cancel_work_sync() instead of disable_work_sync() across\n   all paths to prevent permanently breaking user-space retry capabilities."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/bluetooth/hci_ldisc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"78aad93e938f013d9272fe0ee168f27883afa95c","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"e2d19969c8d9198ecc3090bcd5312ecd503a3339","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"c85cff648a2bc92322912db5f1727ad05afae7b6","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"9d20d48be2c4a071fb015eb09bda2cecd25daf34","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"81c7a3c22a0f2808cf4ae0b4908f59763b23606d","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"192cb0f1ca706d9a1bc36ae0ad5f666d1e4fd894","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"7338031946bd06f6dff149e67b60c4cd083bfea8","versionType":"git","status":"affected"},{"version":"3b799254cf6f481460719023d7a18f46651e5e7f","lessThan":"c1bb9336ae6b54a5f6a353c4bd4ed9a4307e429b","versionType":"git","status":"affected"},{"version":"cd27019bc149f20f12ebec943c2b4c775745a5a0","versionType":"git","status":"affected"},{"version":"aea63181b6fcb6b9ccde1ada9ea51be19c4015af","versionType":"git","status":"affected"},{"version":"0d234d1135dcd8876de0576dac68efd0a87eef87","versionType":"git","status":"affected"},{"version":"3fe978892ab46efc2f3830d9abc015eff72caaf9","versionType":"git","status":"affected"},{"version":"0d987e14bebaf0f67ee7dbefaf6165c62cd1d27f","versionType":"git","status":"affected"},{"version":"4.14.203","lessThan":"4.15","versionType":"semver","status":"affected"},{"version":"4.19.153","lessThan":"4.20","versionType":"semver","status":"affected"},{"version":"5.4.73","lessThan":"5.5","versionType":"semver","status":"affected"},{"version":"5.8.17","lessThan":"5.9","versionType":"semver","status":"affected"},{"version":"5.9.2","lessThan":"5.10","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/bluetooth/hci_ldisc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.10","status":"affected"},{"version":"0","lessThan":"5.10","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.203","versionEndExcluding":"4.15","matchCriteriaId":"27A7D190-0093-49D0-BC13-C06D04205CB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.153","versionEndExcluding":"4.20","matchCriteriaId":"F9F8E966-D84B-4A94-8A67-E1B47A05557F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.73","versionEndExcluding":"5.5","matchCriteriaId":"886AB560-B760-44F0-AD89-3F275E4C0F58"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8.17","versionEndExcluding":"5.9","matchCriteriaId":"BEFC3ACE-365D-48E7-9C0A-019C74CC0725"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.9.2","versionEndExcluding":"5.10.258","matchCriteriaId":"38EA52EA-57DE-4180-953C-1512932A936A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/192cb0f1ca706d9a1bc36ae0ad5f666d1e4fd894","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7338031946bd06f6dff149e67b60c4cd083bfea8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/78aad93e938f013d9272fe0ee168f27883afa95c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/81c7a3c22a0f2808cf4ae0b4908f59763b23606d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9d20d48be2c4a071fb015eb09bda2cecd25daf34","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c1bb9336ae6b54a5f6a353c4bd4ed9a4307e429b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c85cff648a2bc92322912db5f1727ad05afae7b6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e2d19969c8d9198ecc3090bcd5312ecd503a3339","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-49975","sourceIdentifier":"security@apache.org","published":"2026-06-08T16:16:44.223","lastModified":"2026-07-09T13:17:24.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests.\n\nThis issue affects Apache HTTP Server: from 2.4.17 through 2.4.67."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache HTTP Server","defaultStatus":"unaffected","versions":[{"version":"2.4.17","lessThanOrEqual":"2.4.67","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss Core Services on RHEL 7 Server","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1::el7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services on RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1::el8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services 2.4.62.SP4","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 2.6","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:2.6::el9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Core Services","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_core_services:1"]},{"vendor":"Red Hat","product":"Red Hat JBoss Web Server 5","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_web_server:5"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-18T10:27:36.270403Z","id":"CVE-2026-49975","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-409"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.17","versionEndExcluding":"2.4.68","matchCriteriaId":"DD819875-456D-45A6-90C9-4EDA544029A4"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"}]}]}],"references":[{"url":"https://httpd.apache.org/security/vulnerabilities_24.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/03/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/06/08/16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2026/06/msg00009.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25042","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25057","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25090","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25225","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27114","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27200","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:27201","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36373","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36831","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36846","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-49975","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2485371","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/EQSTLab/CVE-2026-49975","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-49975.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46276","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.103","lastModified":"2026-07-08T14:55:24.787","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix zero-size GDS range init on RDNA4\n\nRDNA4 (GFX 12) hardware removes the GDS, GWS, and OA on-chip memory\nresources. The gfx_v12_0 initialisation code correctly leaves\nadev->gds.gds_size, adev->gds.gws_size, and adev->gds.oa_size at\nzero to reflect this.\n\namdgpu_ttm_init() unconditionally calls amdgpu_ttm_init_on_chip() for\neach of these resources regardless of size. When the size is zero,\namdgpu_ttm_init_on_chip() forwards the call to ttm_range_man_init(),\nwhich calls drm_mm_init(mm, 0, 0). drm_mm_init() immediately fires\nDRM_MM_BUG_ON(start + size <= start) -- trivially true when size is\nzero -- crashing the kernel during modprobe of amdgpu on an RX 9070 XT.\n\nGuard against this by returning 0 early from\namdgpu_ttm_init_on_chip() when size_in_page is zero. This skips TTM\nresource manager registration for hardware resources that are absent,\nwithout affecting any other GPU type.\n\nDRM_MM_BUG_ON() only asserts if CONFIG_DRM_DEBUG_MM is enabled in\nthe kernel config.  This is apparently rarely enabled as these chips\nhave been in the market for over a year and this issue was only reported\nnow.\n\nOops-Analysis: http://oops.fenrus.org/reports/bugzilla.korg/221376/report.html\n(cherry picked from commit 5719ce5865279cad4fd5f01011fe037168503f2d)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"1f5d33e7b0a9a2a140f46e22fb52eede323c5946","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"9bc925759c05feae7dfa9570e77131d54729c8ea","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"36f9602fb22ede69fcc8b422be0cf8105bf655ad","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"be0376affcafa0bbb371bb501579a825eae32281","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"0e21db1a77967bc15df662efdca8ea8a61d124ea","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"30c000a49094ec568c9b51b7421f7a4a3f0b0298","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"3e26c76891ab99fa173e9c501119fbb5c9f4600f","versionType":"git","status":"affected"},{"version":"c832c346cdf9022872655be621880e0f66f4135d","lessThan":"095a8b0ad3c3b5cdc3850d961adb8a8f735220bb","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.10.258","matchCriteriaId":"719A9C48-4A93-46A1-8B53-2D668FEF05E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/095a8b0ad3c3b5cdc3850d961adb8a8f735220bb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0e21db1a77967bc15df662efdca8ea8a61d124ea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1f5d33e7b0a9a2a140f46e22fb52eede323c5946","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/30c000a49094ec568c9b51b7421f7a4a3f0b0298","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/36f9602fb22ede69fcc8b422be0cf8105bf655ad","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3e26c76891ab99fa173e9c501119fbb5c9f4600f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9bc925759c05feae7dfa9570e77131d54729c8ea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/be0376affcafa0bbb371bb501579a825eae32281","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46277","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.277","lastModified":"2026-07-08T14:58:31.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/zone_device: do not touch device folio after calling ->folio_free()\n\nThe contents of a device folio can immediately change after calling\n->folio_free(), as the folio may be reallocated by a driver with a\ndifferent order.  Instead of touching the folio again to extract the\npgmap, use the local stack variable when calling percpu_ref_put_many()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["mm/memremap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d245f9b4ab806733a77e51a218ca7b8bc3135cd9","lessThan":"85be0a262e39c706edb53c88af8afde2e98222ba","versionType":"git","status":"affected"},{"version":"d245f9b4ab806733a77e51a218ca7b8bc3135cd9","lessThan":"39928984956037cabd304321cb8f342e47421db5","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["mm/memremap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.19","status":"affected"},{"version":"0","lessThan":"6.19","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/39928984956037cabd304321cb8f342e47421db5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/85be0a262e39c706edb53c88af8afde2e98222ba","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46278","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.390","lastModified":"2026-07-08T14:59:16.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/imagination: Fix segfault when updating ftrace mask\n\nFix invalid data access by passing right data for debugfs entry.\n\n[  171.549793] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[  171.559248] Mem abort info:\n[  171.562173]   ESR = 0x0000000096000044\n[  171.566227]   EC = 0x25: DABT (current EL), IL = 32 bits\n[  171.573108]   SET = 0, FnV = 0\n[  171.576448]   EA = 0, S1PTW = 0\n[  171.579745]   FSC = 0x04: level 0 translation fault\n[  171.584760] Data abort info:\n[  171.588012]   ISV = 0, ISS = 0x00000044, ISS2 = 0x00000000\n[  171.593734]   CM = 0, WnR = 1, TnD = 0, TagAccess = 0\n[  171.598962]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[  171.604471] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000083837000\n[  171.611358] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n[  171.618500] Internal error: Oops: 0000000096000044 [#1]  SMP\n[  171.624222] Modules linked in: powervr drm_shmem_helper drm_gpuvm...\n[  171.656580] CPU: 0 UID: 0 PID: 549 Comm: bash Not tainted 7.0.0-rc2-g730b257ba723-dirty #13 PREEMPT\n[  171.665773] Hardware name: BeagleBoard.org BeaglePlay (DT)\n[  171.671296] pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[  171.678306] pc : pvr_fw_trace_mask_set+0x78/0x154 [powervr]\n[  171.683959] lr : pvr_fw_trace_mask_set+0x4c/0x154 [powervr]\n[  171.689593] sp : ffff8000835ebb90\n[  171.692929] x29: ffff8000835ebc00 x28: ffff000005c60f80 x27: 0000000000000000\n[  171.700130] x26: 0000000000000000 x25: ffff00000504af28 x24: 0000000000000000\n[  171.707324] x23: ffff00000504af50 x22: 0000000000000203 x21: 0000000000000000\n[  171.714518] x20: ffff000005c44a80 x19: ffff000005c457b8 x18: 0000000000000000\n[  171.721715] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaae8887580\n[  171.728908] x14: 0000000000000000 x13: 0000000000000000 x12: ffff8000835ebc30\n[  171.736095] x11: ffff00000504af2a x10: ffff00008504af29 x9 : 0fffffffffffffff\n[  171.743286] x8 : ffff8000835ebbf8 x7 : 0000000000000000 x6 : 000000000000002a\n[  171.750479] x5 : ffff00000504af2e x4 : 0000000000000000 x3 : 0000000000000010\n[  171.757674] x2 : 0000000000000203 x1 : 0000000000000000 x0 : ffff8000835ebba0\n[  171.764871] Call trace:\n[  171.767342]  pvr_fw_trace_mask_set+0x78/0x154 [powervr] (P)\n[  171.772984]  simple_attr_write_xsigned.isra.0+0xe0/0x19c\n[  171.778341]  simple_attr_write+0x18/0x24\n[  171.782296]  debugfs_attr_write+0x50/0x98\n[  171.786341]  full_proxy_write+0x6c/0xa8\n[  171.790208]  vfs_write+0xd4/0x350\n[  171.793561]  ksys_write+0x70/0x108\n[  171.796995]  __arm64_sys_write+0x1c/0x28\n[  171.800952]  invoke_syscall+0x48/0x10c\n[  171.804740]  el0_svc_common.constprop.0+0x40/0xe0\n[  171.809487]  do_el0_svc+0x1c/0x28\n[  171.812834]  el0_svc+0x34/0x108\n[  171.816013]  el0t_64_sync_handler+0xa0/0xe4\n[  171.820237]  el0t_64_sync+0x198/0x19c\n[  171.823939] Code: 32000262 b90ac293 1a931056 9134e293 (b9000036)\n[  171.830073] ---[ end trace 0000000000000000 ]---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/imagination/pvr_fw_trace.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a331631496a0af9a6f4e7e1860983afd8b1bb013","lessThan":"ba422758981b61585c7da6429f50ef1c58d326f7","versionType":"git","status":"affected"},{"version":"a331631496a0af9a6f4e7e1860983afd8b1bb013","lessThan":"5dfd429591f8d7185bf63a08b5c30863fb605611","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/imagination/pvr_fw_trace.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7.0","status":"affected"},{"version":"0","lessThan":"7.0","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.0.4","matchCriteriaId":"37C6A06A-578A-467F-8EE4-E50B9A46C871"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5dfd429591f8d7185bf63a08b5c30863fb605611","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ba422758981b61585c7da6429f50ef1c58d326f7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46279","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.530","lastModified":"2026-07-08T14:59:41.053","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/alloc_tag: clear codetag for pages allocated before page_ext initialization\n\nDue to initialization ordering, page_ext is allocated and initialized\nrelatively late during boot.  Some pages have already been allocated and\nfreed before page_ext becomes available, leaving their codetag\nuninitialized.\n\nA clear example is in init_section_page_ext(): alloc_page_ext() calls\nkmemleak_alloc().  If the slab cache has no free objects, it falls back to\nthe buddy allocator to allocate memory.  However, at this point page_ext\nis not yet fully initialized, so these newly allocated pages have no\ncodetag set.  These pages may later be reclaimed by KASAN, which causes\nthe warning to trigger when they are freed because their codetag ref is\nstill empty.\n\nUse a global array to track pages allocated before page_ext is fully\ninitialized.  The array size is fixed at 8192 entries, and will emit a\nwarning if this limit is exceeded.  When page_ext initialization\ncompletes, set their codetag to empty to avoid warnings when they are\nfreed later.\n\nThis warning is only observed with CONFIG_MEM_ALLOC_PROFILING_DEBUG=Y and\nmem_profiling_compressed disabled:\n\n[    9.582133] ------------[ cut here ]------------\n[    9.582137] alloc_tag was not set\n[    9.582139] WARNING: ./include/linux/alloc_tag.h:164 at __pgalloc_tag_sub+0x40f/0x550, CPU#5: systemd/1\n[    9.582190] CPU: 5 UID: 0 PID: 1 Comm: systemd Not tainted 7.0.0-rc4 #1 PREEMPT(lazy)\n[    9.582192] Hardware name: Red Hat KVM, BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[    9.582194] RIP: 0010:__pgalloc_tag_sub+0x40f/0x550\n[    9.582196] Code: 00 00 4c 29 e5 48 8b 05 1f 88 56 05 48 8d 4c ad 00 48 8d 2c c8 e9 87 fd ff ff 0f 0b 0f 0b e9 f3 fe ff ff 48 8d 3d 61 2f ed 03 <67> 48 0f b9 3a e9 b3 fd ff ff 0f 0b eb e4 e8 5e cd 14 02 4c 89 c7\n[    9.582197] RSP: 0018:ffffc9000001f940 EFLAGS: 00010246\n[    9.582200] RAX: dffffc0000000000 RBX: 1ffff92000003f2b RCX: 1ffff110200d806c\n[    9.582201] RDX: ffff8881006c0360 RSI: 0000000000000004 RDI: ffffffff9bc7b460\n[    9.582202] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff3a62324\n[    9.582203] R10: ffffffff9d311923 R11: 0000000000000000 R12: ffffea0004001b00\n[    9.582204] R13: 0000000000002000 R14: ffffea0000000000 R15: ffff8881006c0360\n[    9.582206] FS:  00007ffbbcf2d940(0000) GS:ffff888450479000(0000) knlGS:0000000000000000\n[    9.582208] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[    9.582210] CR2: 000055ee3aa260d0 CR3: 0000000148b67005 CR4: 0000000000770ef0\n[    9.582211] PKRU: 55555554\n[    9.582212] Call Trace:\n[    9.582213]  <TASK>\n[    9.582214]  ? __pfx___pgalloc_tag_sub+0x10/0x10\n[    9.582216]  ? check_bytes_and_report+0x68/0x140\n[    9.582219]  __free_frozen_pages+0x2e4/0x1150\n[    9.582221]  ? __free_slab+0xc2/0x2b0\n[    9.582224]  qlist_free_all+0x4c/0xf0\n[    9.582227]  kasan_quarantine_reduce+0x15d/0x180\n[    9.582229]  __kasan_slab_alloc+0x69/0x90\n[    9.582232]  kmem_cache_alloc_noprof+0x14a/0x500\n[    9.582234]  do_getname+0x96/0x310\n[    9.582237]  do_readlinkat+0x91/0x2f0\n[    9.582239]  ? __pfx_do_readlinkat+0x10/0x10\n[    9.582240]  ? get_random_bytes_user+0x1df/0x2c0\n[    9.582244]  __x64_sys_readlinkat+0x96/0x100\n[    9.582246]  do_syscall_64+0xce/0x650\n[    9.582250]  ? __x64_sys_getrandom+0x13a/0x1e0\n[    9.582252]  ? __pfx___x64_sys_getrandom+0x10/0x10\n[    9.582254]  ? do_syscall_64+0x114/0x650\n[    9.582255]  ? ksys_read+0xfc/0x1d0\n[    9.582258]  ? __pfx_ksys_read+0x10/0x10\n[    9.582260]  ? do_syscall_64+0x114/0x650\n[    9.582262]  ? do_syscall_64+0x114/0x650\n[    9.582264]  ? __pfx_fput_close_sync+0x10/0x10\n[    9.582266]  ? file_close_fd_locked+0x178/0x2a0\n[    9.582268]  ? __x64_sys_faccessat2+0x96/0x100\n[    9.582269]  ? __x64_sys_close+0x7d/0xd0\n[    9.582271]  ? do_syscall_64+0x114/0x650\n[    9.582273]  ? do_syscall_64+0x114/0x650\n[    9.582275]  ? clear_bhb_loop+0x50/0xa0\n[    9.582277]  ? clear_bhb_l\n---truncated---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["include/linux/alloc_tag.h","include/linux/pgalloc_tag.h","lib/alloc_tag.c","mm/page_alloc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"dcfe378c81f72f146890ce1dcfdcc742d3b66924","lessThan":"d5b495ba9de0423ef39f8bd86729a885870c7efe","versionType":"git","status":"affected"},{"version":"dcfe378c81f72f146890ce1dcfdcc742d3b66924","lessThan":"b49dfabc38cad5e50af24f63edd124a10de3ebb6","versionType":"git","status":"affected"},{"version":"dcfe378c81f72f146890ce1dcfdcc742d3b66924","lessThan":"6b1842775a460245e97d36d3a67d0cfba7c4ff79","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["include/linux/alloc_tag.h","include/linux/pgalloc_tag.h","lib/alloc_tag.c","mm/page_alloc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.10","status":"affected"},{"version":"0","lessThan":"6.10","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.18.27","matchCriteriaId":"FAA9520C-4C1E-4B89-8A00-A5CB96EE5740"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6b1842775a460245e97d36d3a67d0cfba7c4ff79","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b49dfabc38cad5e50af24f63edd124a10de3ebb6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d5b495ba9de0423ef39f8bd86729a885870c7efe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46280","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.683","lastModified":"2026-07-08T15:01:43.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nlib: test_hmm: evict device pages on file close to avoid use-after-free\n\nPatch series \"Minor hmm_test fixes and cleanups\".\n\nTwo bugfixes a cleanup for the HMM kernel selftests.  These were mostly\nreported by Zenghui Yu with special thanks to Lorenzo for analysing and\npointing out the problems.\n\n\nThis patch (of 3):\n\nWhen dmirror_fops_release() is called it frees the dmirror struct but\ndoesn't migrate device private pages back to system memory first.  This\nleaves those pages with a dangling zone_device_data pointer to the freed\ndmirror.\n\nIf a subsequent fault occurs on those pages (eg.  during coredump) the\ndmirror_devmem_fault() callback dereferences the stale pointer causing a\nkernel panic.  This was reported [1] when running mm/ksft_hmm.sh on arm64,\nwhere a test failure triggered SIGABRT and the resulting coredump walked\nthe VMAs faulting in the stale device private pages.\n\nFix this by calling dmirror_device_evict_chunk() for each devmem chunk in\ndmirror_fops_release() to migrate all device private pages back to system\nmemory before freeing the dmirror struct.  The function is moved earlier\nin the file to avoid a forward declaration."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["lib/test_hmm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"234071b4318feaeb27cd2e4e1b16ef6b055adf89","versionType":"git","status":"affected"},{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"bf477abd448c76bb8ea51c9b4f63a3a17c4b6239","versionType":"git","status":"affected"},{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"5846715b6382dd4c6a69b35a56ca6115d33bc2a0","versionType":"git","status":"affected"},{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"38f113f81d3f0adc658a4475dd3ecaec985e21d3","versionType":"git","status":"affected"},{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"9de1eb0aac2862d6144b8db0ec1388e79f8bc3e1","versionType":"git","status":"affected"},{"version":"b2ef9f5a5cb37643ca5def3516c546457074b882","lessThan":"744dd97752ef1076a8d8672bb0d8aa2c7abc1144","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["lib/test_hmm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.8","status":"affected"},{"version":"0","lessThan":"5.8","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"6.1.176","matchCriteriaId":"3119E417-9FF5-4E06-9321-6696E979BECA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/234071b4318feaeb27cd2e4e1b16ef6b055adf89","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/38f113f81d3f0adc658a4475dd3ecaec985e21d3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5846715b6382dd4c6a69b35a56ca6115d33bc2a0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/744dd97752ef1076a8d8672bb0d8aa2c7abc1144","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9de1eb0aac2862d6144b8db0ec1388e79f8bc3e1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bf477abd448c76bb8ea51c9b4f63a3a17c4b6239","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46281","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.817","lastModified":"2026-07-08T15:20:22.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvmalloc: fix buffer overflow in vrealloc_node_align()\n\nCommit 4c5d3365882d (\"mm/vmalloc: allow to set node and align in\nvrealloc\") added the ability to force a new allocation if the current\npointer is on the wrong NUMA node, or if an alignment constraint is not\nmet, even if the user is shrinking the allocation.\n\nOn this path (need_realloc), the code allocates a new object of 'size'\nbytes and then memcpy()s 'old_size' bytes into it.  If the request is to\nshrink the object (size < old_size), this results in an out-of-bounds\nwrite on the new buffer.\n\nFix this by bounding the copy length by the new allocation size."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["mm/vmalloc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4c5d3365882dbbc0784688784904f440d7a4c0f1","lessThan":"e9b057a44deff4c59c13f44672a5cc74dcd57522","versionType":"git","status":"affected"},{"version":"4c5d3365882dbbc0784688784904f440d7a4c0f1","lessThan":"b281adf71f786c325eb6d6d1582d4d05313438a8","versionType":"git","status":"affected"},{"version":"4c5d3365882dbbc0784688784904f440d7a4c0f1","lessThan":"82d1f01292d3f09bf063f829f8ab8de12b4280a1","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["mm/vmalloc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.27","matchCriteriaId":"1A10DA86-4154-4102-9D63-807CF10A4352"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/82d1f01292d3f09bf063f829f8ab8de12b4280a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b281adf71f786c325eb6d6d1582d4d05313438a8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e9b057a44deff4c59c13f44672a5cc74dcd57522","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46282","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:45.940","lastModified":"2026-07-08T15:12:16.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: frequency: admv1013: fix NULL pointer dereference on str\n\nWhen device_property_read_string() fails, str is left uninitialized\nbut the code falls through to strcmp(str, ...), dereferencing a garbage\npointer. Replace manual read/strcmp with\ndevice_property_match_property_string() and consolidate the SE mode\nenums into a single sequential enum, mapping to hardware register\nvalues via a switch consistent with other bitfields in the driver.\n\nSeveral cleanup patches have been applied to this driver recently so\nthis will need a manual backport."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/iio/frequency/admv1013.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"da35a7b526d9b258a2cb8b7816f736a41b32176b","lessThan":"3a9d8ec2051c2d80158ed7bded5e158c42870037","versionType":"git","status":"affected"},{"version":"da35a7b526d9b258a2cb8b7816f736a41b32176b","lessThan":"5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac","versionType":"git","status":"affected"},{"version":"da35a7b526d9b258a2cb8b7816f736a41b32176b","lessThan":"2dc8d26690bf4e7226409563221c37bc095c94ff","versionType":"git","status":"affected"},{"version":"da35a7b526d9b258a2cb8b7816f736a41b32176b","lessThan":"aac0a51b16700b403a55b67ba495de021db78763","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/iio/frequency/admv1013.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.12.86","matchCriteriaId":"E9F33D27-F3AA-49EF-8A71-D0AA86C50602"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2dc8d26690bf4e7226409563221c37bc095c94ff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3a9d8ec2051c2d80158ed7bded5e158c42870037","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5e9f1bad26df3d3afb3cbbfa408b6d6e809708ac","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aac0a51b16700b403a55b67ba495de021db78763","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46283","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.063","lastModified":"2026-07-08T15:11:08.700","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntpm: Use kfree_sensitive() to free auth session in tpm_dev_release()\n\ntpm_dev_release() uses plain kfree() to free chip->auth, which contains\nsensitive cryptographic material including HMAC session keys, nonces,\nand passphrase data (struct tpm2_auth).\n\nEvery other code path that frees this structure uses kfree_sensitive()\nto zero the memory before releasing it: both tpm2_end_auth_session()\nand tpm_buf_check_hmac_response() do so. The tpm_dev_release() path\nis the only one that does not, leaving key material in freed slab\nmemory until it is eventually overwritten.\n\nUse kfree_sensitive() for consistency with the rest of the driver and\nto ensure session keys are scrubbed during device teardown."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/char/tpm/tpm-chip.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"699e3efd6c645c741ea4d6d58282c56b6d108cf7","lessThan":"dd3ac52ea7a001406c7dbc663aae4b9f89da679a","versionType":"git","status":"affected"},{"version":"699e3efd6c645c741ea4d6d58282c56b6d108cf7","lessThan":"53e6d2d834df40960b655b353e7a8ff4d927e1c7","versionType":"git","status":"affected"},{"version":"699e3efd6c645c741ea4d6d58282c56b6d108cf7","lessThan":"84ced03172da544c9f8c0862faad48104f519352","versionType":"git","status":"affected"},{"version":"699e3efd6c645c741ea4d6d58282c56b6d108cf7","lessThan":"c424d2664f08c77f08b4580b5f0cbaabf7c229b2","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/char/tpm/tpm-chip.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.10","status":"affected"},{"version":"0","lessThan":"6.10","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.12.86","matchCriteriaId":"DE217E72-2117-418C-97F0-213685E36DC0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/53e6d2d834df40960b655b353e7a8ff4d927e1c7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/84ced03172da544c9f8c0862faad48104f519352","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c424d2664f08c77f08b4580b5f0cbaabf7c229b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dd3ac52ea7a001406c7dbc663aae4b9f89da679a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46284","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.193","lastModified":"2026-07-08T21:23:40.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/hugetlb: fix early boot crash on parameters without '=' separator\n\nIf hugepages, hugepagesz, or default_hugepagesz are specified on the\nkernel command line without the '=' separator, early parameter parsing\npasses NULL to hugetlb_add_param(), which dereferences it in strlen() and\ncan crash the system during early boot.\n\nReject NULL values in hugetlb_add_param() and return -EINVAL instead."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["mm/hugetlb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5b47c02967ab770aa7661c8863a21b2fd59e35ff","lessThan":"2774bcf714739cc6bb86f8812167bb9fbda70f6a","versionType":"git","status":"affected"},{"version":"5b47c02967ab770aa7661c8863a21b2fd59e35ff","lessThan":"357c6d084b6137ae640209c5bfd01180f985c015","versionType":"git","status":"affected"},{"version":"5b47c02967ab770aa7661c8863a21b2fd59e35ff","lessThan":"c45b354911d01565156e38d7f6bc07edb51fc34c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["mm/hugetlb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.15","status":"affected"},{"version":"0","lessThan":"6.15","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15","versionEndExcluding":"6.18.27","matchCriteriaId":"76E31C9E-B52E-4B89-BAA5-71C2BF01ABC3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2774bcf714739cc6bb86f8812167bb9fbda70f6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/357c6d084b6137ae640209c5bfd01180f985c015","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c45b354911d01565156e38d7f6bc07edb51fc34c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46285","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.347","lastModified":"2026-07-08T21:29:35.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: docg3: fix use-after-free in docg3_release()\n\nIn docg3_release(), the docg3 pointer is obtained from\ncascade->floors[0]->priv before the loop that calls\ndoc_release_device() on each floor. doc_release_device() frees the\ndocg3 struct via kfree(docg3) at line 1881. After the loop,\ndocg3->cascade->bch dereferences the already-freed pointer.\n\nFix this by accessing cascade->bch directly, which is equivalent\nsince docg3->cascade points back to the same cascade struct, and\nis already available as a local variable. This also removes the\nnow-unused docg3 local variable."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/mtd/devices/docg3.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"8408655ec8344511667b61d8257dc59c80ee3391","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"f5d2ed4ed47d3906e2495a3537a48b127f497a17","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"2bf706fe7831b319f23a85b9728f961cfed40c3e","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"d26f8c361f751c188b7ebaf8189aa0258968fd98","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"16f6588a3b7a2a20d10ad9b766be74c60ba347cc","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"d89044889ecd11b0c2f86663597246e9bdd25679","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"d49628d63d4e6bbc8a1621afb88e5fc901611bee","versionType":"git","status":"affected"},{"version":"c8ae3f744ddca0da164bcacee42d1d4b6fe7027d","lessThan":"ca19808bc6fac7e29420d8508df569b346b3e339","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/mtd/devices/docg3.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.8","status":"affected"},{"version":"0","lessThan":"5.8","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8","versionEndExcluding":"5.10.258","matchCriteriaId":"40E51E64-6FFB-47A5-B645-DC521C2C3E90"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/16f6588a3b7a2a20d10ad9b766be74c60ba347cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2bf706fe7831b319f23a85b9728f961cfed40c3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8408655ec8344511667b61d8257dc59c80ee3391","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ca19808bc6fac7e29420d8508df569b346b3e339","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d26f8c361f751c188b7ebaf8189aa0258968fd98","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d49628d63d4e6bbc8a1621afb88e5fc901611bee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d89044889ecd11b0c2f86663597246e9bdd25679","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f5d2ed4ed47d3906e2495a3537a48b127f497a17","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46286","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.627","lastModified":"2026-07-08T19:04:29.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nleds: qcom-lpg: Check for array overflow when selecting the high resolution\n\nWhen selecting the high resolution values from the array, FIELD_GET() is\nused to pull from a 3 bit register, yet the array being indexed has only\n5 values in it.  Odds are the hardware is sane, but just to be safe,\nproperly check before just overflowing and reading random data and then\nsetting up chip values based on that."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/leds/rgb/leds-qcom-lpg.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"b00d2ed37617b5f2f091c98acf542fbedefcbf9b","lessThan":"28a2e047d03721e0517c67ee726eaa6621c30e5f","versionType":"git","status":"affected"},{"version":"b00d2ed37617b5f2f091c98acf542fbedefcbf9b","lessThan":"36ce3094dc50598f38fd961b46688cd533940efc","versionType":"git","status":"affected"},{"version":"b00d2ed37617b5f2f091c98acf542fbedefcbf9b","lessThan":"438e357b3cc6cd6900df271e4bc567bfe1142281","versionType":"git","status":"affected"},{"version":"b00d2ed37617b5f2f091c98acf542fbedefcbf9b","lessThan":"f67a24e75d3251ba42538738120b6b659c0dca7d","versionType":"git","status":"affected"},{"version":"b00d2ed37617b5f2f091c98acf542fbedefcbf9b","lessThan":"d45963a93c1495e9f1338fde91d0ebba8fd22474","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/leds/rgb/leds-qcom-lpg.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.4","status":"affected"},{"version":"0","lessThan":"6.4","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4","versionEndExcluding":"6.6.140","matchCriteriaId":"FA2B001B-CDB2-4EF3-8FCE-74CFF813CACD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/28a2e047d03721e0517c67ee726eaa6621c30e5f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/36ce3094dc50598f38fd961b46688cd533940efc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/438e357b3cc6cd6900df271e4bc567bfe1142281","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d45963a93c1495e9f1338fde91d0ebba8fd22474","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f67a24e75d3251ba42538738120b6b659c0dca7d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46287","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.770","lastModified":"2026-07-08T19:04:32.100","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: txgbe: fix RTNL assertion warning when remove module\n\nFor the copper NIC with external PHY, the driver called\nphylink_connect_phy() during probe and phylink_disconnect_phy() during\nremove. It caused an RTNL assertion warning in phylink_disconnect_phy()\nupon module remove.\n\nTo fix this, add rtnl_lock() and rtnl_unlock() around the\nphylink_disconnect_phy() in remove function.\n\n ------------[ cut here ]------------\n RTNL: assertion failed at drivers/net/phy/phylink.c (2351)\n WARNING: drivers/net/phy/phylink.c:2351 at\nphylink_disconnect_phy+0xd8/0xf0 [phylink], CPU#0: rmmod/4464\n Modules linked in: ...\n CPU: 0 UID: 0 PID: 4464 Comm: rmmod Kdump: loaded Not tainted 7.0.0-rc4+\n Hardware name: Micro-Star International Co., Ltd. MS-7E16/X670E GAMING\nPLUS WIFI (MS-7E16), BIOS 1.90 12/31/2024\n RIP: 0010:phylink_disconnect_phy+0xe4/0xf0 [phylink]\n Code: 5b 41 5c 41 5d 41 5e 41 5f 5d 31 c0 31 d2 31 f6 31 ff e9 3a 38 8f e7\n48 8d 3d 48 87 e2 ff ba 2f 09 00 00 48 c7 c6 c1 22 24 c0 <67> 48 0f b9 3a\ne9 34 ff ff ff 66 90 90 90 90 90 90 90 90 90 90 90\n RSP: 0018:ffffce7288363ac0 EFLAGS: 00010246\n RAX: 0000000000000000 RBX: ffff89654b2a1a00 RCX: 0000000000000000\n RDX: 000000000000092f RSI: ffffffffc02422c1 RDI: ffffffffc0239020\n RBP: ffffce7288363ae8 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000000 R12: ffff8964c4022000\n R13: ffff89654fce3028 R14: ffff89654ebb4000 R15: ffffffffc0226348\n FS:  0000795e80d93780(0000) GS:ffff896c52857000(0000)\nknlGS:0000000000000000\n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00005b528b592000 CR3: 0000000170d0f000 CR4: 0000000000f50ef0\n PKRU: 55555554\n Call Trace:\n  <TASK>\n  txgbe_remove_phy+0xbb/0xd0 [txgbe]\n  txgbe_remove+0x4c/0xb0 [txgbe]\n  pci_device_remove+0x41/0xb0\n  device_remove+0x43/0x80\n  device_release_driver_internal+0x206/0x270\n  driver_detach+0x4a/0xa0\n  bus_remove_driver+0x83/0x120\n  driver_unregister+0x2f/0x60\n  pci_unregister_driver+0x40/0x90\n  txgbe_driver_exit+0x10/0x850 [txgbe]\n  __do_sys_delete_module.isra.0+0x1c3/0x2f0\n  __x64_sys_delete_module+0x12/0x20\n  x64_sys_call+0x20c3/0x2390\n  do_syscall_64+0x11c/0x1500\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? do_syscall_64+0x15a/0x1500\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? do_fault+0x312/0x580\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? __handle_mm_fault+0x9d5/0x1040\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? count_memcg_events+0x101/0x1d0\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? handle_mm_fault+0x1e8/0x2f0\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? do_user_addr_fault+0x2f8/0x820\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? irqentry_exit+0xb2/0x600\n  ? srso_alias_return_thunk+0x5/0xfbef5\n  ? exc_page_fault+0x92/0x1c0\n  entry_SYSCALL_64_after_hwframe+0x76/0x7e"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"02b2a6f91b9042552bc3aa728622bda97e3916fa","lessThan":"0305e7118451c7c363c18f8113b0d8e0077ffa4c","versionType":"git","status":"affected"},{"version":"02b2a6f91b9042552bc3aa728622bda97e3916fa","lessThan":"3e223a7fd41ce6fffdb10577df9350385262bf33","versionType":"git","status":"affected"},{"version":"02b2a6f91b9042552bc3aa728622bda97e3916fa","lessThan":"d29cafc7e4ee9e28a150ba17e9a565ec5d881fbc","versionType":"git","status":"affected"},{"version":"02b2a6f91b9042552bc3aa728622bda97e3916fa","lessThan":"6c5ec52c68a6a442c8a159615ae092512562318a","versionType":"git","status":"affected"},{"version":"02b2a6f91b9042552bc3aa728622bda97e3916fa","lessThan":"e159f05e12cc1111a3103b99375ddf0dfd0e7d63","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ethernet/wangxun/txgbe/txgbe_phy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.6","status":"affected"},{"version":"0","lessThan":"6.6","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.140","matchCriteriaId":"C002EFE2-D23C-430B-ACB7-0A4317429511"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0305e7118451c7c363c18f8113b0d8e0077ffa4c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3e223a7fd41ce6fffdb10577df9350385262bf33","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6c5ec52c68a6a442c8a159615ae092512562318a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d29cafc7e4ee9e28a150ba17e9a565ec5d881fbc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e159f05e12cc1111a3103b99375ddf0dfd0e7d63","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46288","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:46.957","lastModified":"2026-07-08T19:04:34.857","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nof: unittest: fix use-after-free in of_unittest_changeset()\n\nThe variable 'parent' is assigned the value of 'nchangeset' earlier in the\nfunction, meaning both point to the same struct device_node. The call to\nof_node_put(nchangeset) can decrement the reference count to zero and\nfree the node if there are no other holders. After that, the code still\nuses 'parent' to check for the presence of a property and to read a\nstring property, leading to a use-after-free.\n\nFix this by moving the of_node_put() call after the last access to\n'parent', avoiding the UAF."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/of/unittest.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1c668ea65506e67ce2eae07b69bb09fcdd86e309","lessThan":"37318d1a27c9cc5a70d3cd7e49e30ec86f2b8ca1","versionType":"git","status":"affected"},{"version":"1c668ea65506e67ce2eae07b69bb09fcdd86e309","lessThan":"7f0f0926f3010b10cff5e93446258f971e42f2fd","versionType":"git","status":"affected"},{"version":"1c668ea65506e67ce2eae07b69bb09fcdd86e309","lessThan":"6fdad20b7975bdc32e85b45f8f7c640f6687b81f","versionType":"git","status":"affected"},{"version":"1c668ea65506e67ce2eae07b69bb09fcdd86e309","lessThan":"faecdd423c27f0d6090156a435ba9dbbac0eaddb","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/of/unittest.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.86","matchCriteriaId":"A868CB0E-7563-461B-9681-F1CE80B353EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/37318d1a27c9cc5a70d3cd7e49e30ec86f2b8ca1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6fdad20b7975bdc32e85b45f8f7c640f6687b81f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7f0f0926f3010b10cff5e93446258f971e42f2fd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/faecdd423c27f0d6090156a435ba9dbbac0eaddb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46289","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.097","lastModified":"2026-07-08T19:04:37.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nlib/scatterlist: fix length calculations in extract_kvec_to_sg\n\nPatch series \"Fix bugs in extract_iter_to_sg()\", v3.\n\nFix bugs in the kvec and user variants of extract_iter_to_sg.  This series\nis growing due to useful remarks made by sashiko.dev.\n\nThe main bugs are:\n- The length for an sglist entry when extracting from\n  a kvec can exceed the number of bytes in the page. This\n  is obviously not intended.\n- When extracting a user buffer the sglist is temporarily\n  used as a scratch buffer for extracted page pointers.\n  If the sglist already contains some elements this scratch\n  buffer could overlap with existing entries in the sglist.\n\nThe series adds test cases to the kunit_iov_iter test that demonstrate all\nof these bugs.  Additionally, there is a memory leak fix for the test\nitself.\n\nThe bugs were orignally introduced into kernel v6.3 where the function\nlived in fs/netfs/iterator.c.  It was later moved to lib/scatterlist.c in\nv6.5.  Thus the actual fix is only marked for backports to v6.5+.\n\n\nThis patch (of 5):\n\nWhen extracting from a kvec to a scatterlist, do not cross page\nboundaries.  The required length was already calculated but not used as\nintended.\n\nAdjust the copied length if the loop runs out of sglist entries without\nextracting everything.\n\nWhile there, return immediately from extract_iter_to_sg if there are no\nsglist entries at all.\n\nA subsequent commit will add kunit test cases that demonstrate that the\npatch is necessary."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["lib/scatterlist.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"0185846975339a5c348373aa450a977f5242366b","lessThan":"3f17500e86d730c76db638bb3ae52f9b5e496c76","versionType":"git","status":"affected"},{"version":"0185846975339a5c348373aa450a977f5242366b","lessThan":"e5e22fc9963469e678c4f4bb38d26adcec107f1e","versionType":"git","status":"affected"},{"version":"0185846975339a5c348373aa450a977f5242366b","lessThan":"8fbba6829057979149d1b37d65690c037f3ddf4d","versionType":"git","status":"affected"},{"version":"0185846975339a5c348373aa450a977f5242366b","lessThan":"9d38756d0a93b66163554219fa9c3365f40c4035","versionType":"git","status":"affected"},{"version":"0185846975339a5c348373aa450a977f5242366b","lessThan":"07b7d66e65d9cfe6b9c2c34aa22cfcaac37a5c45","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["lib/scatterlist.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.3","status":"affected"},{"version":"0","lessThan":"6.3","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.3","versionEndExcluding":"6.6.140","matchCriteriaId":"AE397E0D-B39E-43DA-B546-2C72385DF22F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/07b7d66e65d9cfe6b9c2c34aa22cfcaac37a5c45","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3f17500e86d730c76db638bb3ae52f9b5e496c76","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8fbba6829057979149d1b37d65690c037f3ddf4d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9d38756d0a93b66163554219fa9c3365f40c4035","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e5e22fc9963469e678c4f4bb38d26adcec107f1e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46290","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.230","lastModified":"2026-07-08T19:04:41.287","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nx86/efi: Fix graceful fault handling after FPU softirq changes\n\nSince commit d02198550423 (\"x86/fpu: Improve crypto performance by\nmaking kernel-mode FPU reliably usable in softirqs\"), kernel_fpu_begin()\ncalls fpregs_lock() which uses local_bh_disable() instead of the\nprevious preempt_disable(). This sets SOFTIRQ_OFFSET in preempt_count\nduring the entire EFI runtime service call, causing in_interrupt() to\nreturn true in normal task context.\n\nThe graceful page fault handler efi_crash_gracefully_on_page_fault()\nuses in_interrupt() to bail out for faults in real interrupt context.\nWith SOFTIRQ_OFFSET now set, the handler always bails out, leaving EFI\nfirmware page faults unhandled. This escalates to die() which also sees\nin_interrupt() as true and calls panic(\"Fatal exception in interrupt\"),\nresulting in a hard system freeze. On systems with buggy firmware that\ntriggers page faults during EFI runtime calls (e.g., accessing unmapped\nmemory in GetTime()), this causes an unrecoverable hang instead of the\nexpected graceful EFI_ABORTED recovery.\n\nFix by replacing in_interrupt() with !in_task(). This preserves the\noriginal intent of bailing for interrupts or NMI faults, while no longer\nfalsely triggering from the FPU code path's local_bh_disable().\n\n[ardb: Sashiko spotted that using 'in_hardirq() || in_nmi()' leaves a\n       window where a softirq may be taken before fpregs_lock() is\n       called, but after efi_rts_work.efi_rts_id has been assigned,\n       and any page faults occurring in that window will then be\n       misidentified as having been caused by the firmware. Instead,\n       use !in_task(), which incorporates in_serving_softirq(). ]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["arch/x86/platform/efi/quirks.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d02198550423a0b695e7a24ec77153209ad45b09","lessThan":"22b365ba1af3d8c6036b8e5112fffe80998b85a0","versionType":"git","status":"affected"},{"version":"d02198550423a0b695e7a24ec77153209ad45b09","lessThan":"db155b86d1523e85941f61efd7d7ffb594cc9a29","versionType":"git","status":"affected"},{"version":"d02198550423a0b695e7a24ec77153209ad45b09","lessThan":"088f65e206087bf903743bd18417261d7a4c9644","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["arch/x86/platform/efi/quirks.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.15","status":"affected"},{"version":"0","lessThan":"6.15","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15","versionEndExcluding":"6.18.30","matchCriteriaId":"7A99D29F-3622-4F26-9E29-80DF70FFF2B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/088f65e206087bf903743bd18417261d7a4c9644","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/22b365ba1af3d8c6036b8e5112fffe80998b85a0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/db155b86d1523e85941f61efd7d7ffb594cc9a29","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46291","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.357","lastModified":"2026-07-08T15:21:30.257","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: caam - guard HMAC key hex dumps in hash_digest_key\n\nUse print_hex_dump_devel() for dumping sensitive HMAC key bytes in\nhash_digest_key() to avoid leaking secrets at runtime when\nCONFIG_DYNAMIC_DEBUG is enabled."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/crypto/caam/caamalg_qi2.c","drivers/crypto/caam/caamhash.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"e8e72fdf47bd5ef7abe642b034c6178a61a8580a","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"cd849c07b8d706425e60a4dfcef54b7b67c967ce","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"a9207798fe619cbc85c8744a9b9e2af1db2b6e1a","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"2adbfca7452eeac45117b8e803288a2767f7075f","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"c7e52fe3f7901ccb9cd29b3f7c683d809ba87e48","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"5cffe3c136891aa4d579bf5c079a68f7cb371b0c","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"b8f12d9b00c1950779e5679b9c13908584682bb6","versionType":"git","status":"affected"},{"version":"045e36780f11523e26d1e4a8c78bdc57f4003bd0","lessThan":"177730a273b18e195263ed953853273e901b5064","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/crypto/caam/caamalg_qi2.c","drivers/crypto/caam/caamhash.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.6","status":"affected"},{"version":"0","lessThan":"3.6","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6","versionEndExcluding":"5.10.259","matchCriteriaId":"721E2892-A2C4-43EA-B05D-A638043DE3DC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/177730a273b18e195263ed953853273e901b5064","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2adbfca7452eeac45117b8e803288a2767f7075f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5cffe3c136891aa4d579bf5c079a68f7cb371b0c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a9207798fe619cbc85c8744a9b9e2af1db2b6e1a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b8f12d9b00c1950779e5679b9c13908584682bb6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c7e52fe3f7901ccb9cd29b3f7c683d809ba87e48","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cd849c07b8d706425e60a4dfcef54b7b67c967ce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e8e72fdf47bd5ef7abe642b034c6178a61a8580a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46292","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.497","lastModified":"2026-07-08T21:31:27.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: core: Fix detach procedure for virtual devices in genpd\n\nIf a device is attached to a PM domain through genpd_dev_pm_attach_by_id(),\ngenpd calls pm_runtime_enable() for the corresponding virtual device that\nit registers. While this avoids boilerplate code in drivers, there is no\ncorresponding call to pm_runtime_disable() in genpd_dev_pm_detach().\n\nThis means these virtual devices are typically detached from its genpd,\nwhile runtime PM remains enabled for them, which is not how things are\ndesigned to work. In worst cases it may lead to critical errors, like a\nNULL pointer dereference bug in genpd_runtime_suspend(), which was recently\nreported. For another case, we may end up keeping an unnecessary vote for a\nperformance state for the device.\n\nTo fix these problems, let's add this missing call to pm_runtime_disable()\nin genpd_dev_pm_detach()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/pmdomain/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"e8f8dad44f024a5c99e54a48ad5c943fa8e54319","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"98b8104978474d381256a2b2fb0e7ca8e05a7bfa","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"52e485ed0dcb5496864003ba9ffcef7d5b613f83","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"707cb5df3eab32ddc52979418f7ace62941e6381","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"361518a26e4434e879db6ff43bf364795dcbfbff","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"51a7dd9cbae9210335ce398642ecaaa52c939eb5","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"8d44391a7f29e4601e8243f13498d0219bab2576","versionType":"git","status":"affected"},{"version":"3c095f32a92be4d07f3172a777dab1aacdb6a728","lessThan":"26735dfdd8930d9ef1fa92e590a9bf77726efdf6","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/pmdomain/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.18","status":"affected"},{"version":"0","lessThan":"4.18","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-772"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.18","versionEndExcluding":"5.10.259","matchCriteriaId":"4854705F-E327-45AB-8B50-B6EDC96C53FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.141","matchCriteriaId":"97A9FFFA-22BB-4D5C-9790-5A2286E392F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/26735dfdd8930d9ef1fa92e590a9bf77726efdf6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/361518a26e4434e879db6ff43bf364795dcbfbff","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/51a7dd9cbae9210335ce398642ecaaa52c939eb5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/52e485ed0dcb5496864003ba9ffcef7d5b613f83","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/707cb5df3eab32ddc52979418f7ace62941e6381","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d44391a7f29e4601e8243f13498d0219bab2576","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98b8104978474d381256a2b2fb0e7ca8e05a7bfa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e8f8dad44f024a5c99e54a48ad5c943fa8e54319","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46293","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.630","lastModified":"2026-07-08T19:04:45.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nclk: microchip: mpfs-ccc: fix out of bounds access during output registration\n\nUBSAN reported an out of bounds access during registration of the last\ntwo outputs. This out of bounds access occurs because space is only\nallocated in the hws array for two PLLs and the four output dividers\nthat each has, but the defined IDs contain two DLLS and their two\noutputs each, which are not supported by the driver. The ID order is\nPLLs -> DLLs -> PLL outputs -> DLL outputs. Decrement the PLL output IDs\nby two while adding them to the array to avoid the problem."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/clk/microchip/clk-mpfs-ccc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"9ed9b580a814773482c0a4f1be045636e68cc109","versionType":"git","status":"affected"},{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"47bc7a03449c39805bc2665d3e57c73195d5bcf8","versionType":"git","status":"affected"},{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"dbfcb09656cb30439577325c9dea2250203c2e3c","versionType":"git","status":"affected"},{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"a0780aeea166a7cf4706c45af4cadbb2a43a1fc9","versionType":"git","status":"affected"},{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"f24efd415455b98a1f1cfc6071fe6fde71986706","versionType":"git","status":"affected"},{"version":"d39fb172760e426e0628f16b785c85e16d17bd5e","lessThan":"2f7ae8ab6aa73daaf080d5332110357c29df9c36","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/clk/microchip/clk-mpfs-ccc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.1","status":"affected"},{"version":"0","lessThan":"6.1","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1","versionEndExcluding":"6.1.175","matchCriteriaId":"A4CF44D2-E504-42EA-A313-4974CFE03BAA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2f7ae8ab6aa73daaf080d5332110357c29df9c36","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/47bc7a03449c39805bc2665d3e57c73195d5bcf8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9ed9b580a814773482c0a4f1be045636e68cc109","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a0780aeea166a7cf4706c45af4cadbb2a43a1fc9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dbfcb09656cb30439577325c9dea2250203c2e3c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f24efd415455b98a1f1cfc6071fe6fde71986706","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46294","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.757","lastModified":"2026-07-08T19:04:47.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix a buffer overflow in ioctl processing\n\nTony Asleson (using Claude) found a buffer overflow in dm-ioctl in the\nfunction retrieve_status:\n\n1. The code in retrieve_status checks that the output string fits into\n   the output buffer and writes the output string there\n2. Then, the code aligns the \"outptr\" variable to the next 8-byte\n   boundary:\n\toutptr = align_ptr(outptr);\n3. The alignment doesn't check overflow, so outptr could point past the\n   buffer end\n4. The \"for\" loop is iterated again, it executes:\n\tremaining = len - (outptr - outbuf);\n5. If \"outptr\" points past \"outbuf + len\", the arithmetics wraps around\n   and the variable \"remaining\" contains unusually high number\n6. With \"remaining\" being high, the code writes more data past the end of\n   the buffer\n\nLuckily, this bug has no security implications because:\n1. Only root can issue device mapper ioctls\n2. The commonly used libraries that communicate with device mapper\n   (libdevmapper and devicemapper-rs) use buffer size that is aligned to\n   8 bytes - thus, \"outptr = align_ptr(outptr)\" can't overshoot the input\n   buffer and the bug can't happen accidentally"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/md/dm-ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"c8c5311237448f6ffeecc9aec2362e3692623668","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"448ee8fb79c26a26599ffa4b2adeb4322d3d3d8c","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"526ff9126a0ae087b65726e1faf31114c718020d","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"f0b0b09d9840838ae77ccdd6a62de0daef4e6e0a","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"d271631023cbe1cbe7c31a0275ab797883be6e0a","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"5af6a879e915ae7bcd83695c316ebb32e1c61bc2","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"8daa6c708ef524089ae43f2aed9190acb26d7df8","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"2fa49cc884f6496a915c35621ba4da35649bf159","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/md/dm-ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.10.258","matchCriteriaId":"E03287AA-1109-4662-85B8-5E824B2EA646"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2fa49cc884f6496a915c35621ba4da35649bf159","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/448ee8fb79c26a26599ffa4b2adeb4322d3d3d8c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/526ff9126a0ae087b65726e1faf31114c718020d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5af6a879e915ae7bcd83695c316ebb32e1c61bc2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8daa6c708ef524089ae43f2aed9190acb26d7df8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c8c5311237448f6ffeecc9aec2362e3692623668","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d271631023cbe1cbe7c31a0275ab797883be6e0a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f0b0b09d9840838ae77ccdd6a62de0daef4e6e0a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46295","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:47.913","lastModified":"2026-07-08T19:04:50.767","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Do IRR scan in __kvm_apic_update_irr even if PIR is empty\n\nFall back to apic_find_highest_vector() when PID.ON is set but PIR\nturns out to be empty, to correctly report the highest pending interrupt\nfrom the existing IRR.\n\nIn a nested VM stress test, the following WARNING fires in\nvmx_check_nested_events() when kvm_cpu_has_interrupt() reports a pending\ninterrupt but the subsequent kvm_apic_has_interrupt() (which invokes\nvmx_sync_pir_to_irr() again) returns -1:\n\n  WARNING: CPU: 99 PID: 57767 at arch/x86/kvm/vmx/nested.c:4449 vmx_check_nested_events+0x6bf/0x6e0 [kvm_intel]\n  Call Trace:\n   kvm_check_and_inject_events\n   vcpu_enter_guest.constprop.0\n   vcpu_run\n   kvm_arch_vcpu_ioctl_run\n   kvm_vcpu_ioctl\n   __x64_sys_ioctl\n   do_syscall_64\n   entry_SYSCALL_64_after_hwframe\n\nThe root cause is a race between vmx_sync_pir_to_irr() on the target vCPU\nand __vmx_deliver_posted_interrupt() on a sender vCPU.  The sender\nperforms two individually-atomic operations that are not a single\ntransaction:\n\n  1. pi_test_and_set_pir(vector)  -- sets the PIR bit\n  2. pi_test_and_set_on()         -- sets PID.ON\n\nThe following interleaving triggers the bug:\n\n  Sender vCPU (IPI):              Target vCPU (1st sync_pir_to_irr):\n  B1: set PIR[vector]\n                                  A1: pi_clear_on()\n                                  A2: pi_harvest_pir() -> sees B1 bit\n                                  A3: xchg() -> consumes bit, PIR=0\n                                      (1st sync returns correct max_irr)\n  B2: set PID.ON = 1\n\n                                  Target vCPU (2nd sync_pir_to_irr):\n                                  C1: pi_test_on() -> TRUE (from B2)\n                                  C2: pi_clear_on() -> ON=0\n                                  C3: pi_harvest_pir() -> PIR empty\n                                  C4: *max_irr = -1, early return\n                                      IRR NOT SCANNED\n\nThe interrupt is not lost (it resides in the IRR from the first sync and\nis recovered on the next vcpu_enter_guest() iteration), but the incorrect\nmax_irr causes a spurious WARNING and a wasted L2 VM-Enter/VM-Exit cycle."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["arch/x86/kvm/lapic.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"b41f8638b9d30fbe045b4ef83ff4136c56a57397","lessThan":"bb1703949dcaa9a49c338dee075f659f4634214d","versionType":"git","status":"affected"},{"version":"b41f8638b9d30fbe045b4ef83ff4136c56a57397","lessThan":"4b6b06a8b12bfd95f9015074b1430c1480908073","versionType":"git","status":"affected"},{"version":"b41f8638b9d30fbe045b4ef83ff4136c56a57397","lessThan":"33fd0ccd2590b470b65adcca288615ad3b5e3e06","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["arch/x86/kvm/lapic.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.16","status":"affected"},{"version":"0","lessThan":"6.16","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.18.30","matchCriteriaId":"0C6ED95F-C349-4582-8D0B-43787F134EDA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/33fd0ccd2590b470b65adcca288615ad3b5e3e06","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4b6b06a8b12bfd95f9015074b1430c1480908073","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bb1703949dcaa9a49c338dee075f659f4634214d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46296","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.037","lastModified":"2026-07-08T19:04:53.393","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: s3c64xx: fix NULL-deref on driver unbind\n\nA change moving DMA channel allocation from probe() back to\ns3c64xx_spi_prepare_transfer() failed to remove the corresponding\ndeallocation from remove().\n\nDrop the bogus DMA channel release from remove() to avoid triggering a\nNULL-pointer dereference on driver unbind.\n\nThis issue was flagged by Sashiko when reviewing a controller\nderegistration fix."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/spi/spi-s3c64xx.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7","versionType":"git","status":"affected"},{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"1108b8722b9ff0cdd3e8aa18d98244fcd93b6760","versionType":"git","status":"affected"},{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"323a258f4b1916b5a3098618e036e033b2f2317f","versionType":"git","status":"affected"},{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"1b66f16a571a10ba8889ac471755c8af9c5b9266","versionType":"git","status":"affected"},{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"22788b1a8611380b141e09a8896702e32d164238","versionType":"git","status":"affected"},{"version":"f52b03c707444c5a3d1a0b9c5724f93ddc3c588e","lessThan":"45daacbead8a009844bd5dba6cfa731332184d17","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/spi/spi-s3c64xx.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.0","status":"affected"},{"version":"0","lessThan":"6.0","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.1.176","matchCriteriaId":"8D193E9E-2E9B-468E-B920-AD1EA1BA82C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1108b8722b9ff0cdd3e8aa18d98244fcd93b6760","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1b66f16a571a10ba8889ac471755c8af9c5b9266","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/22788b1a8611380b141e09a8896702e32d164238","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/29e219a18e21258bdb4ee12cecd0e9ec87d7e6a7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/323a258f4b1916b5a3098618e036e033b2f2317f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/45daacbead8a009844bd5dba6cfa731332184d17","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46297","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.160","lastModified":"2026-07-08T19:04:56.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: use request_irq for VF misc interrupt\n\nCurrently, request_threaded_irq() is used with a primary handler but a\nNULL threaded handler, while also setting the IRQF_ONESHOT flag. This\nspecific combination triggers a WARNING since the commit aef30c8d569c\n(\"genirq: Warn about using IRQF_ONESHOT without a threaded handler\").\n\nWARNING: kernel/irq/manage.c:1502 at __setup_irq+0x4fa/0x760\n\nFix the issue by switching to request_irq(), which is the appropriate\ninterface or a non-threaded interrupt handler, and removing the\nunnecessary IRQF_ONESHOT flag."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ethernet/wangxun/libwx/wx_vf_common.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"eb4898fde1de8cf09f8a6b344dbd87536e0b1170","lessThan":"1bca036fe3607182c21f05e2b262167edbef086c","versionType":"git","status":"affected"},{"version":"eb4898fde1de8cf09f8a6b344dbd87536e0b1170","lessThan":"a841574c6e573132681aa57f9b43a0a897a423f6","versionType":"git","status":"affected"},{"version":"eb4898fde1de8cf09f8a6b344dbd87536e0b1170","lessThan":"7a33345153eeeda195c55f15be27074e4c3b5109","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ethernet/wangxun/libwx/wx_vf_common.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.17","status":"affected"},{"version":"0","lessThan":"6.17","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.18.30","matchCriteriaId":"0382719F-0247-436A-881F-C7382FD213E6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1bca036fe3607182c21f05e2b262167edbef086c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7a33345153eeeda195c55f15be27074e4c3b5109","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a841574c6e573132681aa57f9b43a0a897a423f6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46298","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.280","lastModified":"2026-07-08T14:49:04.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npseries/papr-hvpipe: Fix race with interrupt handler\n\nWhile executing ->ioctl handler or ->release handler, if an interrupt\nfires on the same cpu, then we can enter into a deadlock.\n\nThis patch fixes both these handlers to take spin_lock_irq{save|restore}\nversions of the lock to prevent this deadlock."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["arch/powerpc/platforms/pseries/papr-hvpipe.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"814ef095f12c9fa142043ee689500f3a41bb6dab","lessThan":"342c966f81cfc3cb6c297e80b37a9f3a5d637d2c","versionType":"git","status":"affected"},{"version":"814ef095f12c9fa142043ee689500f3a41bb6dab","lessThan":"7a4f0846ee6cc8cf44ae0046ed42e3259d1dd45b","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["arch/powerpc/platforms/pseries/papr-hvpipe.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"7.0.7","matchCriteriaId":"B6254F94-5978-493F-9B48-7613CD207BD7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/342c966f81cfc3cb6c297e80b37a9f3a5d637d2c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7a4f0846ee6cc8cf44ae0046ed42e3259d1dd45b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46299","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.393","lastModified":"2026-07-08T14:48:53.510","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix held lock freed on hfsplus_fill_super()\n\nhfsplus_fill_super() calls hfs_find_init() to initialize a search\nstructure, which acquires tree->tree_lock. If the subsequent call to\nhfsplus_cat_build_key() fails, the function jumps to the out_put_root\nerror label without releasing the lock. The later cleanup path then\nfrees the tree data structure with the lock still held, triggering a\nheld lock freed warning.\n\nFix this by adding the missing hfs_find_exit(&fd) call before jumping\nto the out_put_root error label. This ensures that tree->tree_lock is\nproperly released on the error path.\n\nThe bug was originally detected on v6.13-rc1 using an experimental\nstatic analysis tool we are developing, and we have verified that the\nissue persists in the latest mainline kernel. The tool is specifically\ndesigned to detect memory management issues. It is currently under active\ndevelopment and not yet publicly available.\n\nWe confirmed the bug by runtime testing under QEMU with x86_64 defconfig,\nlockdep enabled, and CONFIG_HFSPLUS_FS=y. To trigger the error path, we\nused GDB to dynamically shrink the max_unistr_len parameter to 1 before\nhfsplus_asc2uni() is called. This forces hfsplus_asc2uni() to naturally\nreturn -ENAMETOOLONG, which propagates to hfsplus_cat_build_key() and\nexercises the faulty error path. The following warning was observed\nduring mount:\n\n\t=========================\n\tWARNING: held lock freed!\n\t7.0.0-rc3-00016-gb4f0dd314b39 #4 Not tainted\n\t-------------------------\n\tmount/174 is freeing memory ffff888103f92000-ffff888103f92fff, with a lock still held there!\n\tffff888103f920b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfsplus_find_init+0x154/0x1e0\n\t2 locks held by mount/174:\n\t#0: ffff888103f960e0 (&type->s_umount_key#42/1){+.+.}-{4:4}, at: alloc_super.constprop.0+0x167/0xa40\n\t#1: ffff888103f920b0 (&tree->tree_lock){+.+.}-{4:4}, at: hfsplus_find_init+0x154/0x1e0\n\n\tstack backtrace:\n\tCPU: 2 UID: 0 PID: 174 Comm: mount Not tainted 7.0.0-rc3-00016-gb4f0dd314b39 #4 PREEMPT(lazy)\n\tHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n\tCall Trace:\n\t<TASK>\n\tdump_stack_lvl+0x82/0xd0\n\tdebug_check_no_locks_freed+0x13a/0x180\n\tkfree+0x16b/0x510\n\t? hfsplus_fill_super+0xcb4/0x18a0\n\thfsplus_fill_super+0xcb4/0x18a0\n\t? __pfx_hfsplus_fill_super+0x10/0x10\n\t? srso_return_thunk+0x5/0x5f\n\t? bdev_open+0x65f/0xc30\n\t? srso_return_thunk+0x5/0x5f\n\t? pointer+0x4ce/0xbf0\n\t? trace_contention_end+0x11c/0x150\n\t? __pfx_pointer+0x10/0x10\n\t? srso_return_thunk+0x5/0x5f\n\t? bdev_open+0x79b/0xc30\n\t? srso_return_thunk+0x5/0x5f\n\t? srso_return_thunk+0x5/0x5f\n\t? vsnprintf+0x6da/0x1270\n\t? srso_return_thunk+0x5/0x5f\n\t? __mutex_unlock_slowpath+0x157/0x740\n\t? __pfx_vsnprintf+0x10/0x10\n\t? srso_return_thunk+0x5/0x5f\n\t? srso_return_thunk+0x5/0x5f\n\t? mark_held_locks+0x49/0x80\n\t? srso_return_thunk+0x5/0x5f\n\t? srso_return_thunk+0x5/0x5f\n\t? irqentry_exit+0x17b/0x5e0\n\t? trace_irq_disable.constprop.0+0x116/0x150\n\t? __pfx_hfsplus_fill_super+0x10/0x10\n\t? __pfx_hfsplus_fill_super+0x10/0x10\n\tget_tree_bdev_flags+0x302/0x580\n\t? __pfx_get_tree_bdev_flags+0x10/0x10\n\t? vfs_parse_fs_qstr+0x129/0x1a0\n\t? __pfx_vfs_parse_fs_qstr+0x3/0x10\n\tvfs_get_tree+0x89/0x320\n\tfc_mount+0x10/0x1d0\n\tpath_mount+0x5c5/0x21c0\n\t? __pfx_path_mount+0x10/0x10\n\t? trace_irq_enable.constprop.0+0x116/0x150\n\t? trace_irq_enable.constprop.0+0x116/0x150\n\t? srso_return_thunk+0x5/0x5f\n\t? srso_return_thunk+0x5/0x5f\n\t? kmem_cache_free+0x307/0x540\n\t? user_path_at+0x51/0x60\n\t? __x64_sys_mount+0x212/0x280\n\t? srso_return_thunk+0x5/0x5f\n\t__x64_sys_mount+0x212/0x280\n\t? __pfx___x64_sys_mount+0x10/0x10\n\t? srso_return_thunk+0x5/0x5f\n\t? trace_irq_enable.constprop.0+0x116/0x150\n\t? srso_return_thunk+0x5/0x5f\n\tdo_syscall_64+0x111/0x680\n\tentry_SYSCALL_64_after_hwframe+0x77/0x7f\n\tRIP: 0033:0x7ffacad55eae\n\tCode: 48 8b 0d 85 1f 0f 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 8\n\tRSP: 002b\n---truncated---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/hfsplus/super.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"e890656accee4c26d932ea388eb8936a6e22184d","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"6499c9c8ec437a369e7e221dad91f6122b50759d","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"c554ddc87af4d4e4be42f8aed1baec9e1c7588e0","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"3ca80e3012c8be85b4f8d0d20eac8d3b17ff257e","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"041acda6d9f96006703466449c10c9a69590c8b9","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"d309d3308de658d87c42d97e044c89a226327526","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"bfbcce6a7b0552a390620d9b2c4d2bcb1825cbdc","versionType":"git","status":"affected"},{"version":"89ac9b4d3d1a049ae1054f99b1aed81092cd0a82","lessThan":"90c500e4fd83fa33c09bc7ee23b6d9cc487ac733","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/hfsplus/super.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.19","status":"affected"},{"version":"0","lessThan":"3.19","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-667"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"5.10.259","matchCriteriaId":"B7671B6F-58A3-4C86-AD1F-9A93A153C5C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/041acda6d9f96006703466449c10c9a69590c8b9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3ca80e3012c8be85b4f8d0d20eac8d3b17ff257e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6499c9c8ec437a369e7e221dad91f6122b50759d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/90c500e4fd83fa33c09bc7ee23b6d9cc487ac733","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bfbcce6a7b0552a390620d9b2c4d2bcb1825cbdc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c554ddc87af4d4e4be42f8aed1baec9e1c7588e0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d309d3308de658d87c42d97e044c89a226327526","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e890656accee4c26d932ea388eb8936a6e22184d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46301","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.560","lastModified":"2026-07-08T14:48:44.883","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: topcliff-pch: fix use-after-free on unbind\n\nGive the driver a chance to flush its queue before releasing the DMA\nbuffers on driver unbind"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/spi/spi-topcliff-pch.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"43334836b907adc21eab3079d2e6b26754468786","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"36e58c436d2c2a797800427dc04d74ffd8b6ce1c","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"4ca90deeca1c7dd72c1c380ba8143565516def2d","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"d79e92161b65832e0b8cad5f3d84d17e5cd7a970","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"8822980668c96b5aa251c1e2daec1873262b8f3f","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"d50ef3553acbacce6f2843304d41d06dca358bb6","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"0e8e57f9737ea257634db1d152fc430a0788a3e1","versionType":"git","status":"affected"},{"version":"c37f3c2749b53225d36faa5c583203c5f12ae15b","lessThan":"9d72732fe70c11424bc90ed466c7ccfa58b42a9a","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/spi/spi-topcliff-pch.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.1","status":"affected"},{"version":"0","lessThan":"3.1","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.10.258","matchCriteriaId":"B5F925AF-0571-45EB-B3C7-3046B450381F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0e8e57f9737ea257634db1d152fc430a0788a3e1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/36e58c436d2c2a797800427dc04d74ffd8b6ce1c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/43334836b907adc21eab3079d2e6b26754468786","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ca90deeca1c7dd72c1c380ba8143565516def2d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8822980668c96b5aa251c1e2daec1873262b8f3f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9d72732fe70c11424bc90ed466c7ccfa58b42a9a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d50ef3553acbacce6f2843304d41d06dca358bb6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d79e92161b65832e0b8cad5f3d84d17e5cd7a970","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46302","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.707","lastModified":"2026-07-08T14:48:36.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: allow multiple opens of /sys/fs/selinux/policy\n\nCurrently there can only be a single open of /sys/fs/selinux/policy at\nany time. This allows any process to block any other process from\nreading the kernel policy. The original motivation seems to have been\na mix of preventing an inconsistent view of the policy size and\npreventing userspace from allocating kernel memory without bound, but\nthis is arguably equally bad. Eliminate the policy_opened flag and\nshrink the critical section that the policy mutex is held. While we\nare making changes here, drop a couple of extraneous BUG_ONs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["security/selinux/selinuxfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"cee74f47a6baba0ac457e87687fdcf0abd599f0a","lessThan":"714362f3779dfa453a78ced32396a72726962a41","versionType":"git","status":"affected"},{"version":"cee74f47a6baba0ac457e87687fdcf0abd599f0a","lessThan":"a02cd6805562305f936e807da83e253b719dd965","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["security/selinux/selinuxfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.37","status":"affected"},{"version":"0","lessThan":"2.6.37","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.37","versionEndExcluding":"7.0.7","matchCriteriaId":"DA80713D-F193-4E13-A301-ABB21A01CE03"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/714362f3779dfa453a78ced32396a72726962a41","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a02cd6805562305f936e807da83e253b719dd965","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46303","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:48.853","lastModified":"2026-07-08T14:48:22.477","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nisofs: validate Rock Ridge CE continuation extent against volume size\n\nrock_continue() reads rs->cont_extent verbatim from the Rock Ridge CE\nrecord and passes it to sb_bread() without checking that the block\nnumber is within the mounted ISO 9660 volume.  commit e595447e177b\n(\"[PATCH] rock.c: handle corrupted directories\") added cont_offset\nand cont_size rejection for the CE continuation but did not validate\nthe extent block number itself.  commit f54e18f1b831 (\"isofs: Fix\ninfinite looping over CE entries\") later capped the CE chain length\nat RR_MAX_CE_ENTRIES = 32 but again left the block number unchecked.\n\nWith a crafted ISO mounted via udisks2 (desktop optical auto-mount)\nor via CAP_SYS_ADMIN mount, rs->cont_extent can therefore point at\nan out-of-range block or at blocks belonging to an adjacent\nfilesystem on the same block device.  sb_bread() on an out-of-range\nblock returns NULL cleanly via the block layer EIO path, so there\nis no memory-safety violation.  For in-range reads of adjacent-\nfilesystem data, the CE buffer is parsed as Rock Ridge records and\nonly the text of SL sub-records reaches userspace through\nreadlink(), which makes the info-leak channel narrow and difficult\nto exploit; still, rejecting the malformed CE outright matches the\nrejection shape already present in the same function for\ncont_offset and cont_size.\n\nAdd an ISOFS_SB(sb)->s_nzones bounds check to rock_continue() next\nto the existing offset/size rejection, printing the same\ncorrupted-directory-entry notice."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/isofs/rock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"8356fb821016797f5677cbeee5ddc0d32a95b4be","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"d582e12378bc1637f337622feef762f53c43fd57","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"c9b37c8b73f6368e4750e5ccb0632c380b43c6e5","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"22b36fa081f38ab397c7697f9d539211b51a0cfc","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"e69da8eeab74b4f4505024c38a17bce060fe7df8","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"ef048470c90bc8c1b8318bb2ce329da9ef64b9fe","versionType":"git","status":"affected"},{"version":"f54e18f1b831c92f6512d2eedb224cd63d607d3d","lessThan":"a36d990f591320e9dd379ab30063ebfe91d47e1f","versionType":"git","status":"affected"},{"version":"08313e26e06d4aa9ce1cbba1a8e359e9cab9ad56","versionType":"git","status":"affected"},{"version":"212c4d33ca83e2144064fe9c2911607fbed5386f","versionType":"git","status":"affected"},{"version":"96e44adce250199ec9b2b928be66365779ff1b59","versionType":"git","status":"affected"},{"version":"1fe5620fcd6c2f0a4a927ee10c8e53196da392f3","versionType":"git","status":"affected"},{"version":"fbce0d7dc8965c9fb8d411862040239d4a768c71","versionType":"git","status":"affected"},{"version":"8190393a88f2b0321263a54f2a9eb5a2aa43be7e","versionType":"git","status":"affected"},{"version":"486aa789eadcf44ed87f972b209299c516454693","versionType":"git","status":"affected"},{"version":"b6d20edb6e7cedb4eedb9e0193d20dd488ebae84","versionType":"git","status":"affected"},{"version":"2.6.32.66","lessThan":"2.6.33","versionType":"semver","status":"affected"},{"version":"3.2.67","lessThan":"3.3","versionType":"semver","status":"affected"},{"version":"3.4.107","lessThan":"3.5","versionType":"semver","status":"affected"},{"version":"3.10.64","lessThan":"3.11","versionType":"semver","status":"affected"},{"version":"3.12.36","lessThan":"3.13","versionType":"semver","status":"affected"},{"version":"3.14.28","lessThan":"3.15","versionType":"semver","status":"affected"},{"version":"3.17.8","lessThan":"3.18","versionType":"semver","status":"affected"},{"version":"3.18.2","lessThan":"3.19","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/isofs/rock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.19","status":"affected"},{"version":"0","lessThan":"3.19","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.32.66","versionEndExcluding":"2.6.33","matchCriteriaId":"AE79466A-8004-4545-9F2B-9AE61FF25E49"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.67","versionEndExcluding":"3.3","matchCriteriaId":"E339763B-0FFB-4F77-925F-B75B0574196F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.107","versionEndExcluding":"3.5","matchCriteriaId":"5D756A04-79C7-4DB6-9A50-9E8E5B2757F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.64","versionEndExcluding":"3.11","matchCriteriaId":"2B3FB946-FA61-41D1-8295-A7D889D63B3E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.12.36","versionEndExcluding":"3.13","matchCriteriaId":"881E140A-B761-4577-B10F-CF48988916FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.14.28","versionEndExcluding":"3.15","matchCriteriaId":"BA5F1F71-BA36-4EC2-A59D-E285C9983115"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.17.8","versionEndExcluding":"3.18","matchCriteriaId":"1743B4F8-1859-415F-9EB5-A33C53ABCD2E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.18.2","versionEndExcluding":"5.10.258","matchCriteriaId":"5C5C08E2-8006-4964-BA58-B339247E1301"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/22b36fa081f38ab397c7697f9d539211b51a0cfc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8356fb821016797f5677cbeee5ddc0d32a95b4be","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a36d990f591320e9dd379ab30063ebfe91d47e1f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bf1bc673c587f5ef7e9c09b94aea7c5a7847d4d9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9b37c8b73f6368e4750e5ccb0632c380b43c6e5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d582e12378bc1637f337622feef762f53c43fd57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e69da8eeab74b4f4505024c38a17bce060fe7df8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ef048470c90bc8c1b8318bb2ce329da9ef64b9fe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46304","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.053","lastModified":"2026-07-08T14:48:12.430","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet: avoid recursive nvmet-wq flush in nvmet_ctrl_free\n\nnvmet_tcp_release_queue_work() runs on nvmet-wq and can drop the\nfinal controller reference through nvmet_cq_put(). If that triggers\nnvmet_ctrl_free(), the teardown path flushes ctrl->async_event_work on\nthe same nvmet-wq.\n\nCall chain:\n\n nvmet_tcp_schedule_release_queue()\n   kref_put(&queue->kref, nvmet_tcp_release_queue)\n     nvmet_tcp_release_queue()\n       queue_work(nvmet_wq, &queue->release_work) <--- nvmet_wq\n         process_one_work()\n           nvmet_tcp_release_queue_work()\n             nvmet_cq_put(&queue->nvme_cq)\n               nvmet_cq_destroy()\n                 nvmet_ctrl_put(cq->ctrl)\n                   nvmet_ctrl_free()\n                     flush_work(&ctrl->async_event_work) <--- nvmet_wq\n\n                      Previously Scheduled by :-\n\t\t        nvmet_add_async_event\n\t\t          queue_work(nvmet_wq, &ctrl->async_event_work);\n\nThis trips lockdep with a possible recursive locking warning.\n\n[ 5223.015876] run blktests nvme/003 at 2026-04-07 20:53:55\n[ 5223.061801] loop0: detected capacity change from 0 to 2097152\n[ 5223.072206] nvmet: adding nsid 1 to subsystem blktests-subsystem-1\n[ 5223.088368] nvmet_tcp: enabling port 0 (127.0.0.1:4420)\n[ 5223.126086] nvmet: Created discovery controller 1 for subsystem nqn.2014-08.org.nvmexpress.discovery for NQN nqn.2014-08.org.nvmexpress:uuid:0f01fb42-9f7f-4856-b0b3-51e60b8de349.\n[ 5223.128453] nvme nvme1: new ctrl: NQN \"nqn.2014-08.org.nvmexpress.discovery\", addr 127.0.0.1:4420, hostnqn: nqn.2014-08.org.nvmexpress:uuid:0f01fb42-9f7f-4856-b0b3-51e60b8de349\n[ 5233.199447] nvme nvme1: Removing ctrl: NQN \"nqn.2014-08.org.nvmexpress.discovery\"\n\n[ 5233.227718] ============================================\n[ 5233.231283] WARNING: possible recursive locking detected\n[ 5233.234696] 7.0.0-rc3nvme+ #20 Tainted: G           O     N\n[ 5233.238434] --------------------------------------------\n[ 5233.241852] kworker/u192:6/2413 is trying to acquire lock:\n[ 5233.245429] ffff888111632548 ((wq_completion)nvmet-wq){+.+.}-{0:0}, at: touch_wq_lockdep_map+0x26/0x90\n[ 5233.251438]\n               but task is already holding lock:\n[ 5233.255254] ffff888111632548 ((wq_completion)nvmet-wq){+.+.}-{0:0}, at: process_one_work+0x5cc/0x6e0\n[ 5233.261125]\n               other info that might help us debug this:\n[ 5233.265333]  Possible unsafe locking scenario:\n\n[ 5233.269217]        CPU0\n[ 5233.270795]        ----\n[ 5233.272436]   lock((wq_completion)nvmet-wq);\n[ 5233.275241]   lock((wq_completion)nvmet-wq);\n[ 5233.278020]\n                *** DEADLOCK ***\n\n[ 5233.281793]  May be due to missing lock nesting notation\n\n[ 5233.286195] 3 locks held by kworker/u192:6/2413:\n[ 5233.289192]  #0: ffff888111632548 ((wq_completion)nvmet-wq){+.+.}-{0:0}, at: process_one_work+0x5cc/0x6e0\n[ 5233.294569]  #1: ffffc9000e2a7e40 ((work_completion)(&queue->release_work)){+.+.}-{0:0}, at: process_one_work+0x1c5/0x6e0\n[ 5233.300128]  #2: ffffffff82d7dc40 (rcu_read_lock){....}-{1:3}, at: __flush_work+0x62/0x530\n[ 5233.304290]\n               stack backtrace:\n[ 5233.306520] CPU: 4 UID: 0 PID: 2413 Comm: kworker/u192:6 Tainted: G           O     N  7.0.0-rc3nvme+ #20 PREEMPT(full)\n[ 5233.306524] Tainted: [O]=OOT_MODULE, [N]=TEST\n[ 5233.306525] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\n[ 5233.306527] Workqueue: nvmet-wq nvmet_tcp_release_queue_work [nvmet_tcp]\n[ 5233.306532] Call Trace:\n[ 5233.306534]  <TASK>\n[ 5233.306536]  dump_stack_lvl+0x73/0xb0\n[ 5233.306552]  print_deadlock_bug+0x225/0x2f0\n[ 5233.306556]  __lock_acquire+0x13f0/0x2290\n[ 5233.306563]  lock_acquire+0xd0/0x300\n[ 5233.306565]  ? touch_wq_lockdep_map+0x26/0x90\n[ 5233.306571]  ? __flush_work+0x20b/0x530\n[ 5233.306573]  ? touch_wq_lockdep_map+0x26/0x90\n[ 5233.306577]  touch_wq_lockdep_map+0x3b/0x90\n[ 5233.306580]  ? touch_wq_lockdep_map+0x26/0x90\n[ 52\n---truncated---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/nvme/target/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"ae5b0cad163833e10b271e9becc05d81dae56e5f","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"8d66ba89480ff098a58d79003a505f383aa4e920","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"a696fbbd5240b4ac9b166f7bd4c550882ff543f1","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"9a4d7222c0955b221e38bb66d10e6bccb672c8a1","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"ee6e20c4bc9eae542a0954a368449532383169d4","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"781f47d641432c26c19625b2cdd7f40825097592","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"551f445a56a11a6457550cddcf39c9ebb8bcacc6","versionType":"git","status":"affected"},{"version":"06406d81a2d7cfb8abcc4fa6cdfeb8e5897007c5","lessThan":"aade8abd8b868b6ffa9697aadaea28ec7f65bee6","versionType":"git","status":"affected"},{"version":"3976dd677e891c0b2c63d08028d445663539472c","versionType":"git","status":"affected"},{"version":"4.9.68","lessThan":"4.10","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/nvme/target/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.10","status":"affected"},{"version":"0","lessThan":"4.10","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9.68","versionEndExcluding":"4.10","matchCriteriaId":"F852DBF1-7260-4E35-8D25-C8F8EEF895D3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.1","versionEndExcluding":"5.10.258","matchCriteriaId":"13B8D12A-AFCB-4D1D-8998-0A1CF5BCAC14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.10:-:*:*:*:*:*:*","matchCriteriaId":"C201E405-86F2-4F96-984A-00A865219C86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.10:rc6:*:*:*:*:*:*","matchCriteriaId":"09B6110F-7933-484D-AEAF-5D15FF38647E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.10:rc7:*:*:*:*:*:*","matchCriteriaId":"75694C52-0ADF-45EC-80AC-D973535B5CB9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.10:rc8:*:*:*:*:*:*","matchCriteriaId":"29F29665-6B16-4D9F-A417-D0743395DF01"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/551f445a56a11a6457550cddcf39c9ebb8bcacc6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/781f47d641432c26c19625b2cdd7f40825097592","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d66ba89480ff098a58d79003a505f383aa4e920","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9a4d7222c0955b221e38bb66d10e6bccb672c8a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a696fbbd5240b4ac9b166f7bd4c550882ff543f1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aade8abd8b868b6ffa9697aadaea28ec7f65bee6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ae5b0cad163833e10b271e9becc05d81dae56e5f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ee6e20c4bc9eae542a0954a368449532383169d4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46305","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.253","lastModified":"2026-07-08T14:47:58.780","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: rtl8723bs: os_dep: avoid NULL pointer dereference in rtw_cbuf_alloc\n\nThe return value of kzalloc_flex() is used without\nensuring that the allocation succeeded, and the\npointer is dereferenced unconditionally.\n\nGuard the access to the allocated structure to\navoid a potential NULL pointer dereference if the\nallocation fails."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/staging/rtl8723bs/os_dep/osdep_service.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"980cd426a25747daf8ed25e2a1904b2d26ffbb3d","lessThan":"0a5f411becfb7c57aa89827213d31ef23a03d75a","versionType":"git","status":"affected"},{"version":"980cd426a25747daf8ed25e2a1904b2d26ffbb3d","lessThan":"bc851db06045a40c18233dd76ef0562d7f8bb6db","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/staging/rtl8723bs/os_dep/osdep_service.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7.0","status":"affected"},{"version":"0","lessThan":"7.0","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.0.7","matchCriteriaId":"FD366C5A-E83E-40D3-BB82-BD3DEB7815B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0a5f411becfb7c57aa89827213d31ef23a03d75a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bc851db06045a40c18233dd76ef0562d7f8bb6db","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46306","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.383","lastModified":"2026-07-08T14:47:47.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nflow_dissector: do not dissect PPPoE PFC frames\n\nRFC 2516 Section 7 states that Protocol Field Compression (PFC) is NOT\nRECOMMENDED for PPPoE. In practice, pppd does not support negotiating\nPFC for PPPoE sessions, and the flow dissector driver has assumed an\nuncompressed frame until the blamed commit.\n\nDuring the review process of that commit [1], support for PFC is\nsuggested. However, having a compressed (1-byte) protocol field means\nthe subsequent PPP payload is shifted by one byte, causing 4-byte\nmisalignment for the network header and an unaligned access exception\non some architectures.\n\nThe exception can be reproduced by sending a PPPoE PFC frame to an\nethernet interface of a MIPS board, with RPS enabled, even if no PPPoE\nsession is active on that interface:\n\n$ 0   : 00000000 80c40000 00000000 85144817\n$ 4   : 00000008 00000100 80a75758 81dc9bb8\n$ 8   : 00000010 8087ae2c 0000003d 00000000\n$12   : 000000e0 00000039 00000000 00000000\n$16   : 85043240 80a75758 81dc9bb8 00006488\n$20   : 0000002f 00000007 85144810 80a70000\n$24   : 81d1bda0 00000000\n$28   : 81dc8000 81dc9aa8 00000000 805ead08\nHi    : 00009d51\nLo    : 2163358a\nepc   : 805e91f0 __skb_flow_dissect+0x1b0/0x1b50\nra    : 805ead08 __skb_get_hash_net+0x74/0x12c\nStatus: 11000403        KERNEL EXL IE\nCause : 40800010 (ExcCode 04)\nBadVA : 85144817\nPrId  : 0001992f (MIPS 1004Kc)\nCall Trace:\n[<805e91f0>] __skb_flow_dissect+0x1b0/0x1b50\n[<805ead08>] __skb_get_hash_net+0x74/0x12c\n[<805ef330>] get_rps_cpu+0x1b8/0x3fc\n[<805fca70>] netif_receive_skb_list_internal+0x324/0x364\n[<805fd120>] napi_complete_done+0x68/0x2a4\n[<8058de5c>] mtk_napi_rx+0x228/0xfec\n[<805fd398>] __napi_poll+0x3c/0x1c4\n[<805fd754>] napi_threaded_poll_loop+0x234/0x29c\n[<805fd848>] napi_threaded_poll+0x8c/0xb0\n[<80053544>] kthread+0x104/0x12c\n[<80002bd8>] ret_from_kernel_thread+0x14/0x1c\n\nCode: 02d51821  1060045b  00000000 <8c640000> 3084000f  2c820005  144001a2  00042080  8e220000\n\nTo reduce the attack surface and maintain performance, do not process\nPPPoE PFC frames.\n\n[1] https://lore.kernel.org/r/20220630231016.GA392@debian.home"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/flow_dissector.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"10f665b52a75df6eb26ddebbbc072ee264183731","lessThan":"e7c811ca372d53c2be7d01a1614e71fae1054836","versionType":"git","status":"affected"},{"version":"d7e541e86122d21f71eb71c5dfa7fb1eb6623fe8","lessThan":"abc5bc84e0f2edc7ea2d437afa6ef3fe1fc43200","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"18ae9eacfc95cc715c0606b2c86e8aa8a86cf3e3","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"db104b0d8a7856397c0469d83a4289adf7c54863","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"6044392d9cace3a3672b02c8bc7d38b502e51734","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"0d00b9015069712944934bab09eaa6c542143049","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"7c93f353eab4ea911e394630f07d72e040a729d8","versionType":"git","status":"affected"},{"version":"46126db9c86110e5fc1e369b9bb89735ddefdae4","lessThan":"d6c19b31a3c1d519fabdcf0aa239e6b6109b9473","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/flow_dissector.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.0","status":"affected"},{"version":"0","lessThan":"6.0","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.1.175","matchCriteriaId":"58CA276A-38F2-4887-9AE9-787C2AF59753"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0d00b9015069712944934bab09eaa6c542143049","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/18ae9eacfc95cc715c0606b2c86e8aa8a86cf3e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6044392d9cace3a3672b02c8bc7d38b502e51734","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7c93f353eab4ea911e394630f07d72e040a729d8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/abc5bc84e0f2edc7ea2d437afa6ef3fe1fc43200","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6c19b31a3c1d519fabdcf0aa239e6b6109b9473","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/db104b0d8a7856397c0469d83a4289adf7c54863","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e7c811ca372d53c2be7d01a1614e71fae1054836","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46307","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.547","lastModified":"2026-07-08T14:47:35.820","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath5k: do not access array OOB\n\nVincent reports:\n> The ath5k driver seems to do an array-index-out-of-bounds access as\n> shown by the UBSAN kernel message:\n> UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath5k/base.c:1741:20\n> index 4 is out of range for type 'ieee80211_tx_rate [4]'\n> ...\n> Call Trace:\n>  <TASK>\n>  dump_stack_lvl+0x5d/0x80\n>  ubsan_epilogue+0x5/0x2b\n>  __ubsan_handle_out_of_bounds.cold+0x46/0x4b\n>  ath5k_tasklet_tx+0x4e0/0x560 [ath5k]\n>  tasklet_action_common+0xb5/0x1c0\n\nIt is real. 'ts->ts_final_idx' can be 3 on 5212, so:\n   info->status.rates[ts->ts_final_idx + 1].idx = -1;\nwith the array defined as:\n   struct ieee80211_tx_rate rates[IEEE80211_TX_MAX_RATES];\nwhile the size is:\n   #define IEEE80211_TX_MAX_RATES  4\nis indeed bogus.\n\nSet this 'idx = -1' sentinel only if the array index is less than the\narray size. As mac80211 will not look at rates beyond the size\n(IEEE80211_TX_MAX_RATES).\n\nNote: The effect of the OOB write is negligible. It just overwrites the\nnext member of info->status, i.e. ack_signal."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/wireless/ath/ath5k/base.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"ecb1c163166759dec004c1fdb9709b8a5992fc8e","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"9dd6aae4bc7bfa11088d928670a3315eae542769","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"744c19e266b0d2628c5951439195dcef27eadacf","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"83226c71af53fb9b3cad40cb9a9a79f36d68c020","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"d6869537013b1f21b292342752d97868b79b5934","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"e9f1081bc775146156def0dbc821b92f35d56afb","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"568173ad9bd0b46cc6cd937dea8791e9b5eefa57","versionType":"git","status":"affected"},{"version":"6d7b97b23e114c8fbb825e6721164d228c1af3fc","lessThan":"d748603f12baff112caa3ab7d39f50100f010dbd","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/wireless/ath/ath5k/base.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.0","status":"affected"},{"version":"0","lessThan":"3.0","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0","versionEndExcluding":"5.10.258","matchCriteriaId":"ADE9309F-1058-4BD7-8F94-3FE94CF5B8A4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/568173ad9bd0b46cc6cd937dea8791e9b5eefa57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/744c19e266b0d2628c5951439195dcef27eadacf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/83226c71af53fb9b3cad40cb9a9a79f36d68c020","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9dd6aae4bc7bfa11088d928670a3315eae542769","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d6869537013b1f21b292342752d97868b79b5934","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d748603f12baff112caa3ab7d39f50100f010dbd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e9f1081bc775146156def0dbc821b92f35d56afb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ecb1c163166759dec004c1fdb9709b8a5992fc8e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46308","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.707","lastModified":"2026-07-08T14:47:18.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix use-after-free in scpsys_get_bus_protection_legacy()\n\nIn scpsys_get_bus_protection_legacy(), of_find_node_with_property()\nreturns a device node with its reference count incremented. The function\nthen calls of_node_put(node) before checking whether\nsyscon_regmap_lookup_by_phandle() returns an error. If an error occurs,\ndev_err_probe() dereferences the node pointer to print diagnostic\ninformation, but the node memory may have already been freed due to the\nearlier of_node_put(), leading to a use-after-free vulnerability.\n\nFix this by moving the of_node_put() call after the error check, ensuring\nthe node is still valid when accessed in the error path."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/pmdomain/mediatek/mtk-pm-domains.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c29345fa5f66bea0790cf2219f57b974d4fc177b","lessThan":"cb27e43c0511e9e1ca8818d231656070b11c18cf","versionType":"git","status":"affected"},{"version":"c29345fa5f66bea0790cf2219f57b974d4fc177b","lessThan":"38d8410021b55d226847b2ac8d189d89fe5a8866","versionType":"git","status":"affected"},{"version":"c29345fa5f66bea0790cf2219f57b974d4fc177b","lessThan":"ec1fcddb3117d9452210e838fd37389ee61e10e8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/pmdomain/mediatek/mtk-pm-domains.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.30","matchCriteriaId":"9EB9FADE-E22F-41C2-9790-4F5564D59E62"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/38d8410021b55d226847b2ac8d189d89fe5a8866","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cb27e43c0511e9e1ca8818d231656070b11c18cf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec1fcddb3117d9452210e838fd37389ee61e10e8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46309","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.820","lastModified":"2026-07-08T14:52:28.540","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/uapi: Reject coh_none PAT index for CPU cached memory in madvise\n\nAdd validation in xe_vm_madvise_ioctl() to reject PAT indices with\nXE_COH_NONE coherency mode when applied to CPU cached memory.\n\nUsing coh_none with CPU cached buffers is a security issue. When the\nkernel clears pages before reallocation, the clear operation stays in\nCPU cache (dirty). GPU with coh_none can bypass CPU caches and read\nstale sensitive data directly from DRAM, potentially leaking data from\npreviously freed pages of other processes.\n\nThis aligns with the existing validation in vm_bind path\n(xe_vm_bind_ioctl_validate_bo).\n\nv2(Matthew brost)\n- Add fixes\n- Move one debug print to better place\n\nv3(Matthew Auld)\n- Should be drm/xe/uapi\n- More Cc\n\nv4(Shuicheng Lin)\n- Fix kmem leak issues by the way\n\nv5\n- Remove kmem leak because it has been merged by another patch\n\nv6\n- Remove the fix which is not related to current fix\n\nv7\n- No change\n\nv8\n- Rebase\n\nv9\n- Limit the restrictions to iGPU\n\nv10\n- No change\n\n(cherry picked from commit 016ccdb674b8c899940b3944952c96a6a490d10a)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/xe/xe_vm_madvise.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ada7486c5668db542a7d361268df931aca5b726a","lessThan":"87f9b1528e1ffc1da3615d552c9a06aba5e20b00","versionType":"git","status":"affected"},{"version":"ada7486c5668db542a7d361268df931aca5b726a","lessThan":"fea04cf6f2345bc50f15b6638906c35962b89424","versionType":"git","status":"affected"},{"version":"ada7486c5668db542a7d361268df931aca5b726a","lessThan":"4e5591c2fc1b30f4ea5e2eab4c3a695acc404e39","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/xe/xe_vm_madvise.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-524"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.32","matchCriteriaId":"C29FBB84-11C5-4598-8812-17C64D98F7F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4e5591c2fc1b30f4ea5e2eab4c3a695acc404e39","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/87f9b1528e1ffc1da3615d552c9a06aba5e20b00","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fea04cf6f2345bc50f15b6638906c35962b89424","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-46309","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486468","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46309.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46310","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:49.943","lastModified":"2026-07-08T14:51:33.413","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: renesas: vsp1: Fix NULL pointer deref on module unload\n\nWhen unloading the module on gen 4, we hit a NULL pointer dereference.\nThis is caused by the cleanup code calling vsp1_drm_cleanup() where it\nshould be calling vsp1_vspx_cleanup().\n\nFix this by checking the IP version and calling the drm or vspx function\naccordingly, the same way as the init code does."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/media/platform/renesas/vsp1/vsp1_drv.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d06c1a9f348d22478c6bc5684f9c990e15ada1e9","lessThan":"bfb2081ba00afbbd15a5ed1ed1acdc3edeea5a98","versionType":"git","status":"affected"},{"version":"d06c1a9f348d22478c6bc5684f9c990e15ada1e9","lessThan":"c4bb1515b26663e5230603892e67f2cc7df9f0ca","versionType":"git","status":"affected"},{"version":"d06c1a9f348d22478c6bc5684f9c990e15ada1e9","lessThan":"58b1e9664d8f74d55d8411cc7a7b275a76a6f24f","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/media/platform/renesas/vsp1/vsp1_drv.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.17","status":"affected"},{"version":"0","lessThan":"6.17","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.18.32","matchCriteriaId":"AB70B664-FBEC-44D2-8EE3-2EC62F0006A8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/58b1e9664d8f74d55d8411cc7a7b275a76a6f24f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bfb2081ba00afbbd15a5ed1ed1acdc3edeea5a98","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c4bb1515b26663e5230603892e67f2cc7df9f0ca","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46311","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:50.053","lastModified":"2026-07-08T14:51:25.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/userq: fix access to stale wptr mapping\n\nUse drm_exec to take both locks i.e vm root bo and\nwptr_obj bo to access the mapping data properly.\n\nThis fixes the security issue of unmap the wptr_obj while\na queue creation is in progress and passing other\nbo at same address.\n\n(cherry picked from commit 1fc6c8ab45dbee096469c08c13f6099d57a52d6c)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/amdgpu/mes_userqueue.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5fb2f7fc21a3668e5794cc0d153641b9719713e1","lessThan":"336a9186f3a4b65bbd865d93936605ac8a1a3991","versionType":"git","status":"affected"},{"version":"5fb2f7fc21a3668e5794cc0d153641b9719713e1","lessThan":"6da7b1242da4455b11c24ce667d1cab1a348c8ea","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/amdgpu/mes_userqueue.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.16","status":"affected"},{"version":"0","lessThan":"6.16","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"7.0.9","matchCriteriaId":"55FA23CC-1F5B-49A6-AE4B-FA3DF99F72EA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/336a9186f3a4b65bbd865d93936605ac8a1a3991","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6da7b1242da4455b11c24ce667d1cab1a348c8ea","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46312","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:50.160","lastModified":"2026-07-08T14:51:14.113","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: videobuf2: Set vma_flags in vb2_dma_sg_mmap\n\nvb2_dma_contig sets VMA flags VM_DONTEXPAND and VM_DONTDUMP and I do not\nsee a reason why vb2_dma_sg should behave differently. This avoids\nhitting `WARN_ON(!(vma->vm_flags & VM_DONTEXPAND));` in\ndrm_gem_mmap_obj() during mmap() of an imported dma-buf from the out of\ntree Apple ISP camera capture driver which uses vb2_dma_sg_memops.\n\ngst-launch-1.0 v4l2src ! gtk4paintablesink\n\n[   38.201528] ------------[ cut here ]------------\n[   38.202135] WARNING: CPU: 7 PID: 2362 at drivers/gpu/drm/drm_gem.c:1144 drm_gem_mmap_obj+0x1f8/0x210\n[   38.203278] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer\nsnd_seq snd_seq_device uinput nf_conntrack_netbios_ns\nnf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib\nnft_reject_inet nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat\nnf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables qrtr bnep\nnls_ascii i2c_dev loop fuse dm_multipath nfnetlink brcmfmac_wcc\nhid_magicmouse hci_bcm4377 brcmfmac brcmutil bluetooth ecdh_generic\ncfg80211 ecc btrfs xor xor_neon rfkill hid_apple raid6_pq joydev\naop_als apple_nvmem_spmi industrialio snd_soc_aop apple_z2\nsnd_soc_cs42l84 tps6598x snd_soc_tas2764 macsmc_reboot spi_nor\nmacsmc_hwmon rtc_macsmc gpio_macsmc macsmc_power regmap_spmi\nmacsmc_input dockchannel_hid panel_summit appledrm nvme_apple dwc3\nsnd_soc_macaudio drm_client_lib nvme_core phy_apple_atc hwmon\napple_sart apple_dockchannel macsmc apple_rtkit_helper\nspmi_apple_controller aop apple_wdt mfd_core nvmem_apple_efuses\npinctrl_apple_gpio apple_isp apple_dcp videobuf2_dma_sg mux_core\nspi_apple\n[   38.203300]  videobuf2_memops i2c_pasemi_platform snd_soc_apple_mca videobuf2_v4l2 videodev clk_apple_nco videobuf2_common snd_pcm_dmaengine adpdrm asahi apple_admac adpdrm_mipi drm_dma_helper pwm_apple i2c_pasemi_core drm_display_helper mc cec apple_dart ofpart apple_soc_cpufreq leds_pwm phram\n[   38.217677] CPU: 7 UID: 1000 PID: 2362 Comm: gst-launch-1.0 Tainted: G        W           6.17.6+ #asahi-dev PREEMPT(full)\n[   38.219040] Tainted: [W]=WARN\n[   38.219398] Hardware name: Apple MacBook Pro (13-inch, M2, 2022) (DT)\n[   38.220213] pstate: 21400005 (nzCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[   38.221088] pc : drm_gem_mmap_obj+0x1f8/0x210\n[   38.221643] lr : drm_gem_mmap_obj+0x78/0x210\n[   38.222178] sp : ffffc0008dc678e0\n[   38.222579] x29: ffffc0008dc678e0 x28: 0000000000042a97 x27: ffff8000b701b480\n[   38.223465] x26: 00000000000000fb x25: ffffc0008dc67d20 x24: ffffc0008dc67968\n[   38.224402] x23: ffff8000e3ca5600 x22: ffff8000265b7800 x21: ffff80003000c0c0\n[   38.225279] x20: 0000000000000000 x19: ffff8000b68c5200 x18: ffffc0008dc67968\n[   38.226151] x17: 0000000000000000 x16: 0000000000000000 x15: ffffc000810a30a8\n[   38.227042] x14: 00007fff637effff x13: 00005555de91ffff x12: 00007fff63293fff\n[   38.227942] x11: 0000000000000000 x10: ffff8000184ecf08 x9 : ffffc0007a1900c8\n[   38.228824] x8 : ffffc0008dc67968 x7 : 0000000000000012 x6 : ffffc0015cf1c000\n[   38.229703] x5 : ffffc0008dc676a0 x4 : ffffc00081a27dc0 x3 : 0000000000000038\n[   38.230607] x2 : 0000000000000003 x1 : 0000000000000003 x0 : 00000000100000fb\n[   38.231488] Call trace:\n[   38.231806]  drm_gem_mmap_obj+0x1f8/0x210 (P)\n[   38.232342]  drm_gem_mmap+0x140/0x260\n[   38.232813]  __mmap_region+0x488/0x9a0\n[   38.233277]  mmap_region+0xd0/0x148\n[   38.233703]  do_mmap+0x350/0x5c0\n[   38.234148]  vm_mmap_pgoff+0x14c/0x200\n[   38.234612]  ksys_mmap_pgoff+0x150/0x208\n[   38.235107]  __arm64_sys_mmap+0x34/0x50\n[   38.235611]  invoke_syscall+0x50/0x120\n[   38.236075]  el0_svc_common.constprop.0+0x48/0xf0\n[   38.236680]  do_el0_svc+0x24/0x38\n[   38.237113]  el0_svc+0x38/0x168\n[   38.237507]  el0t_64_sync_handler+0xa0/0xe8\n[   38.238034]  el0t_64_sync+0x198/0x1a0\n[   38.238491] ---[ end trace 0000000000000000 ]---\n\nThere were discussions in [1] at the end of 2023 that mmap() on imported\n---truncated---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/media/common/videobuf2/videobuf2-dma-sg.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5ba3f757f0592ca001266b4a6214d0332349909c","lessThan":"feb17524aa4ec337749344be0db52b88663e25ab","versionType":"git","status":"affected"},{"version":"5ba3f757f0592ca001266b4a6214d0332349909c","lessThan":"1a1360264f699521e001e7739009ee3ee3c6a4f5","versionType":"git","status":"affected"},{"version":"5ba3f757f0592ca001266b4a6214d0332349909c","lessThan":"21fade52ab9fb13368a5709e60b0d9909197aeae","versionType":"git","status":"affected"},{"version":"5ba3f757f0592ca001266b4a6214d0332349909c","lessThan":"b4cf91658a636618f1437beec971dec25dec28eb","versionType":"git","status":"affected"},{"version":"5ba3f757f0592ca001266b4a6214d0332349909c","lessThan":"7254b31a13aaa0c2c0f9ffbc335b718656117ff4","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/media/common/videobuf2/videobuf2-dma-sg.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.39","status":"affected"},{"version":"0","lessThan":"2.6.39","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.90","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.39","versionEndExcluding":"6.6.140","matchCriteriaId":"CAC2E7BE-0901-4354-9F17-4B2D83360D14"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.90","matchCriteriaId":"3BAAA2BE-6EEC-45D5-AD66-50F63CA20483"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.32","matchCriteriaId":"CB9F1FA8-6D5E-42B1-9877-57BACFE5C886"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1a1360264f699521e001e7739009ee3ee3c6a4f5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/21fade52ab9fb13368a5709e60b0d9909197aeae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7254b31a13aaa0c2c0f9ffbc335b718656117ff4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b4cf91658a636618f1437beec971dec25dec28eb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/feb17524aa4ec337749344be0db52b88663e25ab","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46313","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:50.317","lastModified":"2026-07-08T14:51:05.853","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: intel/ipu6: fix error pointer dereference\n\nIn a error path isp->psys is confirmed to be an error pointer not NULL so\nthis condition is true and the error pointer is dereferenced. So isp-psys\nshould be set to NULL before going to out_ipu6_bus_del_devices.\n\nDetected by Smatch:\ndrivers/media/pci/intel/ipu6/ipu6.c:690 ipu6_pci_probe() error:\n'isp->psys' dereferencing possible ERR_PTR()\n\n[Sakari Ailus: Fix commit message.]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/media/pci/intel/ipu6/ipu6.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"25fedc021985a66a357a599ab771d6b495b6f78c","lessThan":"fad134c446189e9bb48cea1a5ca426d2889a9c71","versionType":"git","status":"affected"},{"version":"25fedc021985a66a357a599ab771d6b495b6f78c","lessThan":"f43e30646fc93799f3f48530d0ccbd52902c0541","versionType":"git","status":"affected"},{"version":"25fedc021985a66a357a599ab771d6b495b6f78c","lessThan":"c352f90e093ae49902e47f41579e1aa41899ff64","versionType":"git","status":"affected"},{"version":"25fedc021985a66a357a599ab771d6b495b6f78c","lessThan":"8dd088b8b106f7b119664f965b691785998edcfb","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/media/pci/intel/ipu6/ipu6.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.10","status":"affected"},{"version":"0","lessThan":"6.10","versionType":"semver","status":"unaffected"},{"version":"6.12.90","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.32","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.12.90","matchCriteriaId":"45E7C926-2B7A-4779-8663-0E6229DF2929"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.32","matchCriteriaId":"CB9F1FA8-6D5E-42B1-9877-57BACFE5C886"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8dd088b8b106f7b119664f965b691785998edcfb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c352f90e093ae49902e47f41579e1aa41899ff64","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f43e30646fc93799f3f48530d0ccbd52902c0541","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fad134c446189e9bb48cea1a5ca426d2889a9c71","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46314","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-08T17:16:50.430","lastModified":"2026-07-08T14:50:58.003","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/v3d: Reject empty multisync extension to prevent infinite loop\n\nv3d_get_extensions() walks a userspace-provided singly-linked list of\nioctl extensions without any bound on the chain length. A local user\ncan craft a self-referential extension (ext->next == &ext) with zero\nin_sync_count and out_sync_count, which bypasses the existing duplicate-\nextension guard:\n\n    if (se->in_sync_count || se->out_sync_count)\n            return -EINVAL;\n\nThe guard never fires because v3d_get_multisync_post_deps() returns\nimmediately when count is zero, leaving both fields at zero on every\niteration. The result is an infinite loop in kernel context, blocking\nthe calling thread and pegging a CPU core indefinitely.\n\nFix this by rejecting a multisync extension where both in_sync_count\nand out_sync_count are zero in v3d_get_multisync_submit_deps(). An\nempty multisync carries no synchronization information and serves no\nuseful purpose, so returning -EINVAL for such an extension is the\ncorrect defense against this attack vector."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/v3d/v3d_submit.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"e4165ae8304e5ea822fbe5909dd3be5445c058b7","lessThan":"309abbddeca0c12714721928a819ef45e5710998","versionType":"git","status":"affected"},{"version":"e4165ae8304e5ea822fbe5909dd3be5445c058b7","lessThan":"4fa42a249e8cd6ed17aea04e5695b6e9001f2433","versionType":"git","status":"affected"},{"version":"e4165ae8304e5ea822fbe5909dd3be5445c058b7","lessThan":"9c5164781cb388d219d8f49fa0f0b04cf86ad544","versionType":"git","status":"affected"},{"version":"e4165ae8304e5ea822fbe5909dd3be5445c058b7","lessThan":"fb44d589bf3148e13452185a6e772a7efbf2d684","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/v3d/v3d_submit.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.16","status":"affected"},{"version":"0","lessThan":"5.16","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.9","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.18.33","matchCriteriaId":"EDD8915F-95A2-4775-95AB-A1723BAAF160"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.9","matchCriteriaId":"33ACA10B-B260-46EA-BD50-70EBE5097672"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/309abbddeca0c12714721928a819ef45e5710998","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4fa42a249e8cd6ed17aea04e5695b6e9001f2433","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9c5164781cb388d219d8f49fa0f0b04cf86ad544","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fb44d589bf3148e13452185a6e772a7efbf2d684","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-40983","sourceIdentifier":"security@vmware.com","published":"2026-06-09T05:16:34.653","lastModified":"2026-07-09T13:17:05.160","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"In Micrometer, it is possible for a user to provide specially crafted gRPC requests that may cause a denial-of-service (DoS) condition.\n\nAffected versions:\nMicrometer 1.16.0 through 1.16.5; 1.15.0 through 1.15.11."}],"affected":[{"source":"security@vmware.com","affectedData":[{"vendor":"Spring","product":"Micrometer","defaultStatus":"unaffected","versions":[{"version":"1.16.0","lessThan":"1.16.5.1","versionType":"custom","status":"affected"},{"version":"1.15.0","lessThan":"1.15.11.1","versionType":"custom","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Build of Apache Camel 4.18 for Quarkus 3.33","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_quarkus:3.33"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat AMQ Clients","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_clients:2023"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel 4 for Quarkus 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:camel_quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:apicurio_registry:3"]},{"vendor":"Red Hat","product":"Red Hat Build of Keycloak","defaultStatus":"affected","cpes":["cpe:/a:redhat:build_keycloak:"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel for Spring Boot 4","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:camel_spring_boot:4"]},{"vendor":"Red Hat","product":"Red Hat build of Debezium 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:debezium:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unknown","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"security@vmware.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T13:53:39.829639Z","id":"CVE-2026-40983","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@vmware.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://spring.io/security/cve-2026-40983","source":"security@vmware.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36839","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-40983","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486697","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-40983.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-5067","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-06-09T06:16:53.920","lastModified":"2026-07-08T13:27:22.443","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the input length reaches the buffer size. During upgrade handling the buffer is copied to a local stack buffer and passed to strlen(); if no NUL exists in-bounds, strlen() reads beyond the stack buffer and subsequent concatenation with the WebSocket magic string can write out of bounds. This leads to out-of-bounds read and write on stack memory, resulting in crash (denial of service) and potentially code execution. The path is reachable when CONFIG_HTTP_SERVER_WEBSOCKET is enabled."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"3.7.0","lessThanOrEqual":"4.3.0","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T13:11:48.752906Z","id":"CVE-2026-5067","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-170"},{"lang":"en","value":"CWE-787"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0","versionEndIncluding":"4.3.0","matchCriteriaId":"D6DCCDB1-3B65-4C26-8AE2-05613439A5BF"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wgr4-9pwq-94vj","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-wgr4-9pwq-94vj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5068","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-06-09T08:16:29.073","lastModified":"2026-07-08T13:25:38.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation (via chan_ops.alloc_buf) and the chosen RX pool has a user_data_size smaller than 2 bytes, the segmentation counter stored in the net_buf user_data area is written out of bounds in l2cap_chan_le_recv_seg (subsys/bluetooth/host/l2cap.c). The observed effects are an AddressSanitizer abort and, without ASan, heap corruption / fatal error."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject-rtos","product":"Zephyr","defaultStatus":"unaffected","packageName":"Zephyr","repo":"https://github.com/zephyrproject-rtos/zephyr","versions":[{"version":"1.14.0","lessThanOrEqual":"4.3.0","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T13:10:35.371642Z","id":"CVE-2026-5068","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionEndIncluding":"4.4.0","matchCriteriaId":"564F6A70-E4D2-48E8-8A18-1B0A22ECFD24"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-qrcq-hxwj-mqxm","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46315","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T09:16:30.330","lastModified":"2026-07-08T14:50:49.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/waitid: clear waitid info before copying it to userspace\n\nIORING_OP_WAITID stores its result fields in struct io_waitid::info and\nlater copies them to userspace siginfo. The prep path initializes the\nrequest arguments, but it does not initialize info itself.\n\nIf the wait operation completes without reporting a child event, the common\nwait code can return without writing wo_info. In that case io_waitid_finish()\nstill copies iw->info to userspace, exposing stale bytes from the reused\nio_kiocb command storage.\n\nClear the result storage during prep so the io_uring path matches the\nregular waitid syscall, which uses a zero-initialized struct waitid_info."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["io_uring/waitid.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f31ecf671ddc498f20219453395794ff2383e06b","lessThan":"954518e5a4a5efc5033253f6e36fc7b9f98363a3","versionType":"git","status":"affected"},{"version":"f31ecf671ddc498f20219453395794ff2383e06b","lessThan":"b737c6612c60c23b40a9f31749b99e6f61943847","versionType":"git","status":"affected"},{"version":"f31ecf671ddc498f20219453395794ff2383e06b","lessThan":"4d2a0de611ab60d02fc768ae0cd5918b16bd5474","versionType":"git","status":"affected"},{"version":"f31ecf671ddc498f20219453395794ff2383e06b","lessThan":"93d93f5f8da791e98159795c6ef683f45bd95d13","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["io_uring/waitid.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.7","status":"affected"},{"version":"0","lessThan":"6.7","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4d2a0de611ab60d02fc768ae0cd5918b16bd5474","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/93d93f5f8da791e98159795c6ef683f45bd95d13","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/954518e5a4a5efc5033253f6e36fc7b9f98363a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b737c6612c60c23b40a9f31749b99e6f61943847","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2025-10263","sourceIdentifier":"arm-security@arm.com","published":"2026-06-09T10:16:33.003","lastModified":"2026-07-08T13:16:24.490","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Arm C1-Ultra, C1-Premium, Neoverse V3 & V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 & X1C, Cortex-A710, Cortex-A78, A78AE & A78C, Cortex-A77, Cortex-A76 & A76A may allow writes to resources owned by a higher exception level."}],"affected":[{"source":"arm-security@arm.com","affectedData":[{"vendor":"Arm","product":"C1-Ultra","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"C1-Premium","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Neoverse V3","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Neoverse V3AE","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Neoverse V1","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Neoverse N2","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Neoverse N1","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X925","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X4","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X3","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X2","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X1","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-X1C","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A710","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A78","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A78AE","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A78C","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A77","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A76","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]},{"vendor":"Arm","product":"Cortex-A76AE","defaultStatus":"unaffected","versions":[{"version":"0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux NFV (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux RT (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux for NVIDIA 26","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_nvidia:"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.0,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T14:11:21.775441Z","id":"CVE-2025-10263","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"arm-security@arm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"references":[{"url":"https://developer.arm.com/documentation/112137","source":"arm-security@arm.com"},{"url":"http://www.openwall.com/lists/oss-security/2026/06/09/13","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://xenbits.xen.org/xsa/advisory-493.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://access.redhat.com/errata/RHSA-2026:34911","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36348","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36349","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2025-10263","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486958","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-10263.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-46317","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.000","lastModified":"2026-07-08T14:50:10.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Reassign nested_mmus array behind mmu_lock\n\nkvm->arch.nested_mmus[] is walked under kvm->mmu_lock, including from the\nMMU notifier path (kvm_unmap_gfn_range() -> kvm_nested_s2_unmap()), which\ncan run at any time. kvm_vcpu_init_nested() reallocates the array and frees\nthe old buffer while holding only kvm->arch.config_lock, so such a walker\ncan reference the freed array.\n\nAllocate the new array outside of mmu_lock, as the allocation can sleep.\nUnder the lock, copy the existing entries, fix up the back pointers and\nreassign the array. Free the old buffer after dropping the lock, as\nkvfree() can sleep as well."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["arch/arm64/kvm/nested.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4f128f8e1aaac189f83d0f828bcdb2986d8d2e51","lessThan":"918450ad6010df6ecd2efde12a1409e011da22d6","versionType":"git","status":"affected"},{"version":"4f128f8e1aaac189f83d0f828bcdb2986d8d2e51","lessThan":"4424dbcb06d68e34e51c019a5781a7dc00731971","versionType":"git","status":"affected"},{"version":"4f128f8e1aaac189f83d0f828bcdb2986d8d2e51","lessThan":"70543358fa08e0f7cebc3447c3b70fe97ad7aaa8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["arch/arm64/kvm/nested.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.11","status":"affected"},{"version":"0","lessThan":"6.11","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11","versionEndExcluding":"6.18.35","matchCriteriaId":"CB828803-5FA4-4A1C-A77D-0A10A2BAFDC6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4424dbcb06d68e34e51c019a5781a7dc00731971","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/70543358fa08e0f7cebc3447c3b70fe97ad7aaa8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/918450ad6010df6ecd2efde12a1409e011da22d6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46318","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.107","lastModified":"2026-07-08T14:49:56.833","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"mm/hugetlbfs: update hugetlbfs to use mmap_prepare\"\n\nThis reverts commit ea52cb24cd3f (\"mm/hugetlbfs: update hugetlbfs to use\nmmap_prepare\") with conflict resolution to account for changes in commit\nea52cb24cd3f (\"mm/hugetlbfs: update hugetlbfs to use mmap_prepare\").\n\nThe patch incorrectly handled hugetlb VMA lock allocation at the\nmmap_prepare stage, where a failed allocation occurring after mmap_prepare\nis called might result in the lock leaking.\n\nThere is no risk of a merge causing a similar issues, as\nVMA_DONTEXPAND_BIT is set for hugetlb mappings.\n\nAs a first step in addressing this issue, simply revert the change so we\ncan rework how we do this having corrected the underlying issues.\n\nWe maintain the VMA flags changes as best we can, accounting for the fact\nthat we were working with a VMA descriptor previously and propagating\nlike-for-like changes for this.\n\nNote that we invoke vma_set_flags() and do not call vma_start_write() as\nvm_flags_set() does.  This is OK as it's being done in an .mmap hook where\nthe VMA is not yet linked into the tree so nobody else can be accessing\nit."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/hugetlbfs/inode.c","include/linux/hugetlb.h","include/linux/hugetlb_inline.h","mm/hugetlb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ea52cb24cd3fb121283754ab82b2cb3044609359","lessThan":"3af5fc3f0ac98c624c109c8c0796fa46e814344c","versionType":"git","status":"affected"},{"version":"ea52cb24cd3fb121283754ab82b2cb3044609359","lessThan":"83f9efcce93f8574be2279090ee2aec58b86cda7","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/hugetlbfs/inode.c","include/linux/hugetlb.h","include/linux/hugetlb_inline.h","mm/hugetlb.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.19","status":"affected"},{"version":"0","lessThan":"6.19","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3af5fc3f0ac98c624c109c8c0796fa46e814344c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/83f9efcce93f8574be2279090ee2aec58b86cda7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46319","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.210","lastModified":"2026-07-08T21:32:40.063","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_ct: Only release RCU read lock after ct_ft\n\nWhen looking up a flow table in act_ct in tcf_ct_flow_table_get(),\nrhashtable_lookup_fast() internally opens and closes an RCU read critical\nsection before returning ct_ft.\nThe tcf_ct_flow_table_cleanup_work() can complete before refcount_inc_not_zero()\nis invoked on the returned ct_ft resulting in a UAF on the already freed ct_ft\nobject. This vulnerability can lead to privilege escalation.\n\nAnalysis from zdi-disclosures@trendmicro.com:\nWhen initializing act_ct, tcf_ct_init() is called, which internally triggers\ntcf_ct_flow_table_get().\n\nstatic int tcf_ct_flow_table_get(struct net *net, struct tcf_ct_params *params)\n\n{\n                struct zones_ht_key key = { .net = net, .zone = params->zone };\n                struct tcf_ct_flow_table *ct_ft;\n                int err = -ENOMEM;\n\n                mutex_lock(&zones_mutex);\n                ct_ft = rhashtable_lookup_fast(&zones_ht, &key, zones_params); // [1]\n                if (ct_ft && refcount_inc_not_zero(&ct_ft->ref)) // [2]\n                                goto out_unlock;\n                ...\n}\n\nstatic __always_inline void *rhashtable_lookup_fast(\n                struct rhashtable *ht, const void *key,\n                const struct rhashtable_params params)\n{\n                void *obj;\n\n                rcu_read_lock();\n                obj = rhashtable_lookup(ht, key, params);\n                rcu_read_unlock();\n\n                return obj;\n}\n\nAt [1], rhashtable_lookup_fast() looks up and returns the corresponding ct_ft\nfrom zones_ht . The lookup is performed within an RCU read critical section\nthrough rcu_read_lock() / rcu_read_unlock(), which prevents the object from\nbeing freed. However, at the point of function return, rcu_read_unlock() has\nalready been called, and there is nothing preventing ct_ft from being freed\nbefore reaching refcount_inc_not_zero(&ct_ft->ref) at [2]. This interval becomes\nthe race window, during which ct_ft can be freed.\n\nFree Process:\n\ntcf_ct_flow_table_put() is executed through the path tcf_ct_cleanup() call_rcu()\ntcf_ct_params_free_rcu() tcf_ct_params_free() tcf_ct_flow_table_put().\n\nstatic void tcf_ct_flow_table_put(struct tcf_ct_flow_table *ct_ft)\n{\n                if (refcount_dec_and_test(&ct_ft->ref)) {\n                                rhashtable_remove_fast(&zones_ht, &ct_ft->node, zones_params);\n                                INIT_RCU_WORK(&ct_ft->rwork, tcf_ct_flow_table_cleanup_work); // [3]\n                                queue_rcu_work(act_ct_wq, &ct_ft->rwork);\n                }\n}\n\nAt [3], tcf_ct_flow_table_cleanup_work() is scheduled as RCU work\n\nstatic void tcf_ct_flow_table_cleanup_work(struct work_struct *work)\n\n{\n                struct tcf_ct_flow_table *ct_ft;\n                struct flow_block *block;\n\n                ct_ft = container_of(to_rcu_work(work), struct tcf_ct_flow_table,\n                                                                rwork);\n                nf_flow_table_free(&ct_ft->nf_ft);\n                block = &ct_ft->nf_ft.flow_block;\n                down_write(&ct_ft->nf_ft.flow_block_lock);\n                WARN_ON(!list_empty(&block->cb_list));\n                up_write(&ct_ft->nf_ft.flow_block_lock);\n                kfree(ct_ft); // [4]\n\n                module_put(THIS_MODULE);\n}\n\ntcf_ct_flow_table_cleanup_work() frees ct_ft at [4]. When this function executes\nbetween [1] and [2], UAF occurs.\n\nThis race condition has a very short race window, making it generally\ndifficult to trigger. Therefore, to trigger the vulnerability an msleep(100) was\ninserted after[1]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/sched/act_ct.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"ece578ca61e572df96cfc80456357ebfae0b4b9e","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"a2e0c045c87aa252eb61412e67dd91f2c2b19f81","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"67c9ecc9f2575273ed1323e312881fc98ac83d6d","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"f23424a0ddadb494d4bd57056a7ca703312d3a7b","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"17dfb67cb399b660105d9a8c6100851c0d0cdc70","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"4c727c6967a41b37efe0f26332ca9ec5b74785a3","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"3e20e1b3058e0b94638e7b931c138e840e266724","versionType":"git","status":"affected"},{"version":"138470a9b2cc2e26e6018300394afc3858a54e6a","lessThan":"f462dca0c8415bf0058d0ffa476354c4476d0f09","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/sched/act_ct.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.7","versionEndExcluding":"5.10.258","matchCriteriaId":"33983DD1-6F5C-4A20-A9AF-24DABFA46B60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.141","matchCriteriaId":"97A9FFFA-22BB-4D5C-9790-5A2286E392F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/17dfb67cb399b660105d9a8c6100851c0d0cdc70","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3e20e1b3058e0b94638e7b931c138e840e266724","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4c727c6967a41b37efe0f26332ca9ec5b74785a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/67c9ecc9f2575273ed1323e312881fc98ac83d6d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a2e0c045c87aa252eb61412e67dd91f2c2b19f81","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ece578ca61e572df96cfc80456357ebfae0b4b9e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f23424a0ddadb494d4bd57056a7ca703312d3a7b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f462dca0c8415bf0058d0ffa476354c4476d0f09","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46320","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.373","lastModified":"2026-07-08T16:27:27.703","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntap: free page on error paths in tap_get_user_xdp()\n\ntap_get_user_xdp() rejects a frame shorter than ETH_HLEN with -EINVAL,\nand returns -ENOMEM when build_skb() fails. Both paths jump to the err\nlabel without freeing the page that vhost_net_build_xdp() allocated for\nthe frame. tap_sendmsg() discards the per-buffer return value and always\nreturns 0, so vhost_tx_batch() takes the success path and never frees\nthe page; each rejected frame in a batch leaks one page-frag chunk.\n\nFree the page on both error paths, before the skb is built. This is the\ntap counterpart of the same leak in tun_xdp_one()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/tap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"8d03e65eb6cfbffec471a6b65416f93679bf3286","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"f979971835dddbca86cf99e3b2e2b94a408a1ab2","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"3f52a86a482a69294c50a5a2a097bd6f4104990a","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"d30aac0fa00ca0afc3e08174cf7f974a66bdcf05","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"d68eab61944a9b0826fa2e954e42db1aa3201b7a","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"e27c17346628cb56843a83f93ac63c314c00f388","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"18a84c35842e19cd3c5534d8cee73d31863f696d","versionType":"git","status":"affected"},{"version":"0efac27791ee068075d80f07c55a229b1335ce12","lessThan":"3bcf7aec6a9d16438f2cec29f5d7c8d5b8edf9b2","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/tap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.10.259","matchCriteriaId":"E9DE7899-6954-4BE5-89B6-A96342AF8401"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/18a84c35842e19cd3c5534d8cee73d31863f696d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3bcf7aec6a9d16438f2cec29f5d7c8d5b8edf9b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3f52a86a482a69294c50a5a2a097bd6f4104990a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8d03e65eb6cfbffec471a6b65416f93679bf3286","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d30aac0fa00ca0afc3e08174cf7f974a66bdcf05","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d68eab61944a9b0826fa2e954e42db1aa3201b7a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e27c17346628cb56843a83f93ac63c314c00f388","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f979971835dddbca86cf99e3b2e2b94a408a1ab2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46321","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.473","lastModified":"2026-07-08T16:23:55.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntun: free page on short-frame rejection in tun_xdp_one()\n\ntun_xdp_one() returns -EINVAL on a frame shorter than ETH_HLEN without\nfreeing the page that vhost_net_build_xdp() allocated for it.\ntun_sendmsg() discards that -EINVAL and still returns total_len, so\nvhost_tx_batch() takes the success path and never frees the page; each\nshort frame in a batch leaks one page-frag chunk.\n\nA local process that can open /dev/net/tun and /dev/vhost-net can hit\nthis path: it attaches a tun/tap device as the vhost-net backend and\nfeeds TX descriptors whose length minus the virtio-net header is below\nETH_HLEN. Each kick leaks the page-frag chunks for that batch, and a\ntight submission loop exhausts host memory and triggers an OOM panic.\nFree the page before returning -EINVAL, matching the XDP-program error\npath in the same function."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6100e0237204890269e3f934acfc50d35fd6f319","lessThan":"0a6f46a9332ad6958992d64d3b3a81a80b2ca940","versionType":"git","status":"affected"},{"version":"589382f50b4a5d90d16d8bc9dcbc0e927a3e39b2","lessThan":"0e8211fcf9426f5adddf32516ba0f400ceb9544d","versionType":"git","status":"affected"},{"version":"ad6b3f622ccfb4bfedfa53b6ebd91c3d1d04f146","lessThan":"e915445942af6dcea628bf66d6241641201a0c41","versionType":"git","status":"affected"},{"version":"d5ad89b7d01ed4e66fd04734fc63d6e78536692a","lessThan":"5b34f9e4fe2f203724a6e893d6df0316b9670057","versionType":"git","status":"affected"},{"version":"049584807f1d797fc3078b68035450a9769eb5c3","lessThan":"69863ff2720a0e9871f1a5710f2a33a94217fee0","versionType":"git","status":"affected"},{"version":"049584807f1d797fc3078b68035450a9769eb5c3","lessThan":"37a1c268c2c8090bf4dc552d732bd23ba36f8eb0","versionType":"git","status":"affected"},{"version":"049584807f1d797fc3078b68035450a9769eb5c3","lessThan":"98c67be9eb9de72465a071949e84a3cdb8fab5a3","versionType":"git","status":"affected"},{"version":"049584807f1d797fc3078b68035450a9769eb5c3","lessThan":"f4feb1e20058e407cb00f45aff47f5b7e19a6bbf","versionType":"git","status":"affected"},{"version":"32b0aaba5dbc85816898167d9b5d45a22eae82e9","versionType":"git","status":"affected"},{"version":"a9d1c27e2ee3b0ea5d40c105d6e728fc114470bb","versionType":"git","status":"affected"},{"version":"8418f55302fa1d2eeb73e16e345167e545c598a5","versionType":"git","status":"affected"},{"version":"5.10.223","lessThan":"5.10.259","versionType":"semver","status":"affected"},{"version":"5.15.164","lessThan":"5.15.210","versionType":"semver","status":"affected"},{"version":"6.1.102","lessThan":"6.1.176","versionType":"semver","status":"affected"},{"version":"6.6.43","lessThan":"6.6.143","versionType":"semver","status":"affected"},{"version":"5.4.281","lessThan":"5.5","versionType":"semver","status":"affected"},{"version":"6.9.12","lessThan":"6.10","versionType":"semver","status":"affected"},{"version":"6.10.2","lessThan":"6.11","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.11","status":"affected"},{"version":"0","lessThan":"6.11","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":4.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.281","versionEndExcluding":"5.5","matchCriteriaId":"9247B8C6-D97A-4CCC-B960-AFD2F536EFC1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.223","versionEndExcluding":"5.10.259","matchCriteriaId":"F8D8E517-E90E-4A05-B563-DF7F717264E2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.164","versionEndExcluding":"5.15.210","matchCriteriaId":"4C7A70B4-6094-4392-99CE-5713E2A31596"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.102","versionEndExcluding":"6.1.176","matchCriteriaId":"650D4114-2C4E-4BF7-8AB9-4CC4104FEC16"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.43","versionEndExcluding":"6.6.143","matchCriteriaId":"5AF81631-4260-4438-AE5B-61C04CA0BAA0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9.12","versionEndExcluding":"6.10","matchCriteriaId":"1FA62583-78C1-42CE-900B-6D2B268EAED2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10.2","versionEndExcluding":"6.12.93","matchCriteriaId":"DAD5D9AB-C0E6-44DF-8475-306495552E60"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.35","matchCriteriaId":"0FCCB23A-7629-4386-93B6-B119237C4382"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0a6f46a9332ad6958992d64d3b3a81a80b2ca940","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0e8211fcf9426f5adddf32516ba0f400ceb9544d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/37a1c268c2c8090bf4dc552d732bd23ba36f8eb0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5b34f9e4fe2f203724a6e893d6df0316b9670057","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/69863ff2720a0e9871f1a5710f2a33a94217fee0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98c67be9eb9de72465a071949e84a3cdb8fab5a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e915445942af6dcea628bf66d6241641201a0c41","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f4feb1e20058e407cb00f45aff47f5b7e19a6bbf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46322","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.603","lastModified":"2026-07-08T16:07:40.787","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntun: free page on build_skb failure in tun_xdp_one()\n\nWhen build_skb() fails in tun_xdp_one(), the function sets ret to\n-ENOMEM and jumps to the out label, which returns without freeing the\npage that vhost_net_build_xdp() allocated for the frame. As with the\nshort-frame rejection path, tun_sendmsg() discards the per-buffer error\nand still returns total_len, so vhost_tx_batch() takes the success path\nand never frees the page. Each build_skb() failure in a batch leaks one\npage-frag chunk.\n\nFree the page before taking the error path, matching the put_page() the\nother error exits of tun_xdp_one() already perform."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"26fe549b5192536b6c1c68a2dfdc8c0dcf9fa4a9","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"793385c154771603b8671dd8338927221e9d8d78","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"2638a9c1521905bb5c5d1e95c8fbc09f79148ed7","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"60d9c0d6cdde5420d6483c921b16fe5465eb5238","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"d16e38fac09a47bfcf98c1ad65a1bb53f94540f5","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"aa308e9dbb9acb17cacdbbce9e4504f69bac8385","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"4fefc6156a162a9f50035c12091a5e5130c82c6e","versionType":"git","status":"affected"},{"version":"043d222f93ab8c76b56a3b315cd8692e35affb6c","lessThan":"aa8963fdce667a42fb7f0bdd2909fadcab02f9a8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.20","status":"affected"},{"version":"0","lessThan":"4.20","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":4.0}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.10.259","matchCriteriaId":"E9DE7899-6954-4BE5-89B6-A96342AF8401"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.93","matchCriteriaId":"1E73413E-0629-41AA-A4D3-5A3D10A0BD63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.35","matchCriteriaId":"0FCCB23A-7629-4386-93B6-B119237C4382"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2638a9c1521905bb5c5d1e95c8fbc09f79148ed7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/26fe549b5192536b6c1c68a2dfdc8c0dcf9fa4a9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4fefc6156a162a9f50035c12091a5e5130c82c6e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/60d9c0d6cdde5420d6483c921b16fe5465eb5238","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/793385c154771603b8671dd8338927221e9d8d78","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aa308e9dbb9acb17cacdbbce9e4504f69bac8385","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aa8963fdce667a42fb7f0bdd2909fadcab02f9a8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d16e38fac09a47bfcf98c1ad65a1bb53f94540f5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46323","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.753","lastModified":"2026-07-08T16:01:33.167","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gro: don't merge zcopy skbs\n\nskb_gro_receive() can currently copy frags between the source and GRO\nskb, without checking the zerocopy status, and in particular the\nSKBFL_MANAGED_FRAG_REFS flag.\n\nWhen SKBFL_MANAGED_FRAG_REFS is set, the skb doesn't hold a reference\non the pages in shinfo->frags. Appending those frags to another skb's\nfrags without fixing up the page refcount can lead to UAF.\n\nWhen either the last skb in the GRO chain (the one we would append\nfrags to) or the source skb is zerocopy, don't merge the skbs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/gro.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"3c6cc9f2ca65b6dd61b1af75452dc0e1cd0aad8d","versionType":"git","status":"affected"},{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"1f9c828556416fbe3f49386708ce999fc4d4da06","versionType":"git","status":"affected"},{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"479084ae0e1d9cb7929cb4298d35623de189f80a","versionType":"git","status":"affected"},{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"e334cbf3388fd9334503a778a82d9e9f14dd2f71","versionType":"git","status":"affected"},{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"44bea2032af0425e4ce6d26a8af0ede79db49ec1","versionType":"git","status":"affected"},{"version":"753f1ca4e1e50248a1b760c9774d6d6b354562cc","lessThan":"4db79a322db8c97f7b73b8a347395ef4d685eb40","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/gro.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.0","status":"affected"},{"version":"0","lessThan":"6.0","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:9.4::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time for NFV (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::nfv"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Real Time (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::realtime"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux for NVIDIA 26","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux_nvidia:"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-123"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.1.176","matchCriteriaId":"8D193E9E-2E9B-468E-B920-AD1EA1BA82C7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1f9c828556416fbe3f49386708ce999fc4d4da06","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3c6cc9f2ca65b6dd61b1af75452dc0e1cd0aad8d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/44bea2032af0425e4ce6d26a8af0ede79db49ec1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/479084ae0e1d9cb7929cb4298d35623de189f80a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4db79a322db8c97f7b73b8a347395ef4d685eb40","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e334cbf3388fd9334503a778a82d9e9f14dd2f71","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27708","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27731","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27735","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-46323","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2479832","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46323.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46324","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T13:16:37.893","lastModified":"2026-07-08T16:01:14.897","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: use list_del_rcu for netlink hooks\n\nnft_netdev_unregister_hooks and __nft_unregister_flowtable_net_hooks need\nto use list_del_rcu(), this list can be walked by concurrent dumpers.\n\nAdd a new helper and use it consistently."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/nf_tables_api.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f9a43007d3f7ba76d5e7f9421094f00f2ef202f8","lessThan":"0bd93ce4f3c35e845532184331d7917d7e562c80","versionType":"git","status":"affected"},{"version":"f9a43007d3f7ba76d5e7f9421094f00f2ef202f8","lessThan":"0f33e8ad6ac563ae2233dd7f75884e0ee010521d","versionType":"git","status":"affected"},{"version":"f9a43007d3f7ba76d5e7f9421094f00f2ef202f8","lessThan":"f3224ee463f8f6f6ced7dcdf6081add4f8128527","versionType":"git","status":"affected"},{"version":"c73955a09408e7374d9abfd0e78ce3de9cda0635","versionType":"git","status":"affected"},{"version":"b09e6ccf0d12f9356e8e3508d3e3dce126298538","versionType":"git","status":"affected"},{"version":"3fac8ce48fa9fd61ee9056d3ed48b2edefca8b82","versionType":"git","status":"affected"},{"version":"9c413a8c8bb49cc16796371805ecb260e885bb2b","versionType":"git","status":"affected"},{"version":"a3940dcf552f2393d1e8f263b386593f98abe829","versionType":"git","status":"affected"},{"version":"86c0154f4c3a56c5db8b9dd09e3ce885382c2c19","versionType":"git","status":"affected"},{"version":"4.19.316","lessThan":"4.20","versionType":"semver","status":"affected"},{"version":"5.4.262","lessThan":"5.5","versionType":"semver","status":"affected"},{"version":"5.10.198","lessThan":"5.11","versionType":"semver","status":"affected"},{"version":"5.15.45","lessThan":"5.16","versionType":"semver","status":"affected"},{"version":"5.17.13","lessThan":"5.18","versionType":"semver","status":"affected"},{"version":"5.18.2","lessThan":"5.19","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/nf_tables_api.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.19","status":"affected"},{"version":"0","lessThan":"5.19","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.316","versionEndExcluding":"4.20","matchCriteriaId":"76EC9BF9-9775-4D90-B594-4C2AB71E1F86"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.262","versionEndExcluding":"5.5","matchCriteriaId":"5CE7F771-8144-4AEC-B6E3-5F4830BD8EB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.198","versionEndExcluding":"5.11","matchCriteriaId":"A20D6F0B-10EA-4D52-B766-E4BFA489BA15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.45","versionEndExcluding":"5.16","matchCriteriaId":"32E6E5DC-4DF1-444A-A2F8-9AB9B8BBA04C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17.13","versionEndExcluding":"5.18","matchCriteriaId":"91C8C459-1749-4BA8-B57B-E19335243827"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18.2","versionEndExcluding":"6.18.33","matchCriteriaId":"A5B87DBD-FE39-4120-A231-D0EB92914643"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0bd93ce4f3c35e845532184331d7917d7e562c80","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0f33e8ad6ac563ae2233dd7f75884e0ee010521d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f3224ee463f8f6f6ced7dcdf6081add4f8128527","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46325","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.177","lastModified":"2026-07-08T15:54:35.213","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE\n\nThe current implementation incorrectly handles memory regions (MRs) with\npage sizes different from the system PAGE_SIZE. The core issue is that\nrxe_set_page() is called with mr->page_size step increments, but the\npage_list stores individual struct page pointers, each representing\nPAGE_SIZE of memory.\n\nib_sg_to_page() has ensured that when i>=1 either\na) SG[i-1].dma_end and SG[i].dma_addr are contiguous\nor\nb) SG[i-1].dma_end and SG[i].dma_addr are mr->page_size aligned.\n\nThis leads to incorrect iova-to-va conversion in scenarios:\n\n1) page_size < PAGE_SIZE (e.g., MR: 4K, system: 64K):\n   ibmr->iova = 0x181800\n   sg[0]: dma_addr=0x181800, len=0x800\n   sg[1]: dma_addr=0x173000, len=0x1000\n\n   Access iova = 0x181800 + 0x810 = 0x182010\n   Expected VA: 0x173010 (second SG, offset 0x10)\n   Before fix:\n     - index = (0x182010 >> 12) - (0x181800 >> 12) = 1\n     - page_offset = 0x182010 & 0xFFF = 0x10\n     - xarray[1] stores system page base 0x170000\n     - Resulting VA: 0x170000 + 0x10 = 0x170010 (wrong)\n\n2) page_size > PAGE_SIZE (e.g., MR: 64K, system: 4K):\n   ibmr->iova = 0x18f800\n   sg[0]: dma_addr=0x18f800, len=0x800\n   sg[1]: dma_addr=0x170000, len=0x1000\n\n   Access iova = 0x18f800 + 0x810 = 0x190010\n   Expected VA: 0x170010 (second SG, offset 0x10)\n   Before fix:\n     - index = (0x190010 >> 16) - (0x18f800 >> 16) = 1\n     - page_offset = 0x190010 & 0xFFFF = 0x10\n     - xarray[1] stores system page for dma_addr 0x170000\n     - Resulting VA: system page of 0x170000 + 0x10 = 0x170010 (wrong)\n\nYi Zhang reported a kernel panic[1] years ago related to this defect.\n\nSolution:\n1. Replace xarray with pre-allocated rxe_mr_page array for sequential\n   indexing (all MR page indices are contiguous)\n2. Each rxe_mr_page stores both struct page* and offset within the\n   system page\n3. Handle MR page_size != PAGE_SIZE relationships:\n   - page_size > PAGE_SIZE: Split MR pages into multiple system pages\n   - page_size <= PAGE_SIZE: Store offset within system page\n4. Add boundary checks and compatibility validation\n\nThis ensures correct iova-to-va conversion regardless of MR page size\nand system PAGE_SIZE relationship, while improving performance through\narray-based sequential access.\n\nTests on 4K and 64K PAGE_SIZE hosts:\n- rdma-core/pytests\n  $ ./build/bin/run_tests.py  --dev eth0_rxe\n- blktest:\n  $ TIMEOUT=30 QUICK_RUN=1 USE_RXE=1 NVMET_TRTYPES=rdma ./check nvme srp rnbd\n\n[1] https://lore.kernel.org/all/CAHj4cs9XRqE25jyVw9rj9YugffLn5+f=1znaBEnu1usLOciD+g@mail.gmail.com/T/"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/infiniband/sw/rxe/rxe_mr.c","drivers/infiniband/sw/rxe/rxe_verbs.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"592627ccbdff0ec6fff00fc761142a76db750dd4","lessThan":"409c2c5508f3d30627bea576f8676de523cb906e","versionType":"git","status":"affected"},{"version":"592627ccbdff0ec6fff00fc761142a76db750dd4","lessThan":"836f6c13c9674027793f720be3f15ecd2b90b6ca","versionType":"git","status":"affected"},{"version":"592627ccbdff0ec6fff00fc761142a76db750dd4","lessThan":"12985e5915a0b8354796efadaaeb201eed115377","versionType":"git","status":"affected"},{"version":"0e443760b8b7b1e6723f4408afa056b2bc4fea12","versionType":"git","status":"affected"},{"version":"6.2.3","lessThan":"6.3","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/infiniband/sw/rxe/rxe_mr.c","drivers/infiniband/sw/rxe/rxe_verbs.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.3","status":"affected"},{"version":"0","lessThan":"6.3","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2.3","versionEndExcluding":"6.18.14","matchCriteriaId":"372F28D4-9F28-4024-B964-DE55031C23BD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/12985e5915a0b8354796efadaaeb201eed115377","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/409c2c5508f3d30627bea576f8676de523cb906e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/836f6c13c9674027793f720be3f15ecd2b90b6ca","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46326","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.300","lastModified":"2026-07-08T15:53:41.217","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\niio: pressure: mprls0025pa: fix spi_transfer struct initialisation\n\nMake sure that the spi_transfer struct is zeroed out before use."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/iio/pressure/mprls0025pa_spi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a0858f0cd28e822b91376ae288d5548bc1847531","lessThan":"72158f9ae29a9e56d0f9704ce461a866feaf9925","versionType":"git","status":"affected"},{"version":"a0858f0cd28e822b91376ae288d5548bc1847531","lessThan":"664ffdf34c01810085e4d85508b361c3fdd2ab40","versionType":"git","status":"affected"},{"version":"a0858f0cd28e822b91376ae288d5548bc1847531","lessThan":"9080c7ac30f5f8f8fcb7b27b56df60fea7909c21","versionType":"git","status":"affected"},{"version":"a0858f0cd28e822b91376ae288d5548bc1847531","lessThan":"1e0ac56c92e26115cbc8cfc639843725cb3a7d6a","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/iio/pressure/mprls0025pa_spi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.9","status":"affected"},{"version":"0","lessThan":"6.9","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.9","versionEndExcluding":"6.12.75","matchCriteriaId":"F8A1C6F6-2847-4C53-ABFC-8F07D96900D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.14","matchCriteriaId":"BF463CB7-1F58-4607-B847-77ED23E4B9B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1e0ac56c92e26115cbc8cfc639843725cb3a7d6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/664ffdf34c01810085e4d85508b361c3fdd2ab40","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/72158f9ae29a9e56d0f9704ce461a866feaf9925","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9080c7ac30f5f8f8fcb7b27b56df60fea7909c21","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46327","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.400","lastModified":"2026-07-08T20:02:54.877","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndm: fix unlocked test for dm_suspended_md\n\nThe function dm_blk_report_zones tests if the device is suspended with\nthe \"dm_suspended_md\" call. However, this function is called without\nholding any locks, so the device may be suspended just after it.\n\nMove the call to dm_suspended_md after dm_get_live_table, so that the\ndevice can't be suspended after the suspended state was tested."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/md/dm-zone.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f9c1bdf24615303d48a2d0fd629c88f3189563aa","lessThan":"175ac0a6115400278d3900f5a04a58b17b3f6cd0","versionType":"git","status":"affected"},{"version":"37f53a2c60d03743e0eacf7a0c01c279776fef4e","lessThan":"7a3385e97af2b6f485fef11e82d8c29adee4be93","versionType":"git","status":"affected"},{"version":"37f53a2c60d03743e0eacf7a0c01c279776fef4e","lessThan":"d809a36692ee1394cac85ce6ba7cf8ea58da5812","versionType":"git","status":"affected"},{"version":"37f53a2c60d03743e0eacf7a0c01c279776fef4e","lessThan":"24c405fdbe215c45e57bba672cc42859038491ee","versionType":"git","status":"affected"},{"version":"d19bc1b4dd5f322980b1f05f79b2ea4f0db10920","versionType":"git","status":"affected"},{"version":"6.12.34","lessThan":"6.12.75","versionType":"semver","status":"affected"},{"version":"6.15.3","lessThan":"6.16","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/md/dm-zone.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.16","status":"affected"},{"version":"0","lessThan":"6.16","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.34","versionEndExcluding":"6.12.75","matchCriteriaId":"A8DAA245-0057-42FC-8AC1-567AF3D93866"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15.3","versionEndExcluding":"6.18.14","matchCriteriaId":"BBB52BEE-CB23-4AC5-9EB1-563B3501A7DA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/175ac0a6115400278d3900f5a04a58b17b3f6cd0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/24c405fdbe215c45e57bba672cc42859038491ee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7a3385e97af2b6f485fef11e82d8c29adee4be93","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d809a36692ee1394cac85ce6ba7cf8ea58da5812","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46328","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.500","lastModified":"2026-07-08T16:16:52.980","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix rlimit for posix cpu timers\n\nPosix cpu timers requires an additional step beyond setting the rlimit.\nRefactor the code so its clear when what code is setting the\nlimit and conditionally update the posix cpu timers when appropriate."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["security/apparmor/resource.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"e1cc11550b2f66687a374536c9dfdddcefca0efe","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"2232d7cd243833ad750cae656d1817fe43744a09","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"28aa93fcfb33b6d580c5df4ae8b6d13fb0e6fcd3","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"1f736dfe27c857b78f8461cd7c3dd9640be74b37","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"e43818b16815c0c2bf933ef28316f8e704e5e0ef","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"9bf1fa150775b0c6b794e4b6a2c0395e13777999","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"57d51d41b90eface809b72e0e009b50546492f1f","versionType":"git","status":"affected"},{"version":"baa73d9e478ff32d62f3f9422822b59dd9a95a21","lessThan":"6ca56813f4a589f536adceb42882855d91fb1125","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["security/apparmor/resource.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.10","status":"affected"},{"version":"0","lessThan":"4.10","versionType":"semver","status":"unaffected"},{"version":"5.10.252","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.202","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.165","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.128","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":4.7}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.10.252","matchCriteriaId":"6237C80F-2950-41ED-A424-2872192E5F12"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.202","matchCriteriaId":"4002FC2B-1456-4666-B240-0EBF590C4671"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.165","matchCriteriaId":"797C7F46-D0BE-4FB8-A502-C5EF8E6B6654"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.128","matchCriteriaId":"851E9353-6C09-4CC9-877E-E09DB164A3C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.75","matchCriteriaId":"BCE16369-98ED-41CF-8995-DFDC10B288D2"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.14","matchCriteriaId":"BF463CB7-1F58-4607-B847-77ED23E4B9B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1f736dfe27c857b78f8461cd7c3dd9640be74b37","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2232d7cd243833ad750cae656d1817fe43744a09","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/28aa93fcfb33b6d580c5df4ae8b6d13fb0e6fcd3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/57d51d41b90eface809b72e0e009b50546492f1f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6ca56813f4a589f536adceb42882855d91fb1125","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9bf1fa150775b0c6b794e4b6a2c0395e13777999","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e1cc11550b2f66687a374536c9dfdddcefca0efe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e43818b16815c0c2bf933ef28316f8e704e5e0ef","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46329","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.620","lastModified":"2026-07-08T16:15:40.520","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nerofs: handle end of filesystem properly for file-backed mounts\n\nI/O requests beyond the end of the filesystem should be zeroed out,\nsimilar to loopback devices and that is what we expect."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/erofs/fileio.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ce63cb62d794c98c7631c2296fa845f2a8d0a4a1","lessThan":"8d582d65d20bb4796db01b19e86909ad68cb337b","versionType":"git","status":"affected"},{"version":"ce63cb62d794c98c7631c2296fa845f2a8d0a4a1","lessThan":"e49abde0ffc382a967b24f326d1614ac3bb06a94","versionType":"git","status":"affected"},{"version":"ce63cb62d794c98c7631c2296fa845f2a8d0a4a1","lessThan":"fe4039034dcdf584afbf763787909e28e92a4927","versionType":"git","status":"affected"},{"version":"ce63cb62d794c98c7631c2296fa845f2a8d0a4a1","lessThan":"bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/erofs/fileio.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.75","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.14","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.75","matchCriteriaId":"91F4DDF8-DCB5-433F-9A96-EB7DD49CF8DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.14","matchCriteriaId":"BF463CB7-1F58-4607-B847-77ED23E4B9B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.4","matchCriteriaId":"672A3E79-EC03-479D-8503-361DFBDC8092"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8d582d65d20bb4796db01b19e86909ad68cb337b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bc804a8d7e865ef47fb7edcaf5e77d18bf444ebc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e49abde0ffc382a967b24f326d1614ac3bb06a94","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fe4039034dcdf584afbf763787909e28e92a4927","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46330","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.723","lastModified":"2026-07-08T21:35:31.607","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/smc: Introduce TCP ULP support\"\n\nThis reverts commit d7cd421da9da2cc7b4d25b8537f66db5c8331c40.\n\nAs reported by Al Viro, the TCP ULP support for SMC is fundamentally\nbroken. The implementation attempts to convert an active TCP socket\ninto an SMC socket by modifying the underlying `struct file`, dentry,\nand inode in-place, which violates core VFS invariants that assume\nthese structures are immutable for an open file, creating a risk of\nuse after free errors and general system instability.\n\nGiven the severity of this design flaw and the fact that cleaner\nalternatives (e.g., LD_PRELOAD, BPF) exist for legacy application\ntransparency, the correct course of action is to remove this feature\nentirely."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/smc/af_smc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d7cd421da9da2cc7b4d25b8537f66db5c8331c40","lessThan":"6c505d95c69e27dbf28fea29dc84d2498d69515c","versionType":"git","status":"affected"},{"version":"d7cd421da9da2cc7b4d25b8537f66db5c8331c40","lessThan":"df31a6b0a3057e66994ad6ccf5d95b9b9514f033","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/smc/af_smc.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.17","status":"affected"},{"version":"0","lessThan":"5.17","versionType":"semver","status":"unaffected"},{"version":"6.19.4","lessThanOrEqual":"6.19.*","versionType":"semver","status":"unaffected"},{"version":"7.0","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.17","versionEndExcluding":"6.19.4","matchCriteriaId":"7364BC6F-BA7F-41F3-98E5-584998F67723"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6c505d95c69e27dbf28fea29dc84d2498d69515c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/df31a6b0a3057e66994ad6ccf5d95b9b9514f033","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-46332","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:42.817","lastModified":"2026-07-08T21:40:40.133","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ngreybus: gb-beagleplay: bound bootloader receive buffering\n\ncc1352_bootloader_rx() appends each serdev chunk into the fixed\nrx_buffer before parsing bootloader packets. The helper can keep\nleftover bytes between callbacks and may receive multiple packets in one\ncallback, so a single count value is not constrained by one packet\nlength.\n\nCheck that the incoming chunk fits in the remaining receive buffer space\nbefore memcpy(). If it does not, drop the staged data and consume the\nbytes instead of overflowing rx_buffer."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/greybus/gb-beagleplay.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"0cf7befa3ea2e7284d8ba5b8f45a546865b09edb","lessThan":"663c2728a6d0f781044431111b53a27f71027e48","versionType":"git","status":"affected"},{"version":"0cf7befa3ea2e7284d8ba5b8f45a546865b09edb","lessThan":"fb91d4e49fcbea0b5091394ac5b8f7d4124265c3","versionType":"git","status":"affected"},{"version":"0cf7befa3ea2e7284d8ba5b8f45a546865b09edb","lessThan":"0339a746ff7cd3f9d10f565e89c99dc93191e58d","versionType":"git","status":"affected"},{"version":"0cf7befa3ea2e7284d8ba5b8f45a546865b09edb","lessThan":"1214bf28965ceaf584fb20d357731264dd2e10e1","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/greybus/gb-beagleplay.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.86","matchCriteriaId":"A868CB0E-7563-461B-9681-F1CE80B353EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0339a746ff7cd3f9d10f565e89c99dc93191e58d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1214bf28965ceaf584fb20d357731264dd2e10e1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/663c2728a6d0f781044431111b53a27f71027e48","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fb91d4e49fcbea0b5091394ac5b8f7d4124265c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52904","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:44.830","lastModified":"2026-07-08T21:41:18.277","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix nvkm_device leak on aperture removal failure\n\nWhen aperture_remove_conflicting_pci_devices() fails during probe, the\nerror path returns directly without unwinding the nvkm_device that was\njust allocated by nvkm_device_pci_new(). This leaks both the device\nwrapper and the pci_enable_device() reference taken inside it.\n\nJump to the existing fail_nvkm label so nvkm_device_del() runs and\nbalances both. The leak was introduced when the intermediate\nnvkm_device_del() between detection and aperture removal was dropped\nin favor of creating the pci device once."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/nouveau/nouveau_drm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c0bfe34330b5fafdbbc63a7124841711651b96b9","lessThan":"5edd564ccb002ffc830e7818c1c4a992db774678","versionType":"git","status":"affected"},{"version":"c0bfe34330b5fafdbbc63a7124841711651b96b9","lessThan":"4404d7d2dda4f3cc84a8fb6ac5417a2afc3b22d6","versionType":"git","status":"affected"},{"version":"c0bfe34330b5fafdbbc63a7124841711651b96b9","lessThan":"843c0247cf21364e33bb5a8ffc9af57107d04d05","versionType":"git","status":"affected"},{"version":"c0bfe34330b5fafdbbc63a7124841711651b96b9","lessThan":"6597ff1d8de3f583be169587efeafd8af134e138","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/nouveau/nouveau_drm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.86","matchCriteriaId":"A868CB0E-7563-461B-9681-F1CE80B353EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4404d7d2dda4f3cc84a8fb6ac5417a2afc3b22d6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5edd564ccb002ffc830e7818c1c4a992db774678","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6597ff1d8de3f583be169587efeafd8af134e138","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/843c0247cf21364e33bb5a8ffc9af57107d04d05","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52905","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:44.950","lastModified":"2026-07-08T21:43:12.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: disallow non-power of two min_region_sz on damon_start()\n\nCommit d8f867fa0825 (\"mm/damon: add damon_ctx->min_sz_region\") introduced\na bug that allows unaligned DAMON region address ranges.  Commit\nc80f46ac228b (\"mm/damon/core: disallow non-power of two min_region_sz\")\nfixed it, but only for damon_commit_ctx() use case.  Still, DAMON sysfs\ninterface can emit non-power of two min_region_sz via damon_start().  Fix\nthe path by adding the is_power_of_2() check on damon_start().\n\nThe issue was discovered by sashiko [1]."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["mm/damon/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d8f867fa0825fb3e358457566d7326d8aab2406a","lessThan":"1de2db19a6028abe7d905875922faef5b873de67","versionType":"git","status":"affected"},{"version":"d8f867fa0825fb3e358457566d7326d8aab2406a","lessThan":"89b6226b6c2a4add3939f361653a47c212d6ab75","versionType":"git","status":"affected"},{"version":"d8f867fa0825fb3e358457566d7326d8aab2406a","lessThan":"95093e5cb4c5b50a5b1a4b79f2942b62744bd66a","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["mm/damon/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18","status":"affected"},{"version":"0","lessThan":"6.18","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.30","matchCriteriaId":"9EB9FADE-E22F-41C2-9790-4F5564D59E62"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1de2db19a6028abe7d905875922faef5b873de67","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/89b6226b6c2a4add3939f361653a47c212d6ab75","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/95093e5cb4c5b50a5b1a4b79f2942b62744bd66a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52906","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:45.047","lastModified":"2026-07-08T21:44:36.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\n9p: fix access mode flags being ORed instead of replaced\n\nSince commit 1f3e4142c0eb (\"9p: convert to the new mount API\"),\nv9fs_apply_options() applies parsed mount flags with |= onto flags\nalready set by v9fs_session_init(). For 9P2000.L, session_init sets\nV9FS_ACCESS_CLIENT as the default, so when the user mounts with\n\"access=user\", both bits end up set. Access mode checks compare\nagainst exact values, so having both bits set matches neither mode.\n\nThis causes v9fs_fid_lookup() to fall through to the default switch\ncase, using INVALID_UID (nobody/65534) instead of current_fsuid()\nfor all fid lookups. Root is then unable to chown or perform other\nprivileged operations.\n\nFix by clearing the access mask before applying the user's choice."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/9p/v9fs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1f3e4142c0eb178089ea0cbc97506a061470ad27","lessThan":"b8f037e87a083291190204b959cda417aaf01058","versionType":"git","status":"affected"},{"version":"1f3e4142c0eb178089ea0cbc97506a061470ad27","lessThan":"da2346a48a5a1fed86c3fe3d73c0b60e7b3027c9","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/9p/v9fs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.19","status":"affected"},{"version":"0","lessThan":"6.19","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.5,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b8f037e87a083291190204b959cda417aaf01058","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/da2346a48a5a1fed86c3fe3d73c0b60e7b3027c9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52907","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-09T14:16:45.147","lastModified":"2026-07-08T20:35:59.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rockchip: rkcif: fix off by one bugs\n\nChange these comparisons from > vs >= to avoid accessing one element\nbeyond the end of the arrays.\nWhile at it, use ARRAY_SIZE instead of the _MAX enum values.\n\n[fix cosmetic issues]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/media/platform/rockchip/rkcif/rkcif-capture-mipi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1f2353f5a1af995efbf7bea44341aa0d03460b28","lessThan":"73e119036b3a799170ed89907b4273c07306d611","versionType":"git","status":"affected"},{"version":"1f2353f5a1af995efbf7bea44341aa0d03460b28","lessThan":"e4056b84af0fc18c84b4e5741df04ecd8ca17973","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/media/platform/rockchip/rkcif/rkcif-capture-mipi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.19","status":"affected"},{"version":"0","lessThan":"6.19","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-193"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/73e119036b3a799170ed89907b4273c07306d611","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e4056b84af0fc18c84b4e5741df04ecd8ca17973","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-33113","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:04.120","lastModified":"2026-07-09T00:17:04.670","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:09:59.255590Z","id":"CVE-2026-33113","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33113","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42837","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:09.453","lastModified":"2026-07-09T00:17:06.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Windows Projected File System Filter Driver allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:49.288645Z","id":"CVE-2026-42837","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42837","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42907","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:10.450","lastModified":"2026-07-09T00:17:07.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:22:55.721083Z","id":"CVE-2026-42907","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42907","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42909","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:10.773","lastModified":"2026-07-09T00:17:07.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Remote Desktop client for Windows Desktop","versions":[{"version":"1.2.0.0","lessThan":"1.2.7214.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows App Client for Windows Desktop","versions":[{"version":"1.00","lessThan":"2.0.1193.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:17.187304Z","id":"CVE-2026-42909","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"1.2.7214","matchCriteriaId":"A0FB39F5-3DF4-4EB0-B095-41DEB29C7A06"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*","versionEndExcluding":"2.0.1193.0","matchCriteriaId":"1E45C1A8-0420-4618-B0B7-47BF62308231"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42909","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42913","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:11.447","lastModified":"2026-07-09T00:17:07.957","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Remote Desktop client for Windows Desktop","versions":[{"version":"1.2.0.0","lessThan":"1.2.7214.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:16.023134Z","id":"CVE-2026-42913","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"1.2.7214","matchCriteriaId":"A0FB39F5-3DF4-4EB0-B095-41DEB29C7A06"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:-:*:x64:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"CFA40C1D-0857-4B9A-92CB-5666E35062F2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42913","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42914","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:11.593","lastModified":"2026-07-09T00:17:08.090","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Windows Kerberos allows an authorized attacker to deny service over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:28:04.650122Z","id":"CVE-2026-42914","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42914","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42916","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:11.923","lastModified":"2026-07-09T00:17:08.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Windows NT OS Kernel allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:55.054700Z","id":"CVE-2026-42916","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42916","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42970","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:12.463","lastModified":"2026-07-09T00:17:08.737","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:44:54.041256Z","id":"CVE-2026-42970","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42970","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42971","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:12.650","lastModified":"2026-07-09T00:17:08.920","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:15:49.713425Z","id":"CVE-2026-42971","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42971","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42973","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:13.013","lastModified":"2026-07-09T00:17:09.200","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:38:37.873407Z","id":"CVE-2026-42973","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42973","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42974","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:13.180","lastModified":"2026-07-09T00:17:09.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:24:26.852566Z","id":"CVE-2026-42974","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42974","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-42985","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:14.500","lastModified":"2026-07-09T00:17:10.100","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Remote Desktop client for Windows Desktop","versions":[{"version":"1.2.0.0","lessThan":"1.2.7214.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows App Client for Windows Desktop","versions":[{"version":"1.00","lessThan":"2.0.1193.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:07.198415Z","id":"CVE-2026-42985","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"1.2.7214","matchCriteriaId":"A0FB39F5-3DF4-4EB0-B095-41DEB29C7A06"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*","versionEndExcluding":"2.0.1193.0","matchCriteriaId":"1E45C1A8-0420-4618-B0B7-47BF62308231"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-42985","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44801","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:15.827","lastModified":"2026-07-09T00:17:10.967","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Remote Desktop client for Windows Desktop","versions":[{"version":"1.2.0.0","lessThan":"1.2.7214.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows App Client for Windows Desktop","versions":[{"version":"1.00","lessThan":"2.0.1193.0","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-44801","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:remote_desktop_client:*:*:*:*:*:windows:*:*","versionEndExcluding":"1.2.7214","matchCriteriaId":"A0FB39F5-3DF4-4EB0-B095-41DEB29C7A06"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:windows_app:*:*:*:*:*:windows:*:*","versionEndExcluding":"2.0.1193.0","matchCriteriaId":"1E45C1A8-0420-4618-B0B7-47BF62308231"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44801","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44808","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:16.753","lastModified":"2026-07-09T00:17:11.520","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:23.121389Z","id":"CVE-2026-44808","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"},{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44808","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44811","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:17.147","lastModified":"2026-07-09T00:17:11.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-44811","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44811","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44817","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:17.890","lastModified":"2026-07-09T00:17:12.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:53.415137Z","id":"CVE-2026-44817","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44817","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44818","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.040","lastModified":"2026-07-09T00:17:12.417","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Office Excel allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:54.559554Z","id":"CVE-2026-44818","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44818","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44820","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.313","lastModified":"2026-07-09T00:17:12.657","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:55.863750Z","id":"CVE-2026-44820","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44820","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44823","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:18.720","lastModified":"2026-07-09T00:17:12.947","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Numeric truncation error in Microsoft Office Excel allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:51.184068Z","id":"CVE-2026-44823","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-197"},{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-44823","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45447","sourceIdentifier":"openssl-security@openssl.org","published":"2026-06-09T17:17:19.277","lastModified":"2026-07-08T13:16:47.377","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Issue summary: A specially crafted PKCS#7 or S/MIME signed message could\ntrigger a use-after-free during PKCS#7 signature verification.\n\nImpact summary: A use-after-free may result in process crashes, heap\ncorruption, or potentially remote code execution.\n\nWhen processing a PKCS#7 or S/MIME signed message, if the SignedData\ndigestAlgorithms field is present as an empty ASN.1 SET, OpenSSL may\nincorrectly free a caller-owned BIO during PKCS7_verify(). A subsequent\nuse of the BIO by the calling application results in a use-after-free\ncondition.\n\nIn the common case this occurs when the application later calls\nBIO_free() on the BIO originally passed to PKCS7_verify(). Depending\non allocator behavior and application-specific BIO usage patterns, this\nmay result in a crash or other memory corruption. In some application\ncontexts this may potentially be exploitable for remote code execution.\n\nApplications that process PKCS#7 or S/MIME signed messages using OpenSSL\nPKCS#7 APIs may be affected. Applications using the CMS APIs for this\nprocessing are not affected.\n\nThe FIPS modules in 4.0, 3.6, 3.5, 3.4, and 3.0 are not affected by this\nissue, as the affected code is outside the OpenSSL FIPS module boundary."}],"affected":[{"source":"openssl-security@openssl.org","affectedData":[{"vendor":"OpenSSL","product":"OpenSSL","defaultStatus":"unaffected","versions":[{"version":"4.0.0","lessThan":"4.0.1","versionType":"semver","status":"affected"},{"version":"3.6.0","lessThan":"3.6.3","versionType":"semver","status":"affected"},{"version":"3.5.0","lessThan":"3.5.7","versionType":"semver","status":"affected"},{"version":"3.4.0","lessThan":"3.4.6","versionType":"semver","status":"affected"},{"version":"3.0.0","lessThan":"3.0.21","versionType":"semver","status":"affected"},{"version":"1.1.1","lessThan":"1.1.1zh","versionType":"custom","status":"affected"},{"version":"1.0.2","lessThan":"1.0.2zq","versionType":"custom","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_eus_long_life:8.6::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux BaseOS (v. 9)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Insights proxy 1.5","defaultStatus":"affected","cpes":["cpe:/a:redhat:insights_proxy:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Update Infrastructure 5","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhui:5::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:59:38.212378Z","id":"CVE-2026-45447","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"openssl-security@openssl.org","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-825"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.2","versionEndExcluding":"1.0.2zq","matchCriteriaId":"F534B804-67B6-49DA-8A86-0FF21E512908"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"1.1.1","versionEndExcluding":"1.1.1zh","matchCriteriaId":"43EFE1E3-4049-4EE6-A2AE-BDBA38E6870F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.21","matchCriteriaId":"EDB88756-EDFE-4886-A267-3F19342A6042"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndExcluding":"3.4.6","matchCriteriaId":"BF7E21E7-AEC0-4882-B1F1-2D056B506F22"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndExcluding":"3.5.7","matchCriteriaId":"6B6B9930-C549-4D88-9784-AF32CCDDB87A"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","versionStartIncluding":"3.6.0","versionEndExcluding":"3.6.3","matchCriteriaId":"D41B3C45-EC73-4DC8-989D-B2E2792E102F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openssl:openssl:4.0.0:-:*:*:*:*:*:*","matchCriteriaId":"6E881B9A-1A0A-4BC0-8160-20C00561167D"}]}]}],"references":[{"url":"https://github.com/openssl/openssl/commit/3aad5eb7af4de4ee0633c30a8541a54d9bbde63c","source":"openssl-security@openssl.org","tags":["Patch"]},{"url":"https://github.com/openssl/openssl/commit/7d4a980c62258c5910cc883936e0c8dbab4d75a8","source":"openssl-security@openssl.org","tags":["Patch"]},{"url":"https://github.com/openssl/openssl/commit/9dfd688ad2290fc5075cacbc9bf0c9a93eefed54","source":"openssl-security@openssl.org","tags":["Patch"]},{"url":"https://github.com/openssl/openssl/commit/a541ae8bfe849a30cc885e8780715c0f488e496c","source":"openssl-security@openssl.org","tags":["Patch"]},{"url":"https://github.com/openssl/openssl/commit/c505d7559da5d5f9f2c3913c6883a5562ce7273e","source":"openssl-security@openssl.org","tags":["Patch"]},{"url":"https://openssl-library.org/news/secadv/20260609.txt","source":"openssl-security@openssl.org","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:25237","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:25239","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26275","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26319","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:29197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34102","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35869","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36215","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36217","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-45447","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2481898","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-45447.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-45453","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:19.407","lastModified":"2026-07-09T00:17:13.173","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T20:04:00.335997Z","id":"CVE-2026-45453","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45453","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45455","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:19.660","lastModified":"2026-07-09T00:17:13.367","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Excel 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Office Online Server","versions":[{"version":"16.0.0.0","lessThan":"16.0.10417.20137","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:48:15.258965Z","id":"CVE-2026-45455","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*","matchCriteriaId":"CD88F667-6773-4DB7-B6C3-9C7B769C0808"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*","matchCriteriaId":"B342EF98-B414-44D0-BAFB-FCA24294EECE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*","matchCriteriaId":"E98AE986-FA31-4301-8025-E8915BA4AC5E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45455","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45457","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:19.937","lastModified":"2026-07-09T00:17:13.600","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:27.338452Z","id":"CVE-2026-45457","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45457","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45458","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.060","lastModified":"2026-07-09T00:17:13.713","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Word 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"16.0.5556.1000","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-45458","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x64:*","matchCriteriaId":"E1FE9E95-4874-46EF-AC93-9E485F7A2AC0"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:x86:*","matchCriteriaId":"38479B5D-66F9-4260-A18A-F6E3D9B6991E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45458","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45460","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.323","lastModified":"2026-07-09T00:17:13.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer over-read in Microsoft Office allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office for Android","versions":[{"version":"16.0.1","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:39:35.215739Z","id":"CVE-2026-45460","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:-:*:*:*:*:android:*:*","matchCriteriaId":"2D37C2C3-A2A0-41D9-8C71-F0191702189D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45460","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45461","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.450","lastModified":"2026-07-09T00:17:14.030","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office for Android","versions":[{"version":"16.0.1","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:25.365596Z","id":"CVE-2026-45461","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:android:*:*","matchCriteriaId":"3AFC6F65-69C1-4478-A376-08020C919DB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45461","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45463","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.707","lastModified":"2026-07-09T00:17:14.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Integer underflow (wrap or wraparound) in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office for Android","versions":[{"version":"16.0.1","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:27.604319Z","id":"CVE-2026-45463","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"},{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:android:*:*","matchCriteriaId":"3AFC6F65-69C1-4478-A376-08020C919DB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45463","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45464","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.837","lastModified":"2026-07-09T00:17:14.347","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T18:02:22.225330Z","id":"CVE-2026-45464","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45464","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45465","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:20.957","lastModified":"2026-07-09T00:17:14.457","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:22:51.696892Z","id":"CVE-2026-45465","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45465","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45472","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:21.740","lastModified":"2026-07-09T00:17:14.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office for Android","versions":[{"version":"16.0.1","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:36.482929Z","id":"CVE-2026-45472","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:android:*:*","matchCriteriaId":"3AFC6F65-69C1-4478-A376-08020C919DB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45472","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45474","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:21.877","lastModified":"2026-07-09T00:17:15.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office for Android","versions":[{"version":"16.0.1","lessThan":"16.0.20131.20024","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:38.703680Z","id":"CVE-2026-45474","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:android:*:*","matchCriteriaId":"3AFC6F65-69C1-4478-A376-08020C919DB5"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45474","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45482","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:22.587","lastModified":"2026-07-09T00:17:15.430","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper limitation of a pathname to a restricted directory ('path traversal') in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Visual Studio Code CoPilot Chat Extension","versions":[{"version":"0.27.0","lessThan":"1.123.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:00.449616Z","id":"CVE-2026-45482","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_code:*:*:*:*:*:*:*:*","versionEndExcluding":"1.123.2","matchCriteriaId":"15425119-D5D2-441E-B633-DFF1ED845AF7"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45482","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45486","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:23.193","lastModified":"2026-07-09T00:17:15.790","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:23.814302Z","id":"CVE-2026-45486","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45486","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45501","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:25.880","lastModified":"2026-07-09T00:17:16.380","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Exchange Server 2016 Cumulative Update 23","platforms":["x64-based Systems"],"versions":[{"version":"15.01.0.0","lessThan":"15.01.2507.069","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 14","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.1544.041","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 15","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.1748.046","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server Subscription Edition RTM","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.2562.043","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T19:52:25.296776Z","id":"CVE-2026-45501","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*","matchCriteriaId":"FF76AEDA-E574-40ED-B64F-8FDEF8CAC802"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_14:*:*:*:*:*:*","matchCriteriaId":"8C98993B-82A5-48CC-947F-896CEA0CDB7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_15:*:*:*:*:*:*","matchCriteriaId":"7166BCE0-1D55-46B2-96B9-250AB4BB6291"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server_subscription_edition:*:*:*:*:*:*:*:*","versionEndExcluding":"15.02.2562.043","matchCriteriaId":"A4DB559B-001D-487D-8EA2-36F8AD7BAF51"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45501","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45503","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:26.137","lastModified":"2026-07-09T00:17:16.557","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Exchange Server 2016 Cumulative Update 23","platforms":["x64-based Systems"],"versions":[{"version":"15.01.0.0","lessThan":"15.01.2507.069","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 14","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.1544.041","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server 2019 Cumulative Update 15","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.1748.046","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Exchange Server Subscription Edition RTM","platforms":["x64-based Systems"],"versions":[{"version":"15.02.0.0","lessThan":"15.02.2562.043","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:41:09.056090Z","id":"CVE-2026-45503","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2016:cumulative_update_23:*:*:*:*:*:*","matchCriteriaId":"FF76AEDA-E574-40ED-B64F-8FDEF8CAC802"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_14:*:*:*:*:*:*","matchCriteriaId":"8C98993B-82A5-48CC-947F-896CEA0CDB7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server:2019:cumulative_update_15:*:*:*:*:*:*","matchCriteriaId":"7166BCE0-1D55-46B2-96B9-250AB4BB6291"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:exchange_server_subscription_edition:*:*:*:*:*:*:*:*","versionEndExcluding":"15.02.2562.043","matchCriteriaId":"A4DB559B-001D-487D-8EA2-36F8AD7BAF51"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45503","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45598","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:28.033","lastModified":"2026-07-09T00:17:17.817","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:42.039135Z","id":"CVE-2026-45598","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45598","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45601","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:28.547","lastModified":"2026-07-09T00:17:18.170","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:43.152506Z","id":"CVE-2026-45601","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"},{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45601","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45603","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:28.923","lastModified":"2026-07-09T00:17:18.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:46.565330Z","id":"CVE-2026-45603","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-362"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45603","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45608","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:29.733","lastModified":"2026-07-09T00:17:19.017","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds read in Windows DHCP Client allows an unauthorized attacker to disclose information locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:46:54.603810Z","id":"CVE-2026-45608","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"7B95DD66-F443-46C5-A2EB-544C58D92A30"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"7C589178-C9A3-4024-9F88-5B98D4CBBED4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"906F9ED1-351C-4BCD-A224-BEB3CB6ED5A9"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"FA9B806C-01C0-4A39-AC83-39F8D366DB1C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"168CB87A-429D-44C7-99F4-2BD60D1AC70D"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45608","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45635","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:30.100","lastModified":"2026-07-09T00:17:19.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:03.405864Z","id":"CVE-2026-45635","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45635","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45641","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:31.100","lastModified":"2026-07-09T00:17:20.007","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Access of resource using incompatible type ('type confusion') in Windows Hyper-V allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:06.126563Z","id":"CVE-2026-45641","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45641","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45645","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:31.667","lastModified":"2026-07-09T00:17:20.363","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted pointer dereference in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft 365 Apps for Enterprise","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2016","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1001","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 2019","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"19.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office 365 for Mac","versions":[{"version":"1.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2021","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.1","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2021","versions":[{"version":"16.0.1","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft Office LTSC for Mac 2024","versions":[{"version":"16.0.0","lessThan":"16.110.26061317","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:33.223813Z","id":"CVE-2026-45645","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-822"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*","matchCriteriaId":"3259EBFE-AE2D-48B8-BE9A-E22BBDB31378"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*","matchCriteriaId":"CD25F492-9272-4836-832C-8439EBE64CCF"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:microsoft_365:-:*:*:*:*:macos:*:*","matchCriteriaId":"12418BDE-FA2E-4BBF-8E47-45C505399898"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x64:*","matchCriteriaId":"45A9ECE7-F173-47AB-A420-0B6F64A04D21"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2016:-:*:*:*:-:*:x86:*","matchCriteriaId":"BF3B9F15-3077-4BC5-9EC5-7416A9FBDC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x64:*","matchCriteriaId":"241CDE2B-ABD0-4EFF-8D73-1766E32FA20F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2019:-:*:*:*:*:*:x86:*","matchCriteriaId":"14D63E3F-A431-4DD8-979F-811E8DAC423D"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"1D518075-3362-4D15-93B1-0E6C61518D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"1059BEC6-C30B-4F0F-A878-5267A21CBD85"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2021:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"0DB3EBBF-E0C4-4D5A-8D22-107463AD1DE4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:macos:-:*","matchCriteriaId":"589B470B-9C2E-41E2-A44D-D8CCB4D2F933"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45645","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45653","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:32.287","lastModified":"2026-07-09T00:17:20.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:07.144645Z","id":"CVE-2026-45653","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45653","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45654","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:32.460","lastModified":"2026-07-09T00:17:20.883","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Windows Secure Boot allows an authorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:26.597262Z","id":"CVE-2026-45654","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45654","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-45658","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:33.133","lastModified":"2026-07-09T00:17:21.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Windows BitLocker allows an authorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:50:10.621493Z","id":"CVE-2026-45658","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45658","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47281","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:33.950","lastModified":"2026-07-09T00:17:21.477","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing authorization in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Visual Studio Code","versions":[{"version":"1.0.0","lessThan":"1.123.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:01.725468Z","id":"CVE-2026-47281","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-798"},{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visual_studio_code:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0.0","versionEndExcluding":"1.123.1","matchCriteriaId":"8783E7A4-D1B9-4E29-B9F9-48C86D1D784F"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47281","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47634","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:35.300","lastModified":"2026-07-09T00:17:22.270","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements in output used by a downstream component ('injection') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:46:23.417734Z","id":"CVE-2026-47634","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47634","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47635","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:35.417","lastModified":"2026-07-09T00:17:22.387","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Office LTSC 2024","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"https://aka.ms/OfficeSecurityReleases","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.5,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:12.938058Z","id":"CVE-2026-47635","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x64:*","matchCriteriaId":"55A9AFDA-D77B-4CC7-ACE5-3A2ABDA257D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office_2024:-:*:*:*:ltsc:-:x86:*","matchCriteriaId":"8887D177-26A3-4008-89B6-50A9E9830F13"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47635","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47636","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:35.533","lastModified":"2026-07-09T00:17:22.493","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T12:26:03.768190Z","id":"CVE-2026-47636","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47636","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47639","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:35.900","lastModified":"2026-07-09T00:17:22.707","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:37:13.129869Z","id":"CVE-2026-47639","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47639","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47641","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:36.150","lastModified":"2026-07-09T00:17:22.880","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T12:27:21.145957Z","id":"CVE-2026-47641","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47641","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47652","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:36.623","lastModified":"2026-07-09T00:17:23.450","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.5,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:56:16.361817Z","id":"CVE-2026-47652","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47652","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47653","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:36.753","lastModified":"2026-07-09T00:17:23.573","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:13.796533Z","id":"CVE-2026-47653","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47653","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-47654","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:36.933","lastModified":"2026-07-09T00:17:23.747","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:18.341676Z","id":"CVE-2026-47654","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-47654","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48560","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:44.633","lastModified":"2026-07-09T00:17:24.037","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft SharePoint Enterprise Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.5556.1005","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.10417.20153","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Microsoft SharePoint Server Subscription Edition","platforms":["x64-based Systems"],"versions":[{"version":"16.0.0","lessThan":"16.0.19725.20384","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-09T17:48:44.763713Z","id":"CVE-2026-48560","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:*:*:*:*:subscription:*:*:*","versionEndExcluding":"16.0.19725.20384","matchCriteriaId":"78BDED5A-CE5F-4029-9A3E-B81B347388BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2016:*:*:*:enterprise:*:*:*","matchCriteriaId":"F815EF1D-7B60-47BE-9AC2-2548F99F10E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*","matchCriteriaId":"6122D014-5BF1-4AF4-8B4D-80205ED7785E"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48560","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48563","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:44.893","lastModified":"2026-07-09T00:17:24.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:57:10.513239Z","id":"CVE-2026-48563","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48563","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48573","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:45.833","lastModified":"2026-07-09T00:17:24.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"No cwe for this issue in Windows Secure Boot allows an authorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:25.387439Z","id":"CVE-2026-48573","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1329"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48573","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48576","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:46.373","lastModified":"2026-07-09T00:17:25.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"No cwe for this issue in Windows Secure Boot allows an authorized attacker to bypass a security feature locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-05T00:00:00+00:00","id":"CVE-2026-48576","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1329"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48576","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48578","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:46.550","lastModified":"2026-07-09T00:17:25.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Windows Secure Boot allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.2.9200.0","lessThan":"6.2.9200.26132","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.32995","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":7.9,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T03:55:34.932816Z","id":"CVE-2026-48578","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*","matchCriteriaId":"A7DF96F8-BA6A-4780-9CA3-F719B3F81074"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-48578","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50507","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T17:17:49.857","lastModified":"2026-07-09T00:17:25.977","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing authentication for critical function in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Windows 10 Version 1607","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 1809","platforms":["32-bit Systems","x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 21H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19044.0","lessThan":"10.0.19044.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 10 Version 22H2","platforms":["32-bit Systems","ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.19045.0","lessThan":"10.0.19045.7417","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 23H2","platforms":["ARM64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 23H2","platforms":["x64-based Systems"],"versions":[{"version":"10.0.22631.0","lessThan":"10.0.22631.7219","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 24H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 Version 25H2","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.26200.0","lessThan":"10.0.26200.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows 11 version 26H1","platforms":["ARM64-based Systems","x64-based Systems"],"versions":[{"version":"10.0.28000.0","lessThan":"10.0.28000.2269","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2012 R2 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"6.3.9600.0","lessThan":"6.3.9600.23228","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2016 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.14393.0","lessThan":"10.0.14393.9234","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2019 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.17763.0","lessThan":"10.0.17763.8880","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2022","platforms":["x64-based Systems"],"versions":[{"version":"10.0.20348.0","lessThan":"10.0.20348.5256","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]},{"vendor":"Microsoft","product":"Windows Server 2025 (Server Core installation)","platforms":["x64-based Systems"],"versions":[{"version":"10.0.26100.0","lessThan":"10.0.26100.8655","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T14:13:36.016183Z","id":"CVE-2026-50507","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"039BC4EF-6E49-4A8C-B1A4-BFAD9F24EC01"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1607:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"2221A0A5-45F3-4903-943A-19E7AA69496B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"03A4C97D-FE89-4367-9A0E-E4E65BD49E18"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_1809:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"FE809AA0-E917-495F-BB11-59215F47E14F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"3E87DD4E-44FC-4B9A-99AB-D1DB3C67EF79"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"A21A9BC4-DE4F-46BE-944F-AD6CAA92BF32"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_21h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19044.7417","matchCriteriaId":"911336E9-FAEA-4EB5-96D7-8049AE622C61"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"B8BB8399-35C5-4654-A679-5E105773615B"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"55571EDC-8323-4BAE-B363-113ACEF55CB2"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_10_22h2:*:*:*:*:*:*:x86:*","versionEndExcluding":"10.0.19045.7417","matchCriteriaId":"D14AC77E-34F3-4704-A068-D9020FF60A8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"92508776-88BE-4872-99DB-1F690F71ADEF"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.22631.7219","matchCriteriaId":"410079AC-180E-4D7F-B7F6-784E36FEA036"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"32DB4863-6880-40B4-8EC1-9E0F40E81D7F"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_24h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.8655","matchCriteriaId":"E691C9E5-5271-436D-A7FD-C25BEA4D447D"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1D3DEE4A-9959-4716-BC39-35660AC22BC4"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_25h2:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26200.8655","matchCriteriaId":"1000C085-A5D7-4027-B9C1-6AE7DA468FB7"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:arm64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"9C7AD7ED-307B-40B9-B706-45FB178C36D8"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_11_26h1:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.28000.2269","matchCriteriaId":"8967AF79-CAD0-4F87-85A5-95D031C9FEFA"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*","matchCriteriaId":"DB18C4CE-5917-401E-ACF7-2747084FD36E"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2016:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.14393.9234","matchCriteriaId":"B3F7E1F6-48D5-4ECB-9BF8-4238903FC194"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2019:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.17763.8880","matchCriteriaId":"07C08212-A30E-4434-A17C-542E45D1E272"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*","versionEndExcluding":"10.0.20348.5256","matchCriteriaId":"27363D97-D4A9-4709-9854-F78F7EBCFB27"},{"vulnerable":true,"criteria":"cpe:2.3:o:microsoft:windows_server_2025:*:*:*:*:*:*:x64:*","versionEndExcluding":"10.0.26100.32995","matchCriteriaId":"E127A6E6-C261-4039-8A13-A2FAC4606573"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50507","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50512","sourceIdentifier":"secure@microsoft.com","published":"2026-06-09T18:17:09.747","lastModified":"2026-07-09T00:17:26.380","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing authentication for critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft PC Manager","versions":[{"version":"1.0.0","lessThan":"3.21.6.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T13:43:26.702843Z","id":"CVE-2026-50512","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:pc_manager:*:*:*:*:*:*:*:*","versionEndExcluding":"3.21.6.0","matchCriteriaId":"59D5AA9B-48AC-40F5-83B6-607D79504B47"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50512","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46546","sourceIdentifier":"security-advisories@github.com","published":"2026-06-10T01:16:28.110","lastModified":"2026-07-09T16:29:23.240","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain user-editable fields that, when surfaced in page metadata, caused visitors' browsers to navigate to an attacker-chosen URL. This issue has been patched in version 2.53.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"frappe","product":"lms","versions":[{"version":"< 2.53.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-10T16:54:45.749458Z","id":"CVE-2026-46546","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:frappe:learning:*:*:*:*:*:*:*:*","versionEndExcluding":"2.52.0","matchCriteriaId":"0634D103-CC0C-4F49-A088-0DDCCDD94DF7"}]}]}],"references":[{"url":"https://github.com/frappe/lms/security/advisories/GHSA-2x47-gr9q-w6fv","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46625","sourceIdentifier":"security-advisories@github.com","published":"2026-06-10T22:16:59.613","lastModified":"2026-07-08T13:16:49.640","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"JavaScript Cookie is a JavaScript API for handling cookies, client-side. Prior to version 3.0.7, js-cookie's internal assign() helper copies properties with for...in + plain assignment. When the source object is produced by JSON.parse, the JSON object's \"__proto__\" member is an own enumerable property, so the for…in enumerates it and the target[key] = source[key] write triggers the Object.prototype.__proto__ setter on the fresh target ({}). The result is a per-instance prototype hijack: Object.prototype itself is untouched, but the merged attributes object now inherits attacker-controlled keys. Because the consuming set() function then enumerates the merged object with another for...in, every key the attacker placed on the polluted prototype lands in the resulting Set-Cookie string as an attribute pair. The attacker can set domain=, secure=, samesite=, expires=, and path= on cookies whose attributes the developer thought were locked down. This issue has been patched in version 3.0.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"js-cookie","product":"js-cookie","versions":[{"version":"< 3.0.7","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Security for Kubernetes 4.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:advanced_cluster_security:4.10::el8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Service Mesh 3.3","defaultStatus":"affected","cpes":["cpe:/a:redhat:service_mesh:3.3::el9"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"OpenShift Lightspeed","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_lightspeed"]},{"vendor":"Red Hat","product":"Red Hat 3scale API Management Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_3scale_amp:2"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Discovery 2","defaultStatus":"unknown","cpes":["cpe:/a:redhat:discovery:2::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ansible_portal:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-11T14:46:15.083511Z","id":"CVE-2026-46625","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1321"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-915"}]}],"references":[{"url":"https://github.com/js-cookie/js-cookie/commit/eb3c40e89731e99b8970faaf35ddad249c6c0020","source":"security-advisories@github.com"},{"url":"https://github.com/js-cookie/js-cookie/releases/tag/v3.0.7","source":"security-advisories@github.com"},{"url":"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j","source":"security-advisories@github.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:33183","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36625","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-46625","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487740","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/js-cookie/js-cookie/security/advisories/GHSA-qjx8-664m-686j","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46625.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-11774","sourceIdentifier":"secalert@redhat.com","published":"2026-06-11T19:16:37.853","lastModified":"2026-07-09T13:16:46.770","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC causes unsigned wraparound to zero, bypassing the nsslapd-maxsasliosize limit and leading to a heap buffer overflow of up to approximately 2 megabytes of attacker-controlled data. After a successful SASL bind with integrity protection (SSF > 0), a remote attacker can cause a Denial of Service (DoS) or achieve Remote Code Execution (RCE). In FreeIPA and Red Hat Identity Management deployments, any domain user with a valid Kerberos ticket, enrolled host, or service account can trigger this vulnerability over the network. This flaw is independent of CVE-2025-14905, which patched schema.c only and did not modify sasl_io.c."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Directory Server 11.5 E4S for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server_e4s:11.5::el8"],"versions":[{"version":"8060020260702180044.0ca98e7e","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.7 E4S for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server_e4s:11.7::el8"],"versions":[{"version":"8080020260702180836.f969626e","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.9 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server:11.9::el8"],"versions":[{"version":"8100020260702145313.37ed7c03","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.2 E4S for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12","cpes":["cpe:/a:redhat:directory_server_e4s:12.2::el9"],"versions":[{"version":"9020020260703060155.1674d574","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.4 E4S for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12","cpes":["cpe:/a:redhat:directory_server_e4s:12.4::el9"],"versions":[{"version":"9040020260703055735.1674d574","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.2.0-8.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.0.6-19.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.3.11.1-13.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020260626120929.25e700aa","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"8040020260629123121.96015a92","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"8040020260629123121.96015a92","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"8060020260626130540.824efc52","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"8060020260626130540.824efc52","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020260630025241.6dbb3803","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020260630025241.6dbb3803","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:2.8.0-8.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.2.4-19.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:2.4.5-26.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:2.6.1-22.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"dirsrv/dirsrv-container-rhel10","cpes":["cpe:/a:redhat:directory_server:13.2::el10"],"versions":[{"version":"1783452100","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12/389-ds-base","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","defaultStatus":"affected","cpes":["cpe:/o:redhat:rhel_els:7"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.9 for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server:11.9::el8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream AUS (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream TUS (v.8.8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_tus:8.8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream E4S (v.9.4)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.5 E4S for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server_e4s:11.5::el8"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.7 E4S for RHEL 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server_e4s:11.7::el8"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.2 E4S for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server_e4s:12.2::el9"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.4 E4S for RHEL 9","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server_e4s:12.4::el9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat CodeReady Linux Builder EUS (v.9.6)","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhel_eus:9.6::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13.2","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server:13.2::el10"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:14:06.174166Z","id":"CVE-2026-11774","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36195","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36196","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36198","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36200","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36201","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36202","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36204","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36205","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36206","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36208","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36209","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36585","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36641","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36660","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36670","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36671","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-11774","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484916","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36195","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36196","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36198","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36200","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36201","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36202","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36204","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36205","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36206","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36208","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36209","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36585","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36641","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36660","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36670","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36671","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-11774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484916","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-11774.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-50082","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:31.707","lastModified":"2026-07-10T02:45:22.513","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara Cloud Developer Portal (developer.aqara.com) issued a developer token to any email address supplied by the attacker. This is an instance of \"CWE-306: Missing Authentication for Critical Function\" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N (6.5 Medium). When combined with CVE-2026-50083, CVE-2026-50084, and CVE-2026-50085, any otherwise-unauthenticated attacker could execute a full takeover of affected devices."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Cloud Developer Portal","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:53:19.154380Z","id":"CVE-2026-50082","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:cloud_developer_portal:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"8B859B38-0688-4DDB-B977-D6A1AF395DBE"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-dev-portal-auth-token-2026-50082","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50083","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:31.827","lastModified":"2026-07-09T17:44:57.073","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara IAM/SSO Gateway (gw-builder.aqara.com) used a hardcoded OAuth client credential, which is an instance of \"CWE-798: Use of Hard-coded Credentials.\" This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N (9.1 Critical). When combined with CVE-2026-50082, CVE-50084, and CVE-50085, this can lead to a fully unauthenticated, remote takeover of affected devices."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Aquara IAM/SSO Gateway","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:55:58.127070Z","id":"CVE-2026-50083","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:iam\\/sso_gateway:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"0AF0F7C7-D5DF-4B11-A27F-924E2D1DF1E3"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-hardcoded-oauth-cve-2026-50083","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50084","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:31.940","lastModified":"2026-07-09T17:44:44.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara Cloud Production API (open-cn.aqara.com/v3.0/open/api) would authorize any valid developer token for access to any account. This is an instance of \"CWE-862: Missing Authorization\" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N (9.6 Critical). When combined with CVE-2026-50082, CVE-50083, and CVE-50085, this can lead to a fully unauthenticated, remote takeover of affected devices."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Cloud Production API","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:55:07.354028Z","id":"CVE-2026-50084","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:cloud_production_api:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"D802A96D-216F-43F9-BF68-5EE034D9811D"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-api-access-cve-2026-50084","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50085","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.060","lastModified":"2026-07-09T17:44:25.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara Board service (op-test.aqara.com) accepts arbitrary MQTT command payloads, and forwards them to the platfom's HiveMQ broker without authentication. This is an instance of \"CWE-306: Missing Authentication for Critical Function\" and has an estimated CVSS ofCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L (8.6 High). When combined with CVE-2026-50082, CVE-50083, and CVE-50084, this can lead to a fully unauthenticated, remote takeover of affected devices."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Board service","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:54:13.689198Z","id":"CVE-2026-50085","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:board_service:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"19B8F79D-9D4F-4918-8C55-082F943AFAA3"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-board-iot-insecure-debug-api-cve-2026-50085","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50086","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.187","lastModified":"2026-07-09T16:04:17.713","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara IAM/SSO gateway (gw-builder.aqara.com) exposes bidirectional AES round-trups against the platform's signing key without authentication. This is an instance of \"CWE-306: Missing Authentication for Critical Function\" and \"CWE-327: Use of a Broken or Risky Cryptographic Algorithm,\" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (7.5 High)."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Aqara IAM/SSO Gateway","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:48:33.784868Z","id":"CVE-2026-50086","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-327"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:iam\\/sso_gateway:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"0AF0F7C7-D5DF-4B11-A27F-924E2D1DF1E3"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-unauth-aes-oracle-cve-2026-50086","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50087","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.297","lastModified":"2026-07-09T16:26:07.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara IAM/SSO gateway (gw-builder.aqara.com) exhibits a cross-origin request sharing vulnerability, which is an instance of \"CWE-942: Permissive Cross-domain Policy with Untrusted Domains,\" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N (8.2 High)."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Aqara IAM/SSO Gateway","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:51:57.814157Z","id":"CVE-2026-50087","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-942"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:iam\\/sso_gateway:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"0AF0F7C7-D5DF-4B11-A27F-924E2D1DF1E3"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-iam-sso-cors-cve-2026-50087","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50088","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.403","lastModified":"2026-07-09T17:43:01.183","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara Developer Portal (developer.aqara.com) and shared test environments (developer-test.aqara.com, aiot-test.aqara.com) exhibit cross-origin request sharing, which is an instance of \"CWE-942: Permissive Cross-domain Policy with Untrusted Domains,\" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N (8.2 High)."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Aqara Developer Portal","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]},{"vendor":"Aqara","product":"Aqara Developer Test Portal","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:51:00.517874Z","id":"CVE-2026-50088","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-942"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:developer_portal:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"5700D2DE-752C-4D68-814A-2B908530B3AC"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-dev-portal-cors-cve-2026-50088","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50089","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.513","lastModified":"2026-07-09T17:41:17.783","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara IAM/SSO Gateway (gw-builder.aqara.com) provides an open redirect, which is an instance of \"CWE-601: URL Redirection to Untrusted Site,\" with an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (6.1 Medium), which can be used to set up a phishing attack."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Aqara IAM/SSO Gateway","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:50:04.675728Z","id":"CVE-2026-50089","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:iam\\/sso_gateway:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"0AF0F7C7-D5DF-4B11-A27F-924E2D1DF1E3"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-sso-open-redirect-cve-2026-50089","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50090","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.623","lastModified":"2026-07-09T17:41:07.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Aqara Cloud OAuth Authorization Endpoint (open-cn.aqara.com/oauth/authorize) is vulnerable to a redirect bypass due to lax controls on domain matching, which is an instance of \"CWE-1289: Improper Validation of Unsafe Equivalence in Input\" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N (9.3 Critical)."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"Cloud OAuth Authorization Endpoint","defaultStatus":"unaffected","versions":[{"version":"2026-04-20","lessThan":"0","versionType":"date","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T15:49:22.517830Z","id":"CVE-2026-50090","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-1289"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:cloud_oauth_authorization_endpoint:2026-04-20:*:*:*:*:*:*:*","matchCriteriaId":"AF1FD493-5B7C-439E-9924-48B64E46416C"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-oauth-redirect-validation-bypass-cve-2026-50090","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50091","sourceIdentifier":"44488dab-36db-4358-99f9-bc116477f914","published":"2026-06-12T16:16:32.737","lastModified":"2026-07-09T17:40:51.977","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Aqara Home Android (com.lumiunited.aqarahome) 6.0.0 (and white-label clients embedding the same liblumidevsdk.so) uses hard-coded cryptographic keys, which is an instance of \"CWE-321: Use of Hard-coded Cryptographic Key\" and has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N (9.1 Critical)."}],"affected":[{"source":"44488dab-36db-4358-99f9-bc116477f914","affectedData":[{"vendor":"Aqara","product":"com.lumiunited.aqarahome","defaultStatus":"unaffected","versions":[{"version":"6.0.0","lessThan":"0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-12T16:22:49.247673Z","id":"CVE-2026-50091","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"44488dab-36db-4358-99f9-bc116477f914","type":"Secondary","description":[{"lang":"en","value":"CWE-321"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:aqara:home:6.0.0:*:*:*:*:android:*:*","matchCriteriaId":"967E9F3A-6893-4330-B89D-A5A53120C492"}]}]}],"references":[{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.runzero.com/advisories/aqara-hardcoded-sdk-keys-cve-2026-50091","source":"44488dab-36db-4358-99f9-bc116477f914","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/xn0tsa/theres-no-place-like-home","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-44990","sourceIdentifier":"security-advisories@github.com","published":"2026-06-12T21:16:22.447","lastModified":"2026-07-09T13:17:20.067","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ApostropheCMS is an open-source Node.js content management system, and sanitize-html provides a simple HTML sanitizer with a clear API. Under the default configuration, versions of `sanitize-html` prior to 2.17.4 can turn attacker-controlled content inside a disallowed `xmp` element into live HTML or JavaScript. This is a sanitizer bypass in the default `disallowedTagsMode: 'discard'` path and can lead to stored XSS in applications that render sanitized output back to users. Version 2.17.4 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"apostrophecms","product":"sanitize-html","versions":[{"version":"< 2.17.4","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Advanced Cluster Management for Kubernetes 2.14","defaultStatus":"affected","cpes":["cpe:/a:redhat:acm:2.14::el9"]},{"vendor":"Red Hat","product":"multicluster engine for Kubernetes 2.9","defaultStatus":"affected","cpes":["cpe:/a:redhat:multicluster_engine:2.9::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Virtualization 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:container_native_virtualization:4"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:quay:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.8},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T13:04:32.468259Z","id":"CVE-2026-44990","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-rpr9-rxv7-x643","source":"security-advisories@github.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36882","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36883","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-44990","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2488565","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-rpr9-rxv7-x643","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-44990.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-9862","sourceIdentifier":"df4dee71-de3a-4139-9588-11b62fe6c0ff","published":"2026-06-15T16:16:35.357","lastModified":"2026-07-09T16:27:07.207","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Fortra's \nCore Privileged Access Manager (BoKS) contains an OS command injection vulnerability in the boks_autoregisterd service. A remote attacker with network access to the service may be able to cause commands to be executed with the privileges of the service during the autoregistration processing."}],"affected":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","affectedData":[{"vendor":"Fortra","product":"Core Privileged Access Manager (BoKS)","defaultStatus":"unaffected","modules":["boks_autoregisterd"],"versions":[{"version":"boks-server 8.1.0.0","lessThanOrEqual":"boks-server 8.1.0.22","versionType":"custom","status":"affected"},{"version":"boks-server 9.0.0.0","lessThanOrEqual":"boks-server 9.0.0.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T16:09:18.347930Z","id":"CVE-2026-9862","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:forta:core_privileged_access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0.0","versionEndIncluding":"8.1.0.22","matchCriteriaId":"52B76FB8-7B0E-4D24-B05A-CC87BC9CC623"},{"vulnerable":true,"criteria":"cpe:2.3:a:forta:core_privileged_access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"BAE288EB-3F42-41A2-9D7C-F54BCAB48F6B"}]}]}],"references":[{"url":"https://www.fortra.com/security/advisories/product-security/fi-2026-007","source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9863","sourceIdentifier":"df4dee71-de3a-4139-9588-11b62fe6c0ff","published":"2026-06-15T16:16:35.507","lastModified":"2026-07-09T16:39:46.160","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installations. A malicious or compromised legacy tar-installed client selected for upgrade or patching may be able to cause commands to be executed on the BoKS Master during client version handling."}],"affected":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","affectedData":[{"vendor":"Fortra","product":"Core Privileged Access Manager (BoKS)","defaultStatus":"unaffected","modules":["boks_upgrade_upgrade","boks_upgrade_patch"],"versions":[{"version":"boks-server 8.1.0.0","lessThanOrEqual":"boks-server 8.1.0.22","versionType":"custom","status":"affected"},{"version":"boks-server 9.0.0.0","lessThanOrEqual":"boks-server 9.0.0.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T16:08:50.051689Z","id":"CVE-2026-9863","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:forta:core_privileged_access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0.0","versionEndIncluding":"8.1.0.22","matchCriteriaId":"52B76FB8-7B0E-4D24-B05A-CC87BC9CC623"},{"vulnerable":true,"criteria":"cpe:2.3:a:forta:core_privileged_access_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0.0","versionEndIncluding":"9.0.0.4","matchCriteriaId":"BAE288EB-3F42-41A2-9D7C-F54BCAB48F6B"}]}]}],"references":[{"url":"https://www.fortra.com/security/advisories/product-security/fi-2026-008","source":"df4dee71-de3a-4139-9588-11b62fe6c0ff","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-8357","sourceIdentifier":"security@documentfoundation.org","published":"2026-06-15T18:16:37.513","lastModified":"2026-07-09T13:17:31.697","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"LibreOffice Calc compiles cell formulas when opening a spreadsheet. A heap buffer overflow existed when compiling a very long formula made up of many opening tokens. The array that tracks nesting depth was allocated one element too small for that worst case, so such a formula wrote one element past its end. In fixed versions the array is sized to hold the largest possible nesting."}],"affected":[{"source":"security@documentfoundation.org","affectedData":[{"vendor":"The Document Foundation","product":"LibreOffice","defaultStatus":"unknown","versions":[{"version":"26.2","lessThan":"< 26.2.4","versionType":"26.2 series","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV40":[{"source":"security@documentfoundation.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T18:03:49.986573Z","id":"CVE-2026-8357","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@documentfoundation.org","type":"Secondary","description":[{"lang":"en","value":"CWE-193"},{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"references":[{"url":"https://www.libreoffice.org/about-us/security/advisories/cve-2026-8357","source":"security@documentfoundation.org"},{"url":"https://access.redhat.com/errata/RHSA-2026:35839","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36832","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-8357","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2488964","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-8357.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-52718","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:32.317","lastModified":"2026-07-09T11:16:40.047","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gst_av1_parser_parse_tile_list_obu() function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a specially crafted AV1 media file, triggering an assertion abort and causing the application to crash."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.22.12-7.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T15:01:01.394003Z","id":"CVE-2026-52718","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52718","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486328","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5103","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-52719","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:32.447","lastModified":"2026-07-09T13:17:28.147","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causing downstream parsing to read beyond the provided input buffer, leading to a crash or potential information disclosure."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.22.12-7.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T13:09:20.540797Z","id":"CVE-2026-52719","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52719","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486353","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5104","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52719","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486353","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52719.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-52720","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:32.580","lastModified":"2026-07-09T13:17:28.343","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A heap buffer overflow vulnerability was found in GStreamer's librfb (RFB/VNC client). The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a malicious VNC server and trick a user into connecting, resulting in an out-of-bounds heap write that could lead to code execution or a crash."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.16.1-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.22.12-7.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T19:55:56.765375Z","id":"CVE-2026-52720","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:37130","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52720","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486731","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5105","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37130","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52720","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486731","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52720.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-52722","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:32.830","lastModified":"2026-07-09T13:17:28.550","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a specially crafted VMnc file, potentially causing a crash or information disclosure."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream","cpe:/a:redhat:enterprise_linux:8::crb"],"versions":[{"version":"0:1.16.1-8.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:1.22.12-7.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CRB (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-15T22:08:45.194699Z","id":"CVE-2026-52722","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:37130","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52722","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486733","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5107","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36749","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36834","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37130","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-52722","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486733","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52722.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-53703","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:33.563","lastModified":"2026-07-08T14:17:04.497","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in the GStreamer RealMedia demuxer (gst-plugins-ugly). When processing a RealMedia (.rm) file, the demuxer parses MDPR (media properties) chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sample rate, channel count, and extra codec data length from fixed offsets within the chunk without first checking that the chunk contains enough data. If a malicious file provides an MDPR chunk that is too small to contain a complete audio stream header, the parser reads beyond the end of the buffer. This can cause the application to crash. In some cases, bytes read past the buffer boundary may be incorporated into stream metadata, which could result in limited information disclosure."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.22.12-6.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T15:05:30.391525Z","id":"CVE-2026-53703","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36673","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36674","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-53703","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487613","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-53704","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:33.697","lastModified":"2026-07-08T14:17:04.900","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using re_skip_pascal_string() without validating that offsets remain within the mapped buffer. Additionally, the element count controlling the parsing loop is read from attacker-controlled data without validation, which can cause an infinite loop. A crafted RealMedia file can cause the application to crash, hang, or potentially read limited adjacent memory contents."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.22.12-6.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-ugly-free","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T12:46:47.069346Z","id":"CVE-2026-53704","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36674","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-53704","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487614","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-53705","sourceIdentifier":"secalert@redhat.com","published":"2026-06-15T20:16:33.820","lastModified":"2026-07-09T13:17:29.473","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation (4 * block_samples * channels) in gst_wavpack_dec_handle_frame() causes a very small heap allocation. The WavPack library then writes decoded audio samples far beyond the allocated buffer, resulting in heap memory corruption. This affects both 32-bit and 64-bit systems since the arithmetic is performed in 32-bit integers before promotion to the allocation size type. A remote attacker could use this flaw to crash an application or potentially execute arbitrary code by convincing a user to open a malicious WavPack audio file."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-good","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:1.26.7-2.el10_2.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-good","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"0:1.16.1-7.el8_10","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-good","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"versions":[{"version":"0:1.22.12-7.el9_8.1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-good","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 8)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T03:56:10.671671Z","id":"CVE-2026-53705","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36675","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36774","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:37129","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-53705","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487615","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36675","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36774","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:37129","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-53705","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487615","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53705.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-49763","sourceIdentifier":"audit@patchstack.com","published":"2026-06-15T21:17:21.357","lastModified":"2026-07-08T20:16:51.003","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated PHP Object Injection in Integration for Contact Form 7 HubSpot <= 1.3.7 versions."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"CRM Perks","product":"Integration for Contact Form 7 HubSpot","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"cf7-hubspot","versions":[{"version":"n/a","lessThanOrEqual":"1.3.7","versionType":"custom","status":"affected","changes":[{"at":"1.3.8","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T12:50:20.306643Z","id":"CVE-2026-49763","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/cf7-hubspot/vulnerability/wordpress-integration-for-contact-form-7-hubspot-plugin-1-3-7-php-object-injection-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-50656","sourceIdentifier":"secure@microsoft.com","published":"2026-06-16T19:16:59.683","lastModified":"2026-07-09T00:17:26.607","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as &quot;RoguePlanet &quot;."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Malware Protection Engine","versions":[{"version":"1.1.0.0","lessThan":"1.1.26060.3008","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-16T00:00:00+00:00","id":"CVE-2026-50656","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:malware_protection_engine:-:*:*:*:*:*:*:*","matchCriteriaId":"1CF44512-0B67-4B5F-B271-C8CA45D30DA8"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-50656","source":"secure@microsoft.com","tags":["Vendor Advisory"]},{"url":"https://github.com/MSNightmare/RoguePlanet","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Product"]}]}},{"cve":{"id":"CVE-2026-42055","sourceIdentifier":"f5sirt@f5.com","published":"2026-06-17T15:16:50.353","lastModified":"2026-07-09T13:17:08.687","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_proxy_v2_module and ngx_http_grpc_module modules. This vulnerability exists when the proxy_http_version to 2 or grpc_pass directives are used to proxy HTTP/2 traffic, the ignore_invalid_headers directive is set to off, and the large_client_header_buffers directive size is larger than 2 megabytes. A remote, unauthenticated attacker, along with conditions beyond their control, could send large headers while creating an upstream request. This may cause a heap-based buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. \n\n\nNote: Software versions which have reached End of Technical Support (EoTS) are not evaluated."}],"affected":[{"source":"f5sirt@f5.com","affectedData":[{"vendor":"F5","product":"NGINX Open Source","defaultStatus":"unknown","modules":["ngx_http_proxy_v2_module","ngx_http_grpc_module"],"versions":[{"version":"1.13.10","lessThan":"1.31.2","versionType":"custom","status":"affected"},{"version":"1.30.2","lessThan":"1.30.3","versionType":"custom","status":"affected"}]},{"vendor":"F5","product":"NGINX Plus","defaultStatus":"unaffected","modules":["ngx_http_proxy_v2_module","ngx_http_grpc_module"],"versions":[{"version":"37.0","lessThan":"37.0.2.1","versionType":"custom","status":"affected"},{"version":"R36","lessThan":"R36 P6","versionType":"custom","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::crb"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]}]}],"metrics":{"cvssMetricV40":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"f5sirt@f5.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T00:00:00+00:00","id":"CVE-2026-42055","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"f5sirt@f5.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:f5:dos:4.9.0:*:*:*:*:nginx:*:*","matchCriteriaId":"DACAC9CB-16D3-4F55-A466-70035779B387"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_app_protect_dos:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0","versionEndIncluding":"4.7.0","matchCriteriaId":"4F9DC498-9755-4CFA-9EA5-0009A3EE791F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_app_protect_waf:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.0","versionEndIncluding":"4.16.0","matchCriteriaId":"A70F49F1-8FD2-45E8-8681-27745BDB35B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_app_protect_waf:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2.0","versionEndIncluding":"5.8.0","matchCriteriaId":"DD0C5470-172B-4C82-AD8E-0FA0F19F3D15"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"1.3.0","versionEndIncluding":"1.6.2","matchCriteriaId":"15B7F1FD-0C49-460F-9CB8-23DA730EC4BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_gateway_fabric:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.6.4","matchCriteriaId":"8495C4C7-3BFA-49CD-B527-7E1EE9827634"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"3.5.0","versionEndIncluding":"3.7.2","matchCriteriaId":"10D5B143-4C1E-4626-8B49-3EA7160E9256"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"5.5.1","matchCriteriaId":"965E7D6E-288B-438E-A2A8-A25802E34933"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:4.0.0:*:*:*:*:*:*:*","matchCriteriaId":"896F495E-50C2-4A10-8FE8-F4D0AD52F6FF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_ingress_controller:4.0.1:*:*:*:*:*:*:*","matchCriteriaId":"0ACDA17B-D0AB-46C1-9D58-21DF6ED5479E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_instance_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"2.17.0","versionEndIncluding":"2.22.0","matchCriteriaId":"BCFCE3FC-61E0-4749-8F09-EEB4B09B1218"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:*:*:*:*:*:*:*:*","versionStartIncluding":"1.30.0","versionEndExcluding":"1.30.3","matchCriteriaId":"5C7658CE-370C-4210-8C25-FC2BC48EF785"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_open_source:1.31.1:*:*:*:*:*:*:*","matchCriteriaId":"D313995D-43EA-48D8-ABDE-D08D0995509A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:*:*:*:*:*:*:*:*","versionStartIncluding":"37.0.0","versionEndIncluding":"37.0.1","matchCriteriaId":"DB9460A8-35D0-45BD-A94F-F4833F6914AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r3:*:*:*:*:*:*:*","matchCriteriaId":"A4AAFDD5-EACA-4A96-83D8-4A5A745981C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r30:-:*:*:*:*:*:*","matchCriteriaId":"96BF2B19-52C7-4051-BA58-CAE6F912B72F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r30:p1:*:*:*:*:*:*","matchCriteriaId":"4EBEC829-7EED-487E-974D-BBA704DFBF0A"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r30:p2:*:*:*:*:*:*","matchCriteriaId":"D0648596-D1F5-4A7A-B7F8-104E3AF26317"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r31:-:*:*:*:*:*:*","matchCriteriaId":"8248517E-D805-4928-8252-2168472341EF"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r31:p1:*:*:*:*:*:*","matchCriteriaId":"9D5BB4C0-B862-4CDD-AA54-1BC1BDF27005"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r31:p2:*:*:*:*:*:*","matchCriteriaId":"6F5A3A1A-04B0-4365-A84D-7B29F7EF1D9D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r31:p3:*:*:*:*:*:*","matchCriteriaId":"71E1C590-CFCE-4CC8-9A42-3C085D39B3B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:-:*:*:*:*:*:*","matchCriteriaId":"36C4308E-651E-437C-84E7-10C542E3ADC2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p1:*:*:*:*:*:*","matchCriteriaId":"FA913184-EAAD-409E-99C6-AB979DAA93F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p2:*:*:*:*:*:*","matchCriteriaId":"782DF180-1101-4D6A-A1D7-8DADBAF6D9D3"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p3:*:*:*:*:*:*","matchCriteriaId":"FB0B11F2-4748-492B-9906-F8C4C5EAFF12"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r32:p4:*:*:*:*:*:*","matchCriteriaId":"86B53968-1CCA-4CF3-8454-BB92EF64D10E"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:-:*:*:*:*:*:*","matchCriteriaId":"514B0A2A-E2FD-4DB7-B5B8-5C59F1D60AD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p1:*:*:*:*:*:*","matchCriteriaId":"46DC49B8-7286-4867-9CDA-1C1B469CD304"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p2:*:*:*:*:*:*","matchCriteriaId":"43477C2E-7485-4146-B25C-F58D632CD85B"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r33:p3:*:*:*:*:*:*","matchCriteriaId":"6A25B9CF-02C0-42DE-9C70-F2AD3ACE3CEB"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:-:*:*:*:*:*:*","matchCriteriaId":"25292797-19EC-446B-BB26-FAC7A280F61D"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:p1:*:*:*:*:*:*","matchCriteriaId":"7453D683-FCA7-46EE-BE49-5FD9A01D7F87"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r34:p2:*:*:*:*:*:*","matchCriteriaId":"A977BF9F-D165-4B93-B4D2-A177883A5E75"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r35:-:*:*:*:*:*:*","matchCriteriaId":"5D5FFD66-35C3-41AD-BD77-510E34A3AC6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r35:p1:*:*:*:*:*:*","matchCriteriaId":"4958360C-7993-4C82-8685-202D4940CE01"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:-:*:*:*:*:*:*","matchCriteriaId":"E7E5F940-048A-446F-9A1E-074612CEA1AC"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p1:*:*:*:*:*:*","matchCriteriaId":"7993A0FB-BE7E-4634-BF7F-FDEE3582D3E7"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p2:*:*:*:*:*:*","matchCriteriaId":"862EA47E-8D57-434E-9C8F-238325FB85B2"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p3:*:*:*:*:*:*","matchCriteriaId":"7B52C01B-F719-4C72-BB83-7B70EC4BC029"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p4:*:*:*:*:*:*","matchCriteriaId":"9F2211E4-93B9-4F1F-BA32-F5C34B879688"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:nginx_plus:r36:p5:*:*:*:*:*:*","matchCriteriaId":"284E9DB5-02EB-40E9-9DF3-E8F8144775ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:*:*:*:*:*:nginx:*:*","versionStartIncluding":"5.9.0","versionEndIncluding":"5.13.1","matchCriteriaId":"03FC0AE0-1D26-4002-92DD-1895A38F6382"},{"vulnerable":true,"criteria":"cpe:2.3:a:f5:waf:4.8.1:*:*:*:*:nginx:*:*","matchCriteriaId":"EDC7D419-A6CD-4490-A456-459BDC9BF658"}]}]}],"references":[{"url":"https://my.f5.com/manage/s/article/K000161584","source":"f5sirt@f5.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:27197","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36331","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36364","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36618","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36639","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-42055","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489866","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42055.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-32748","sourceIdentifier":"security_alert@emc.com","published":"2026-06-17T17:16:38.510","lastModified":"2026-07-09T16:40:53.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerFlex Manager, version(s) prior to 5.1.0.1, contain(s) a Host Header Injection vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to trigger redirections."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerFlex rack","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.9.1.1 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"3.8.4.1 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:28:42.802594Z","id":"CVE-2025-32748","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:dell:powerflex_rack_release_certification_matrix:*:*:*:*:*:*:*:*","versionEndExcluding":"3.8.4.1","matchCriteriaId":"E278FE0E-D3F6-4E1B-8EBD-8BF775B18352"},{"vulnerable":true,"criteria":"cpe:2.3:a:dell:powerflex_rack_release_certification_matrix:*:*:*:*:*:*:*:*","versionStartIncluding":"3.9.0.0","versionEndExcluding":"3.9.1.1","matchCriteriaId":"0B2F6334-AF86-4CA9-8322-6B89DBBBC5F5"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000059672/ifgroup-not-working-correctly-when-ip-range-is-used","source":"security_alert@emc.com","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2026-12151","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-06-17T17:16:42.370","lastModified":"2026-07-09T13:16:47.673","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Impact:\nThe undici WebSocket client enforces maxPayloadSize on the cumulative byte count of fragments in a message but does not enforce a limit on the number of fragments. A malicious WebSocket server can stream many small or empty continuation frames that each pass per-frame and cumulative-size validation, collectively causing unbounded memory growth in the client process. The result is memory exhaustion and a denial of service.\n\nAffected applications are those using the undici WebSocket client (new WebSocket(...)) or the WebSocketStream API that can be induced to connect to an attacker-controlled or compromised WebSocket endpoint.\n\nAll releases starting at undici 6.17.0 are affected.\n\nPatches: Upgrade to undici >= 6.26.0, >= 7.28.0, or >= 8.5.0. Workarounds:\nNo workaround is available. The fix must be applied through an upgrade."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"undici","product":"undici","defaultStatus":"unaffected","packageURL":"pkg:npm/undici","versions":[{"version":"0","lessThan":"6.26.0","versionType":"semver","status":"affected"},{"version":"6.26.0","versionType":"semver","status":"unaffected"},{"version":"7.0.0","lessThan":"7.28.0","versionType":"semver","status":"affected"},{"version":"7.28.0","versionType":"semver","status":"unaffected"},{"version":"8.0.0","lessThan":"8.5.0","versionType":"semver","status":"affected"},{"version":"8.5.0","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Cluster Observability Operator 1.5.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:cluster_observability_operator:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.10::el9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_portal:2"]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:29:57.305732Z","id":"CVE-2026-12151","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-770"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"6.17.0","versionEndExcluding":"6.27.0","matchCriteriaId":"7DA00D4B-2ABC-49EC-A803-82DAC769A362"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.28.0","matchCriteriaId":"0C34D757-BB16-4E28-95D8-7D3FAC851B69"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.5.0","matchCriteriaId":"37F3655C-C7AE-4B13-A5EB-6FE0A9566124"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Vendor Advisory"]},{"url":"https://github.com/nodejs/undici/security/advisories/GHSA-vxpw-j846-p89q","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34342","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35841","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35842","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35891","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35892","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36754","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-12151","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489980","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12151.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-2467","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:41.890","lastModified":"2026-07-08T18:18:49.637","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Heap-based Buffer Overflow vulnerability in RTI Connext Professional (Core Libraries) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 5.0.0 before 5.2.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Core Libraries"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.7.0","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.1.3","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.*","versionType":"custom","status":"affected"},{"version":"6.0.0","lessThan":"6.0.*","versionType":"custom","status":"affected"},{"version":"5.3.0","lessThan":"5.3.*","versionType":"custom","status":"affected"},{"version":"5.0.0","lessThan":"5.2.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:03:21.528088Z","id":"CVE-2026-2467","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"7.7.0","matchCriteriaId":"3F95CC20-9460-4C5E-B56A-CE8F16028B38"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-2467","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-2674","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:42.387","lastModified":"2026-07-08T18:16:24.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Write, Out-of-bounds Write, Out-of-bounds Write vulnerability in RTI Connext Professional (Queueing Service,Core Libraries,Persistence Service) allows Overflow Buffers, Overflow Buffers, Overflow Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Queueing Service","Core Libraries","Persistence Service"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.7.0","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.1.3","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:57:40.284382Z","id":"CVE-2026-2674","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"7.7.0","matchCriteriaId":"B6B5FCCD-2C72-4980-B453-DF8E7356ACF2"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-2674","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-2675","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:42.707","lastModified":"2026-07-08T14:31:55.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Security Plugins"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.7.0","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.1.3","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.*","versionType":"custom","status":"affected"},{"version":"6.0.0","lessThan":"6.0.*","versionType":"custom","status":"affected"},{"version":"5.3.0","lessThan":"5.3.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:02:42.712673Z","id":"CVE-2026-2675","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"7.7.0","matchCriteriaId":"3F95CC20-9460-4C5E-B56A-CE8F16028B38"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-2675","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-30799","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:43.007","lastModified":"2026-07-08T14:27:11.723","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Identity Spoofing.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.*, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Security Plugins"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.7.0","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.*","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.*","versionType":"custom","status":"affected"},{"version":"6.0.0","lessThan":"6.0.*","versionType":"custom","status":"affected"},{"version":"5.3.0","lessThan":"5.3.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:59:33.217064Z","id":"CVE-2026-30799","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"5.3.0","versionEndExcluding":"7.7.0","matchCriteriaId":"3F95CC20-9460-4C5E-B56A-CE8F16028B38"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-30799","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-30802","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:43.263","lastModified":"2026-07-08T14:07:01.967","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Read vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0, from 2.4.5 before 2.4.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Micro","defaultStatus":"unaffected","packageName":"connext_micro","modules":["Core Libraries"],"packageURL":"pkg:generic/connext_micro","versions":[{"version":"4.0.0","lessThan":"4.3.0","versionType":"custom","status":"affected"},{"version":"2.4.5","lessThan":"2.4.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:58:36.128067Z","id":"CVE-2026-30802","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_micro:*:*:*:*:*:*:*:*","versionStartIncluding":"2.4.5","versionEndExcluding":"4.3.0","matchCriteriaId":"35657566-7EF7-4D1E-99AC-24A381A39A2A"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-30802","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-30803","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:43.410","lastModified":"2026-07-08T14:05:36.510","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer Underflow (Wrap or Wraparound) vulnerability in RTI Connext Micro (Core Libraries) allows Overread Buffers.This issue affects Connext Micro: from 4.0.0 before 4.3.0."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Micro","defaultStatus":"unaffected","packageName":"connext_micro","modules":["Core Libraries"],"packageURL":"pkg:generic/connext_micro","versions":[{"version":"4.0.0","lessThan":"4.3.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T17:58:11.377761Z","id":"CVE-2026-30803","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_micro:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.3.0","matchCriteriaId":"6BCAC260-B3A0-429E-A71D-1F6E27BD056A"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-30803","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-3894","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:17:44.287","lastModified":"2026-07-08T14:04:31.830","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1.*, from 6.0.0 before 6.0.*, from 5.3.0 before 5.3.*, from 5.0.0 before 5.2.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Core Libraries"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.7.0","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.1.3","versionType":"custom","status":"affected"},{"version":"6.1.0","lessThan":"6.1.*","versionType":"custom","status":"affected"},{"version":"6.0.0","lessThan":"6.0.*","versionType":"custom","status":"affected"},{"version":"5.3.0","lessThan":"5.3.*","versionType":"custom","status":"affected"},{"version":"5.0.0","lessThan":"5.2.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:01:05.016536Z","id":"CVE-2026-3894","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndExcluding":"7.7.0","matchCriteriaId":"95DB3192-6006-4B24-94C6-98C6A09F0706"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-3894","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-6734","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-06-17T18:18:05.617","lastModified":"2026-07-09T13:17:31.470","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Impact:\nWhen using Socks5ProxyAgent, undici reuses a single connection pool across different origins without verifying that the pool's origin matches the requested origin. All requests are dispatched through the pool connected to the first origin, regardless of the intended destination.\n\nThis causes cross-origin request routing: credentials and request data intended for origin B are sent to origin A, responses from the wrong origin are trusted, and HTTPS requests may be silently downgraded to HTTP.\n\nImpacted users are applications that use Socks5ProxyAgent (directly or via setGlobalDispatcher) and make requests to more than one origin.\n\nThis was introduced in undici 7.23.0 via PR #4385 and affects all versions through 8.1.0.\n\nPatches:\nUpgrade to undici v7.26.0 or v8.2.0.\n\nWorkarounds:\nUse a separate Socks5ProxyAgent instance per origin, or avoid using Socks5ProxyAgent with multiple origins."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"undici","product":"undici","defaultStatus":"unaffected","packageURL":"pkg:npm/undici","versions":[{"version":"7.23.0","lessThan":"7.26.0","versionType":"semver","status":"affected"},{"version":"7.26.0","versionType":"semver","status":"unaffected"},{"version":"8.0.0","lessThan":"8.2.0","versionType":"semver","status":"affected"},{"version":"8.2.0","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Cluster Observability Operator 1.5.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:cluster_observability_operator:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.10::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_portal:2"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T00:00:00+00:00","id":"CVE-2026-6734","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-940"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"7.23.0","versionEndExcluding":"7.28.0","matchCriteriaId":"470B6F0F-0441-4D55-A4A1-5DCBECF32E6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.2.0","matchCriteriaId":"DF2B7ECC-9B86-40B8-BA07-0D9ADBC4203E"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Vendor Advisory"]},{"url":"https://github.com/nodejs/undici/security/advisories/GHSA-hm92-r4w5-c3mj","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:22380","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22934","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34342","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35841","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35891","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36754","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7378","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-6734","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490024","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-6734.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-7300","sourceIdentifier":"3f572a00-62e2-4423-959a-7ea25eff1638","published":"2026-06-17T18:18:05.753","lastModified":"2026-07-08T13:55:10.853","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in RTI Connext Professional (Web Integration Service) allows Filter Failure through Buffer Overflow.This issue affects Connext Professional: from 7.4.0 before 7.*, from 7.0.0 before 7.3.1.3, from 6.1.2 before 6.1.*."}],"affected":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","affectedData":[{"vendor":"RTI","product":"Connext Professional","defaultStatus":"unaffected","packageName":"connext_professional","modules":["Web Integration Service"],"packageURL":"pkg:generic/connext_professional","versions":[{"version":"7.4.0","lessThan":"7.*","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.3.1.3","versionType":"custom","status":"affected"},{"version":"6.1.2","lessThan":"6.1.*","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-17T18:00:26.868901Z","id":"CVE-2026-7300","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3f572a00-62e2-4423-959a-7ea25eff1638","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rti:connext_professional:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.2","versionEndExcluding":"7.4.0","matchCriteriaId":"21210B58-4B30-4C47-B448-F4CAE754CDBD"}]}]}],"references":[{"url":"https://www.rti.com/vulnerabilities/#cve-2026-7300","source":"3f572a00-62e2-4423-959a-7ea25eff1638","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9697","sourceIdentifier":"ce714d77-add3-4f53-aff5-83d477b104bb","published":"2026-06-17T18:18:06.473","lastModified":"2026-07-09T13:17:32.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Impact:\nundici's ProxyAgent silently drops the requestTls option when configured with a SOCKS5 proxy URI (socks5:// or socks://). The target HTTPS connection through the SOCKS5 tunnel falls back to Node's default trust store, ignoring user-configured ca, cert, key, rejectUnauthorized, and servername settings.\n\nApplications that pin to an internal or corporate CA via requestTls.ca will, when their proxy URI is SOCKS5, get the default Mozilla CA bundle as the trust anchor instead. Any cert signed by any publicly-trusted CA for the target hostname is accepted, breaking the intended pin and enabling MITM read and tamper of the HTTPS exchange.\n\nAffected applications are those that use undici's ProxyAgent (or Socks5ProxyAgent directly) with SOCKS5 AND rely on requestTls for TLS scope restriction. The bug was introduced in undici 7.23.0 when SOCKS5 support was added.\n\nPatches:\nUpgrade to undici v7.28.0 or v8.5.0.\n\nWorkarounds:\nNo workaround is available within the SOCKS5 path. If a SOCKS5 proxy with TLS scope restriction is required and an upgrade is not yet possible, route the traffic through an HTTP-proxy ProxyAgent instead, where requestTls is honored correctly."}],"affected":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","affectedData":[{"vendor":"undici","product":"undici","defaultStatus":"unaffected","packageURL":"pkg:npm/undici","versions":[{"version":"7.23.0","lessThan":"7.28.0","versionType":"semver","status":"affected"},{"version":"7.28.0","versionType":"semver","status":"unaffected"},{"version":"8.0.0","lessThan":"8.5.0","versionType":"semver","status":"affected"},{"version":"8.5.0","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 10)","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10.2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AppStream (v. 9)","defaultStatus":"affected","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"]},{"vendor":"Red Hat","product":"Cluster Observability Operator 1.5.0","defaultStatus":"affected","cpes":["cpe:/a:redhat:cluster_observability_operator:1.5::el9"]},{"vendor":"Red Hat","product":"Red Hat Developer Hub 1.10","defaultStatus":"affected","cpes":["cpe:/a:redhat:rhdh:1.10::el9"]},{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","cpes":["cpe:/a:redhat:hummingbird:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"OpenShift Pipelines","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_pipelines:1"]},{"vendor":"Red Hat","product":"Red Hat Build of Podman Desktop","defaultStatus":"affected","cpes":["cpe:/a:redhat:podman_desktop:1"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat Openshift Data Foundation 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_data_foundation:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Self-service automation portal 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_portal:2"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T00:00:00+00:00","id":"CVE-2026-9697","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ce714d77-add3-4f53-aff5-83d477b104bb","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"7.23.0","versionEndExcluding":"7.28.0","matchCriteriaId":"470B6F0F-0441-4D55-A4A1-5DCBECF32E6F"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodejs:undici:*:*:*:*:*:node.js:*:*","versionStartIncluding":"8.0.0","versionEndExcluding":"8.5.0","matchCriteriaId":"37F3655C-C7AE-4B13-A5EB-6FE0A9566124"}]}]}],"references":[{"url":"https://cna.openjsf.org/security-advisories.html","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Vendor Advisory"]},{"url":"https://github.com/nodejs/undici/security/advisories/GHSA-vmh5-mc38-953g","source":"ce714d77-add3-4f53-aff5-83d477b104bb","tags":["Mitigation","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:22380","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:22934","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34342","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35841","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:35891","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36754","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:7378","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-9697","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-9697.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-52908","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-19T15:16:35.277","lastModified":"2026-07-08T15:24:27.260","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA: During rereg_mr ensure that REREG_ACCESS is compatible\n\nIf IB_MR_REREG_ACCESS changes from RO to RW then the umem has to be\nre-evaluated to ensure it is properly pinned as RW. Since the umem is\nhidden inside each driver's mr struct add a ib_umem_check_rereg() function\nthat each driver has to call before processing IB_MR_REREG_ACCESS.\n\nmlx4 has to retain its duplicate ib_access_writable check because it\nimplements IB_MR_REREG_ACCESS | IB_MR_REREG_TRANS by changing both items\nin place sequentially while the MR is live, so it will continue to not\nsupport this combination."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/infiniband/core/umem.c","drivers/infiniband/hw/hns/hns_roce_mr.c","drivers/infiniband/hw/irdma/verbs.c","drivers/infiniband/hw/mlx4/mr.c","drivers/infiniband/hw/mlx5/mr.c","drivers/infiniband/sw/rxe/rxe_verbs.c","include/rdma/ib_umem.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"b40656aa7d559adc1fe689396dc58b92a9a27286","lessThan":"09dc18894148381d3bfc550083b1236043870dce","versionType":"git","status":"affected"},{"version":"b40656aa7d559adc1fe689396dc58b92a9a27286","lessThan":"eba5df21eda0fe7418efbea2f799f8ea1b8ca94c","versionType":"git","status":"affected"},{"version":"b40656aa7d559adc1fe689396dc58b92a9a27286","lessThan":"2904e985a2917b5dac65df82733065e78a65fc9d","versionType":"git","status":"affected"},{"version":"b40656aa7d559adc1fe689396dc58b92a9a27286","lessThan":"50334a05a950840b39a1ce3d2a173b4183db9b3e","versionType":"git","status":"affected"},{"version":"b40656aa7d559adc1fe689396dc58b92a9a27286","lessThan":"badad6fad60def1b9805559dd81dbab3d97b82aa","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/infiniband/core/umem.c","drivers/infiniband/hw/hns/hns_roce_mr.c","drivers/infiniband/hw/irdma/verbs.c","drivers/infiniband/hw/mlx4/mr.c","drivers/infiniband/hw/mlx5/mr.c","drivers/infiniband/sw/rxe/rxe_verbs.c","include/rdma/ib_umem.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.2","status":"affected"},{"version":"0","lessThan":"6.2","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/09dc18894148381d3bfc550083b1236043870dce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2904e985a2917b5dac65df82733065e78a65fc9d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/50334a05a950840b39a1ce3d2a173b4183db9b3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/badad6fad60def1b9805559dd81dbab3d97b82aa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eba5df21eda0fe7418efbea2f799f8ea1b8ca94c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52909","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-19T15:16:35.383","lastModified":"2026-07-08T15:24:17.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nip6_vti: set netns_immutable on the fallback device.\n\njohn1988 and Noam Rathaus reported that vti6_init_net() does not set the\nnetns_immutable flag on the per-netns fallback tunnel device (ip6_vti0).\n\nOther similar tunnel drivers (like ip6_tunnel, sit, ip6_gre, and ip_tunnel)\ncorrectly set this flag during their fallback device initialization to\nprevent them from being moved to another network namespace."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/ipv6/ip6_vti.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"12acc977838c943636fb01e2f3087d2e4cc3b7cc","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"7f28e3948c59481f8db9c9638e204258d26b4e41","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"12c65e2c7fef507551bd7b52123598a761662c01","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"f4b6b4af7ef0661ac153c6f7eb1030aa8482c1a3","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"c5dbd669db5a426b3025512322e1bf2cdbe14305","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"ecf8904067dcba0dad86ece80874841e60317885","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"dcdce3bc9f08026ff3739ee7339e1bef526fc5f3","versionType":"git","status":"affected"},{"version":"61220ab349485d911083d0b7990ccd3db6c63297","lessThan":"d289d5307762d1838aaece22c6b6fcad9e8865f9","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/ipv6/ip6_vti.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.15","status":"affected"},{"version":"0","lessThan":"3.15","versionType":"semver","status":"unaffected"},{"version":"5.10.260","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.211","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.177","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.144","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.95","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.15","versionEndExcluding":"5.10.260","matchCriteriaId":"A607EC6A-B5CC-42BB-B74C-7191E7210452"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.211","matchCriteriaId":"D71C101E-388C-4A46-BD99-49049F7C5CFF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.177","matchCriteriaId":"333C9E30-7FD4-46A2-94EF-C1AA1F3EE28B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.144","matchCriteriaId":"C8AD3BC8-C843-423C-B9DB-CB52F67F578E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.95","matchCriteriaId":"4E206B86-E0E3-4394-A93F-39F2D50A8AA8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/12acc977838c943636fb01e2f3087d2e4cc3b7cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/12c65e2c7fef507551bd7b52123598a761662c01","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7f28e3948c59481f8db9c9638e204258d26b4e41","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c5dbd669db5a426b3025512322e1bf2cdbe14305","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d289d5307762d1838aaece22c6b6fcad9e8865f9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dcdce3bc9f08026ff3739ee7339e1bef526fc5f3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ecf8904067dcba0dad86ece80874841e60317885","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f4b6b4af7ef0661ac153c6f7eb1030aa8482c1a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52910","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-19T15:16:35.487","lastModified":"2026-07-08T15:20:05.307","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Free reuseport cBPF prog after RCU grace period.\n\nEulgyu Kim reported the splat below with a repro. [0]\n\nThe repro sets up a UDP reuseport group with a cBPF prog and\nreplaces it with a new one while another thread is sending\na UDP packet to the group.\n\nThe reuseport prog is freed by sk_reuseport_prog_free().\nbpf_prog_put() is called for \"e\"BPF prog to destruct through\nmultiple stages while cBPF prog is freed immediately by\nbpf_release_orig_filter() and bpf_prog_free().\n\nIf a reuseport prog is detached from the setsockopt() path\n(reuseport_attach_prog() or reuseport_detach_prog()),\nsk_reuseport_prog_free() is called without waiting for RCU\nreaders to complete, resulting in various bugs.\n\nLet's defer freeing the reuseport cBPF prog after one RCU\ngrace period.\n\nNote \"e\"BPF prog is safe as is unless the fast path starts\nto touch fields destroyed in bpf_prog_put_deferred() and\n__bpf_prog_put_noref().\n\n[0]:\nBUG: KASAN: vmalloc-out-of-bounds in reuseport_select_sock+0xedc/0x1220 net/core/sock_reuseport.c:596\nRead of size 4 at addr ffffc9000051e004 by task slowme/10208\nCPU: 6 UID: 1000 PID: 10208 Comm: slowme Not tainted 7.0.0-geb7ac95ff75e #32 PREEMPT(full)\nHardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nCall Trace:\n <IRQ>\n dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n reuseport_select_sock+0xedc/0x1220 net/core/sock_reuseport.c:596\n udp4_lib_lookup2+0x3bc/0x950 net/ipv4/udp.c:495\n __udp4_lib_lookup+0x768/0xe20 net/ipv4/udp.c:723\n __udp4_lib_lookup_skb+0x297/0x390 net/ipv4/udp.c:752\n __udp4_lib_rcv+0x1312/0x2620 net/ipv4/udp.c:2752\n ip_protocol_deliver_rcu+0x282/0x440 net/ipv4/ip_input.c:207\n ip_local_deliver_finish+0x3bb/0x6f0 net/ipv4/ip_input.c:241\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n NF_HOOK+0x30c/0x3a0 include/linux/netfilter.h:318\n __netif_receive_skb_one_core net/core/dev.c:6181 [inline]\n __netif_receive_skb net/core/dev.c:6294 [inline]\n process_backlog+0xaa4/0x1960 net/core/dev.c:6645\n __napi_poll+0xae/0x340 net/core/dev.c:7709\n napi_poll net/core/dev.c:7772 [inline]\n net_rx_action+0x5d7/0xf50 net/core/dev.c:7929\n handle_softirqs+0x22b/0x870 kernel/softirq.c:622\n do_softirq+0x76/0xd0 kernel/softirq.c:523\n </IRQ>\n <TASK>\n __local_bh_enable_ip+0xf8/0x130 kernel/softirq.c:450\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:924 [inline]\n __dev_queue_xmit+0x1dd7/0x3710 net/core/dev.c:4890\n neigh_output include/net/neighbour.h:556 [inline]\n ip_finish_output2+0xca9/0x1070 net/ipv4/ip_output.c:237\n NF_HOOK_COND include/linux/netfilter.h:307 [inline]\n ip_output+0x29f/0x450 net/ipv4/ip_output.c:438\n ip_send_skb+0x45/0xc0 net/ipv4/ip_output.c:1508\n udp_send_skb+0xb04/0x1510 net/ipv4/udp.c:1195\n udp_sendmsg+0x1a71/0x2350 net/ipv4/udp.c:1485\n sock_sendmsg_nosec net/socket.c:727 [inline]\n __sock_sendmsg net/socket.c:742 [inline]\n __sys_sendto+0x554/0x680 net/socket.c:2206\n __do_sys_sendto net/socket.c:2213 [inline]\n __se_sys_sendto net/socket.c:2209 [inline]\n __x64_sys_sendto+0xde/0x100 net/socket.c:2209\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x160/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x415a2d\nCode: b3 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f6bc31e41e8 EFLAGS: 00000212 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 00007f6bc31e4cdc RCX: 0000000000415a2d\nRDX: 0000000000000001 RSI: 00007f6bc31e421f RDI: 0000000000000003\nRBP: 00007f6bc31e4240 R08: 00007f6bc31e4220 R09: 0000000000000010\nR10: 0000000000000000 R11: \n---truncated---"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/filter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"08264d5bba0bdd3a79bc2984fee09286aba0c4eb","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"fec41484e7c2aa7ded44c541bba98872be937754","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"c3e3fddda6b5d9ba505d218b4055e7d8a282ac57","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"f8b8f1d4bb76098e87b8269a0631019648330e6d","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"298db6167f81e9c470a57cf652e4e47757b4293e","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"87dfb977bdb6eaa47e9993a34e18f44970f88b1f","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"90e47dc5c572d1c73971ac51c7428803f42b78eb","versionType":"git","status":"affected"},{"version":"538950a1b7527a0a52ccd9337e3fcd304f027f13","lessThan":"18fc650ccd7fe3376eca89203668cfb8268f60df","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/filter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.5","status":"affected"},{"version":"0","lessThan":"4.5","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.5,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-364"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.10.259","matchCriteriaId":"49A9457D-DA96-491F-96F5-C78397CA6014"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/08264d5bba0bdd3a79bc2984fee09286aba0c4eb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/18fc650ccd7fe3376eca89203668cfb8268f60df","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/298db6167f81e9c470a57cf652e4e47757b4293e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/87dfb977bdb6eaa47e9993a34e18f44970f88b1f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/90e47dc5c572d1c73971ac51c7428803f42b78eb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c3e3fddda6b5d9ba505d218b4055e7d8a282ac57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f8b8f1d4bb76098e87b8269a0631019648330e6d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fec41484e7c2aa7ded44c541bba98872be937754","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-52910","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490779","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52910.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-12619","sourceIdentifier":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","published":"2026-06-19T16:16:16.930","lastModified":"2026-07-09T16:41:04.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip GridTime 3000 allows Cross-Site Scripting (XSS).\n\nThis issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0."}],"affected":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","affectedData":[{"vendor":"Microchip","product":"GridTime 3000","defaultStatus":"unaffected","versions":[{"version":"1.0r0.03","lessThanOrEqual":"1.1r0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"ATTACKED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:44:48.323337Z","id":"CVE-2026-12619","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microchip:gridtime_3000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0r0.03","versionEndExcluding":"1.2r0.0","matchCriteriaId":"FAEA2B62-D75E-4D3B-8EC4-F1D3E3DD545B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:microchip:gridtime_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9568C140-DD2F-4237-84FE-831FE23A0808"}]}]}],"references":[{"url":"https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/gridtime-3000-gnss-time-server-csrf-to-xss","source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12620","sourceIdentifier":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","published":"2026-06-19T16:16:17.053","lastModified":"2026-07-09T15:55:02.027","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The GridTime 3000 GNSS Time Server leaks the access token in the URL parameters of some endpoints.\n\nThis issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0."}],"affected":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","affectedData":[{"vendor":"Microchip","product":"GridTime 3000","defaultStatus":"unaffected","versions":[{"version":"1.0r0.03","lessThanOrEqual":"1.1r0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"ATTACKED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:52:29.215328Z","id":"CVE-2026-12620","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microchip:gridtime_3000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0r0.03","versionEndExcluding":"1.2r0.0","matchCriteriaId":"FAEA2B62-D75E-4D3B-8EC4-F1D3E3DD545B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:microchip:gridtime_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9568C140-DD2F-4237-84FE-831FE23A0808"}]}]}],"references":[{"url":"https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/gridtime-3000-gnss-time-server-access-token-exposure","source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12621","sourceIdentifier":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","published":"2026-06-19T16:16:17.173","lastModified":"2026-07-09T16:42:05.157","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation XSS \nvulnerability in the GridTime 3000 (password reset form) allows XSS. \nThis issue affects GridTime 3000: from 1.0r0.03 before 1.2r0.0."}],"affected":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","affectedData":[{"vendor":"Microchip","product":"GridTime 3000","defaultStatus":"unaffected","versions":[{"version":"1.0r0.03","lessThanOrEqual":"1.1r0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:51:30.787287Z","id":"CVE-2026-12621","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microchip:gridtime_3000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0r0.03","versionEndExcluding":"1.2r0.0","matchCriteriaId":"FAEA2B62-D75E-4D3B-8EC4-F1D3E3DD545B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:microchip:gridtime_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9568C140-DD2F-4237-84FE-831FE23A0808"}]}]}],"references":[{"url":"https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/gridtime-3000-gnss-time-server-dom-xss","source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12622","sourceIdentifier":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","published":"2026-06-19T16:16:17.283","lastModified":"2026-07-09T17:07:50.853","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The GridTime 3000 GNSS Time Server has an open redirect vulnerability in the password change form submission.\n\nThis issue affects GridTime 3000: from 1.0r0.03 through 1.1r0.0."}],"affected":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","affectedData":[{"vendor":"Microchip","product":"GridTime 3000","defaultStatus":"unaffected","versions":[{"version":"1.0r0.03","lessThanOrEqual":"1.1r0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:45:07.862285Z","id":"CVE-2026-12622","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:microchip:gridtime_3000_firmware:*:*:*:*:*:*:*:*","versionStartIncluding":"1.0r0.03","versionEndExcluding":"1.2r0.0","matchCriteriaId":"FAEA2B62-D75E-4D3B-8EC4-F1D3E3DD545B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:microchip:gridtime_3000:-:*:*:*:*:*:*:*","matchCriteriaId":"9568C140-DD2F-4237-84FE-831FE23A0808"}]}]}],"references":[{"url":"https://www.microchip.com/en-us/solutions/technologies/embedded-security/how-to-report-potential-product-security-vulnerabilities/gridtime-3000-gnss-time-server-open-redirect","source":"dc3f6da9-85b5-4a73-84a2-2ec90b40fca5","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-51843","sourceIdentifier":"cve@mitre.org","published":"2026-06-19T17:16:29.790","lastModified":"2026-07-09T16:29:02.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:40:23.383079Z","id":"CVE-2026-51843","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*","matchCriteriaId":"4D94B37C-491D-4E7C-8273-F46FEDA62C9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*","matchCriteriaId":"A3BEE979-5BF3-48ED-AF42-0546D4F896E9"}]}]}],"references":[{"url":"https://www.kdev.site/cve-request_008/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kdev.site/cve-request_008/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-51844","sourceIdentifier":"cve@mitre.org","published":"2026-06-19T17:16:29.890","lastModified":"2026-07-09T16:29:05.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the cloneType parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:40:14.341203Z","id":"CVE-2026-51844","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*","matchCriteriaId":"4D94B37C-491D-4E7C-8273-F46FEDA62C9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*","matchCriteriaId":"A3BEE979-5BF3-48ED-AF42-0546D4F896E9"}]}]}],"references":[{"url":"https://www.kdev.site/cve-request_006/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kdev.site/cve-request_006/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-51845","sourceIdentifier":"cve@mitre.org","published":"2026-06-19T17:16:29.993","lastModified":"2026-07-09T16:29:11.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the mac parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:38:00.513229Z","id":"CVE-2026-51845","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*","matchCriteriaId":"4D94B37C-491D-4E7C-8273-F46FEDA62C9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*","matchCriteriaId":"A3BEE979-5BF3-48ED-AF42-0546D4F896E9"}]}]}],"references":[{"url":"https://www.kdev.site/cve-request_007/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kdev.site/cve-request_007/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-51846","sourceIdentifier":"cve@mitre.org","published":"2026-06-19T17:16:30.090","lastModified":"2026-07-09T16:29:16.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Tenda AC7 v15.03.06.44, the wanSpeed parameter of the route /goform/AdvSetMacMtuWan has a stack buffer overflow vulnerability that can lead to remote arbitrary code execution."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:37:01.679343Z","id":"CVE-2026-51846","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tenda:ac7_firmware:15.03.06.44:*:*:*:*:*:*:*","matchCriteriaId":"4D94B37C-491D-4E7C-8273-F46FEDA62C9F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tenda:ac7:-:*:*:*:*:*:*:*","matchCriteriaId":"A3BEE979-5BF3-48ED-AF42-0546D4F896E9"}]}]}],"references":[{"url":"https://www.kdev.site/cve-request_005/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.kdev.site/cve-request_005/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50559","sourceIdentifier":"security-advisories@github.com","published":"2026-06-19T21:17:02.373","lastModified":"2026-07-09T13:17:27.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Quarkus is a Java framework for building cloud-native applications. Prior to versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2, Quarkus HTTP path-based authorization policies can be bypassed using encoded semicolons (%3B) to smuggle matrix parameters past the security layer, and using encoded slashes (%2F) or backslashes (%5C) to access protected static resources. This is a distinct issue from CVE-2026-39852, which addressed only literal semicolon stripping. Versions 3.37.0, 3.36.3, 3.33.2.1, 3.33.3, 3.27.4.1, 3.27.5, and 3.20.6.2 contain a patch."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"quarkusio","product":"quarkus","versions":[{"version":">= 3.36.0, < 3.36.3","status":"affected"},{"version":">= 3.33.0, < 3.33.2.1","status":"affected"},{"version":">= 3.27.0, < 3.27.4.1","status":"affected"},{"version":"< 3.20.6.2","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Build of Apache Camel 3.33 for Quarkus 3.33.2.SP1","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_quarkus:3.33"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus 3.20.6.SP2","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3.20::el8"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus 3.27.4.SP1","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3.27::el8"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus 3.33.2.SP1","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3.33::el8"]},{"vendor":"Red Hat","product":"Streams for Apache Kafka 2.9.4","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:2.9::el9"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"affected","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel 4 for Quarkus 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:camel_quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:apicurio_registry:3"]},{"vendor":"Red Hat","product":"Red Hat build of Debezium 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:debezium:3"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"Red Hat Build of Keycloak","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:build_keycloak:"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:29:52.634980Z","id":"CVE-2026-50559","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-551"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*","versionEndExcluding":"3.20.6.2","matchCriteriaId":"3E37C5F3-9057-44CE-A42A-71BD38827241"},{"vulnerable":true,"criteria":"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*","versionStartIncluding":"3.21.0","versionEndExcluding":"3.27.4.1","matchCriteriaId":"D726AC73-94BB-4DC6-A13F-52E7A93DC593"},{"vulnerable":true,"criteria":"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*","versionStartIncluding":"3.28.0","versionEndExcluding":"3.33.2.1","matchCriteriaId":"DAAA66C6-B4F8-4517-A4FF-F3F831BEAF0F"},{"vulnerable":true,"criteria":"cpe:2.3:a:quarkus:quarkus:*:*:*:*:*:*:*:*","versionStartIncluding":"3.34.0","versionEndExcluding":"3.36.3","matchCriteriaId":"6E73505E-C605-42F6-B9A1-E9BDFF0090D8"}]}]}],"references":[{"url":"https://github.com/quarkusio/quarkus/security/advisories/GHSA-qcxp-gm7m-4j5v","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:26017","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26018","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26194","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:26586","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:34608","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-50559","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2486959","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50559.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-48908","sourceIdentifier":"security@joomla.org","published":"2026-06-20T13:16:42.080","lastModified":"2026-07-08T13:57:42.590","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"joomshaper.net","product":"SP Page Builder extension for Joomla","defaultStatus":"unaffected","versions":[{"version":"1.0.0-6.6.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"ATTACKED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"RED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-48908","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2026-07-07","cisaActionDue":"2026-07-10","cisaRequiredAction":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","cisaVulnerabilityName":"JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability","weaknesses":[{"source":"security@joomla.org","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ollyo:sp_page_builder:*:*:*:*:-:joomla\\!:*:*","versionEndExcluding":"6.6.2","matchCriteriaId":"357A3AA5-76BB-4E60-AA71-CB8FB76E2221"}]}]}],"references":[{"url":"https://www.joomshaper.com/page-builder","source":"security@joomla.org","tags":["Product"]},{"url":"https://extensions.joomla.org/extension/sp-page-builder/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Product"]},{"url":"https://mysites.guru/blog/sp-page-builder-zero-day-uploadcustomicon-rce/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48908","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]},{"url":"https://www.joomshaper.com/forum/question/45152","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-56346","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-20T19:16:24.127","lastModified":"2026-07-08T20:16:53.437","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"AVideo through version 25.0 contains an authentication bypass vulnerability in the decryptMessage.json.php endpoint that allows unauthenticated users to decrypt PGP messages. Remote attackers can submit private keys, ciphertext, and passphrases to perform server-side decryption without credentials, exposing key material to logs and enabling resource exhaustion attacks."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"AVideo","product":"AVideo","defaultStatus":"unaffected","packageURL":"pkg:composer/wwbn/avideo","versions":[{"version":"0","lessThanOrEqual":"25.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T12:41:41.179894Z","id":"CVE-2026-56346","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/WWBN/AVideo/security/advisories/GHSA-5x2w-37xf-7962","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/avideo-unauthenticated-pgp-message-decryption-via-decryptmessage-json-php-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/WWBN/AVideo/security/advisories/GHSA-5x2w-37xf-7962","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-52911","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-21T08:16:23.607","lastModified":"2026-07-08T15:13:12.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: scope conn->binding slowpath to bound sessions only\n\nWhen the binding SESSION_SETUP sets conn->binding = true, the flag stays\nset after the call so that the global session lookup in\nksmbd_session_lookup_all() can find the session, which was not added to\nconn->sessions. Because the flag is connection-wide, the global lookup\npath will also resolve any other session by id if asked.\n\nTighten the global lookup so that the returned session must have this\nconnection registered in its channel xarray (sess->ksmbd_chann_list).\nThe channel entry is installed by the existing binding_session path in\nntlm_authenticate()/krb5_authenticate() when a SESSION_SETUP completes\nsuccessfully, so this condition is a strict equivalent of \"this\nconnection has been accepted as a channel of this session\". Connections\nthat have not bound to a given session cannot reach it via the global\ntable.\n\nThe existing conn->binding gate for entering the slowpath is preserved\nso that non-binding connections keep the fast-path-only behavior, and\nthe session->state check is unchanged."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/smb/server/mgmt/user_session.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"e74c00c6af428a39e564cdc5bd3a3648c6d8de87","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"e3a93ce6e25757b8f375e38b8f91e1d9da4edc1a","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"1ff46c9915c1cbf454db58a8cb87f7cac818e6a6","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"974c1c224e85549dc3459f3bb2255bbbdd2b9372","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"2cc8a4db633b10715450b291c1343859a4b2c509","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"1e2bec062c5c9ec282636715166056d0998d746d","versionType":"git","status":"affected"},{"version":"f5a544e3bab78142207e0242d22442db85ba1eff","lessThan":"b0da97c034b6107d14e537e212d4ce8b22109a58","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/smb/server/mgmt/user_session.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.209","matchCriteriaId":"6EDF0B07-5AB8-46F1-84C6-AAB5EF2C52B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.141","matchCriteriaId":"97A9FFFA-22BB-4D5C-9790-5A2286E392F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1e2bec062c5c9ec282636715166056d0998d746d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1ff46c9915c1cbf454db58a8cb87f7cac818e6a6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2cc8a4db633b10715450b291c1343859a4b2c509","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/974c1c224e85549dc3459f3bb2255bbbdd2b9372","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b0da97c034b6107d14e537e212d4ce8b22109a58","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e3a93ce6e25757b8f375e38b8f91e1d9da4edc1a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e74c00c6af428a39e564cdc5bd3a3648c6d8de87","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-54099","sourceIdentifier":"secalert@redhat.com","published":"2026-06-22T14:17:40.820","lastModified":"2026-07-08T15:10:59.533","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container Platform. The WICD CSR auto-approver validates that a Certificate Signing Request contains the organization system:wicd-nodes but does not reject additional organization values such as system:masters. A compromised Windows worker node that holds WICD credentials can submit a CSR that is auto-approved and signed by the cluster, yielding a client certificate that grants cluster-administrator privileges and enabling full cluster takeover."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel8-operator","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:windows_machine_config"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:windows_machine_config"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T00:00:00+00:00","id":"CVE-2026-54099","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Primary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndExcluding":"4.22.1","matchCriteriaId":"4A5FB226-0EC9-4963-9062-26C254D92F40"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:windows_machine_config_operator:-:*:*:*:*:*:*:*","matchCriteriaId":"2219154D-E4AD-4A8E-942A-C4804C00591C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-54099","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487950","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-54099","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487950","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54099.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54100","sourceIdentifier":"secalert@redhat.com","published":"2026-06-22T14:17:40.950","lastModified":"2026-07-08T15:10:50.797","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the Windows Machine Config Operator (WMCO) for Red Hat OpenShift Container Platform. WMCO establishes SSH connections to Windows worker nodes without verifying the remote server host key. An adjacent-network attacker who can intercept or redirect WMCO's SSH session can capture WICD and kubelet bootstrap credentials transferred during node configuration, enabling compromise of Windows node identities in the cluster."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel8-operator","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift4-wincw/windows-machine-config-rhel9-operator","cpes":["cpe:/a:redhat:windows_machine_config"]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift:4"]},{"vendor":"Red Hat","product":"Red Hat OpenShift for Windows Containers","defaultStatus":"affected","cpes":["cpe:/a:redhat:windows_machine_config"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T00:00:00+00:00","id":"CVE-2026-54100","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndIncluding":"4.22.1","matchCriteriaId":"3F70390E-5DD6-42E4-AEA8-1C03337DDABC"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:windows_machine_config_operator:-:*:*:*:*:*:*:*","matchCriteriaId":"2219154D-E4AD-4A8E-942A-C4804C00591C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-54100","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487953","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-54100","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487953","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54100.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12549","sourceIdentifier":"secalert@redhat.com","published":"2026-06-22T16:16:34.090","lastModified":"2026-07-08T15:10:43.427","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The fix for CVE-2026-2443 was regressed by a subsequent rework commit that replaced specific overflow checks with a general signed comparison. When a client sends a Range request with a suffix length exceeding the content size, the resulting negative start value is not properly clamped, leading to malformed HTTP 206 responses and log flooding."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup3","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"libsoup","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:05:45.451175Z","id":"CVE-2026-12549","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-805"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*","matchCriteriaId":"C5BAC4F4-3ACD-4F4D-920C-F920FD2C5472"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-12549","source":"secalert@redhat.com","tags":["Vendor Advisory","Mitigation"]},{"url":"https://access.redhat.com/security/cve/cve-2026-0716","source":"secalert@redhat.com","tags":["Vendor Advisory","Mitigation"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2489999","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://gitlab.gnome.org/GNOME/libsoup/-/work_items/516","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12725","sourceIdentifier":"secalert@redhat.com","published":"2026-06-22T16:16:34.490","lastModified":"2026-07-08T15:10:32.597","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-based buffer overflow was found in dnsmasq. When DNSSEC validation and\nquery logging are both enabled, logging of DS or DNSKEY replies containing\nunsupported algorithm or digest types can cause dnsmasq to write past the end\nof an internal logging buffer. A remote attacker able to supply such a DNS\nresponse may crash the dnsmasq process, resulting in denial of service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T18:20:23.362371Z","id":"CVE-2026-12725","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0","versionEndIncluding":"4.22.1","matchCriteriaId":"3F70390E-5DD6-42E4-AEA8-1C03337DDABC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","versionEndExcluding":"2.93","matchCriteriaId":"8D8EBB73-1EA7-47A6-A71A-172ED404E0B6"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-12725","source":"secalert@redhat.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2490763","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41049","sourceIdentifier":"meissner@suse.de","published":"2026-06-22T16:16:35.413","lastModified":"2026-07-08T15:42:08.647","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect caching of authentication between different users of the  qSnapper dbus service before version 1.3.3 allowed any local attacker to use dbus functions after a privileged users has authenticated for them."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"presire","product":"qSnapper","defaultStatus":"unaffected","packageName":"qsnapper","repo":"https://github.com/presire/qSnapper","versions":[{"version":"1.2.1","lessThan":"1.3.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:25:21.586546Z","id":"CVE-2026-41049","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:presire:qsnapper:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3","matchCriteriaId":"EDD5718C-0459-48A0-A6A8-B6C1F557DF2C"}]}]}],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1262218","source":"meissner@suse.de","tags":["Third Party Advisory"]},{"url":"https://github.com/presire/qSnapper/releases/tag/v1.3.3","source":"meissner@suse.de","tags":["Third Party Advisory"]},{"url":"https://security.opensuse.org/2026/05/26/qsnapper-dbus-issues.html#issue-auth-caching","source":"meissner@suse.de","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50557","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:38.050","lastModified":"2026-07-09T15:40:45.797","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22 and 19.2.22, an issue in the @angular/compiler and @angular/core packages allows bypassing element and attribute sanitization/validation through specific namespace workarounds. Specifically, namespaced script elements (e.g., <svg:script> or <:svg:script>) were not properly identified as script elements by the Angular template preparser, allowing them to pass through template compilation without being stripped. Furthermore, security context schema mappings for element attributes did not consistently handle attributes within namespaced elements (like SVG and MathML), opening up gaps where malicious namespaced attributes could bypass runtime and compile-time sanitizers. Combined, these flaws enable an attacker who can inject or supply a template/tag structure with custom namespaces to bypass Angular's script-stripping logic and attribute sanitizers, leading to client-side Cross-Site Scripting (XSS). This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22 and 19.2.22."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 21.0.0-next.0 < 21.2.15","status":"affected"},{"version":">= 22.0.0-next.0 < 22.0.0-rc.2","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0 < 19.2.22","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:51:06.519025Z","id":"CVE-2026-50557","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.22","matchCriteriaId":"1600564B-1893-478C-8C8F-11283A716D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/68689","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/pull/68868","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-f3m7-gqxr-g87x","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-52725","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:38.193","lastModified":"2026-07-09T15:38:38.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/core package allows bypassing script-execution restrictions during dynamic component creation. Specifically, the dynamic component instantiation mechanism (createComponent) failed to reject mounting components directly onto a <script> or namespaced script element (such as <svg:script>). This enabled the initialization of custom components on a tag that executes scripts, allowing attackers to hijack or inject script-executing hosts. This flaw enables an attacker who can control the host element or selector parameter passed to createComponent to initialize or mount an Angular component directly onto a <script> tag, leading to execution of untrusted code or client-side Cross-Site Scripting (XSS). This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0 < 19.2.22","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:59:13.494116Z","id":"CVE-2026-52725","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/68686","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/pull/68713","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-692r-grfm-v8x7","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53550","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:38.447","lastModified":"2026-07-09T20:33:57.993","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"js-yaml is a JavaScript YAML parser and dumper. Prior to 4.2.0 and 3.15.0, a crafted YAML document can trigger algorithmic CPU exhaustion in js-yaml merge-key processing (<<) by repeating the same alias many times in a merge sequence. This causes quadratic parse-time behavior relative to input size and can block a Node.js worker/event loop for seconds with a relatively small payload (tens of KB), resulting in denial of service. The issue is in merge handling inside lib/loader.js. This vulnerability is fixed in 4.2.0 and 3.15.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nodeca","product":"js-yaml","versions":[{"version":">= 4.0.0, < 4.2.0","status":"affected"},{"version":"< 3.15.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T16:05:40.611324Z","id":"CVE-2026-53550","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-407"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nodeca:js-yaml:*:*:*:*:*:node.js:*:*","versionEndExcluding":"3.15.0","matchCriteriaId":"6BA37F36-3871-48AF-97FA-C3EFA44746C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:nodeca:js-yaml:*:*:*:*:*:node.js:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.2.0","matchCriteriaId":"0CB244DD-6149-4E5B-A950-10C4FE3484CD"}]}]}],"references":[{"url":"https://github.com/nodeca/js-yaml/security/advisories/GHSA-h67p-54hq-rp68","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54264","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:39.057","lastModified":"2026-07-09T15:40:14.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an information disclosure vulnerability exists in the @angular/service-worker package of the Angular framework. When the Service Worker fetches assets, it preserves metadata (such as headers) from the original request. However, on cross-origin redirects, the Service Worker fails to strip sensitive headers, violating the Fetch redirect algorithm. This allows a remote attacker to obtain sensitive credentials (e.g., Authorization tokens, Proxy-Authorization credentials, or session cookies) by triggering a cross-origin redirect to an untrusted external origin. This vulnerability is fixed in 22.0.1, 21.2.17, and 20.3.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.1","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.17","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.25","status":"affected"},{"version":"<= 19.2.25","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T13:46:15.588316Z","id":"CVE-2026-54264","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-359"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"19.2.25","matchCriteriaId":"D511E6AD-81F0-4D1B-9714-5F11AFCBE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.25","matchCriteriaId":"A07B48E8-DEB0-4AFF-8E73-C3B05DC10AC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.17","matchCriteriaId":"719E82E9-3914-484D-BEBF-A89AF5049B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.0.1","matchCriteriaId":"F8388A42-0154-438C-A3BF-A8E980CE0C9E"}]}]}],"references":[{"url":"https://github.com/angular/angular/commit/47d68dcb26266316647133ab6385e77fc3e5ae08","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/angular/angular/pull/69029","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-qxh6-94w6-9r5p","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54265","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:39.187","lastModified":"2026-07-09T15:39:01.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, an issue in the @angular/compiler package allows bypassing DOM property sanitization through the use of two-way property bindings. Specifically, when a native DOM property that requires sanitization (such as innerHTML, srcdoc, src, href, data, or sandbox) is bound using the two-way binding syntax (e.g., [(innerHTML)]=\"value\" or bindon-innerHTML=\"value\"), the Angular template compiler failed to apply the appropriate schema-derived sanitizer resolution to the TwoWayProperty operation. As a result, native two-way DOM bindings were emitted without the required sanitizer function, whereas equivalent one-way bindings would be properly sanitized. This flaw enables an attacker who can control the value of a two-way bound sensitive property to bypass Angular's built-in sanitization logic, potentially leading to client-side Cross-Site Scripting (XSS). This vulnerability is fixed in 22.0.1, 21.2.17, and 20.3.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.1","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.17","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.25","status":"affected"},{"version":"<= 19.2.25","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T15:54:52.170678Z","id":"CVE-2026-54265","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"19.2.25","matchCriteriaId":"D511E6AD-81F0-4D1B-9714-5F11AFCBE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.25","matchCriteriaId":"A07B48E8-DEB0-4AFF-8E73-C3B05DC10AC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.17","matchCriteriaId":"719E82E9-3914-484D-BEBF-A89AF5049B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.0.1","matchCriteriaId":"F8388A42-0154-438C-A3BF-A8E980CE0C9E"}]}]}],"references":[{"url":"https://github.com/angular/angular/commit/3c70270c96677c0dd33585f2afe8e187113e5fb4","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/angular/angular/pull/69107","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-58w9-8g37-x9v5","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54266","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:39.313","lastModified":"2026-07-09T15:39:58.797","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering (SSR) so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in TransferState using a cache key generated by hashing request properties (method, response type, mapped URL, serialized body, and sorted query parameters). The cache keys are generated using a weak 32-bit DJB2-like polynomial rolling hash. The 32-bit hash space is extremely small, allowing attackers to find hash collisions. An attacker can easily find a query parameter string (e.g., q=aaCAZMMM for a search request) that produces the exact same 32-bit hash as a sensitive endpoint (e.g., /api/user/profile). When a victim visits a crafted link containing the colliding parameter, the SSR process executes both the search request and the profile request. Due to the hash collision, the search response overwrites the profile response in the TransferState cache. This vulnerability is fixed in 22.0.1, 21.2.17, and 20.3.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.1","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.17","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.25","status":"affected"},{"version":"<= 19.2.25","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:55:58.476641Z","id":"CVE-2026-54266","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-328"},{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"19.2.25","matchCriteriaId":"D511E6AD-81F0-4D1B-9714-5F11AFCBE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.25","matchCriteriaId":"A07B48E8-DEB0-4AFF-8E73-C3B05DC10AC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.17","matchCriteriaId":"719E82E9-3914-484D-BEBF-A89AF5049B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.0.1","matchCriteriaId":"F8388A42-0154-438C-A3BF-A8E980CE0C9E"}]}]}],"references":[{"url":"https://github.com/angular/angular/commit/5f36274da3f961430ae72865159afa02a1dd9133","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/angular/angular/pull/69153","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-39pv-4j6c-2g6v","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54267","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:39.457","lastModified":"2026-07-09T15:39:24.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, to optimize client-side bootstrap in Server-Side Rendered (SSR) environments, Angular supports Hydration via provideClientHydration(). During SSR, Angular serializes the application's runtime state (such as cached HttpClient responses) and outputs it into the HTML stream as a <script> tag with a predictable identifier. During client bootstrap, Angular recovers this state by looking up the element via document.getElementById('ng-state') and parsing its text content. Because the DOM element lookup for the state container is predictable and relies solely on the ID selector (ng-state), it is susceptible to DOM Clobbering. If the application binds untrusted user input or CMS content to element properties such as id (e.g., <div [id]=\"userInput\"> or <a id=\"ng-state\">) before the genuine <script> tag is parsed by the browser, the attacker-controlled element takes precedence in the DOM lookup. During hydration, when Angular calls document.getElementById('ng-state'), the browser returns the attacker's clobbered element. Angular then attempts to parse the text content or attributes of this clobbered element as JSON. This vulnerability is fixed in 22.0.1, 21.2.17, and 20.3.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.1","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.17","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.25","status":"affected"},{"version":"<= 19.2.25","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T16:00:23.479828Z","id":"CVE-2026-54267","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-471"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"19.2.25","matchCriteriaId":"D511E6AD-81F0-4D1B-9714-5F11AFCBE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.25","matchCriteriaId":"A07B48E8-DEB0-4AFF-8E73-C3B05DC10AC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.17","matchCriteriaId":"719E82E9-3914-484D-BEBF-A89AF5049B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.0.1","matchCriteriaId":"F8388A42-0154-438C-A3BF-A8E980CE0C9E"}]}]}],"references":[{"url":"https://github.com/angular/angular/commit/6bde84fa8e6a5770b54040fbbc9bf10d5d0386fa","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/angular/angular/pull/69064","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-rgjc-h3x7-9mwg","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-54268","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T16:16:39.590","lastModified":"2026-07-09T15:39:41.960","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, a Denial of Service (DoS) vulnerability exists in the @angular/common package of the Angular framework. The formatDate function, which is also utilized by the standard Angular DatePipe, does not properly limit or validate the length of the format parameter. When parsing a maliciously crafted, excessively long date format string (e.g., a repeating pattern or very large string), the internal parser splits the string iteratively using a regular expression loop. This results in uncontrolled resource consumption (high CPU utilization and excessive memory allocations), leading to a Denial of Service (DoS). This vulnerability is fixed in 22.0.1, 21.2.17, and 20.3.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0 < 22.0.1","status":"affected"},{"version":">= 21.0.0-next.0 < 21.2.17","status":"affected"},{"version":">= 20.0.0-next.0 < 20.3.25","status":"affected"},{"version":"<= 19.2.25","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T16:07:25.833697Z","id":"CVE-2026-54268","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"19.2.25","matchCriteriaId":"D511E6AD-81F0-4D1B-9714-5F11AFCBE18E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.25","matchCriteriaId":"A07B48E8-DEB0-4AFF-8E73-C3B05DC10AC1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.17","matchCriteriaId":"719E82E9-3914-484D-BEBF-A89AF5049B83"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"22.0.0","versionEndExcluding":"22.0.1","matchCriteriaId":"F8388A42-0154-438C-A3BF-A8E980CE0C9E"}]}]}],"references":[{"url":"https://github.com/angular/angular/commit/eeb03f4ea310e2e51ba5d53a421ec7b418e186cd","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/angular/angular/pull/69197","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-48r7-hpm6-gfxm","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-8858","sourceIdentifier":"psirt@us.ibm.com","published":"2026-06-22T16:16:42.967","lastModified":"2026-07-09T21:16:56.547","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to remote code execution and denial of service in the WebSphere Web Server Plug-in component. This vulnerability can be exploited when an attacker impersonates the application server and sends crafted responses to the plug-in."}],"affected":[{"source":"psirt@us.ibm.com","affectedData":[{"vendor":"IBM","product":"WebSphere Application Server","defaultStatus":"unaffected","cpes":["cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*"],"versions":[{"version":"8.5","status":"affected"},{"version":"9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T03:56:00.365269Z","id":"CVE-2026-8858","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:i:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3","versionEndIncluding":"7.6","matchCriteriaId":"46DEA5F3-B160-471F-8C4C-0E8338EDEDA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*","matchCriteriaId":"C684FC45-C9BA-4EF0-BD06-BB289450DD21"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7276560","source":"psirt@us.ibm.com"}]}},{"cve":{"id":"CVE-2026-9072","sourceIdentifier":"psirt@us.ibm.com","published":"2026-06-22T16:16:43.500","lastModified":"2026-07-09T21:16:56.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM WebSphere Application Server and IBM WebSphere Application Server Liberty - when using Intelligent Management with the WebSphere WebServer Plug-in component - are vulnerable to remote code execution and denial of service. This vulnerability can be exploited when an attacker impersonates backend servers and sends crafted responses to the plug-in."}],"affected":[{"source":"psirt@us.ibm.com","affectedData":[{"vendor":"IBM","product":"WebSphere Application Server","defaultStatus":"unaffected","cpes":["cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*"],"versions":[{"version":"8.5","status":"affected"},{"version":"9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T00:00:00+00:00","id":"CVE-2026-9072","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:i:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3","versionEndIncluding":"7.6","matchCriteriaId":"46DEA5F3-B160-471F-8C4C-0E8338EDEDA5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*","matchCriteriaId":"C684FC45-C9BA-4EF0-BD06-BB289450DD21"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7276560","source":"psirt@us.ibm.com"}]}},{"cve":{"id":"CVE-2026-46417","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:38.470","lastModified":"2026-07-09T15:31:03.523","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server. The issue stems from how the server-side rendering (SSR) engine processes the request URL provided to the rendering entry points. When an absolute-form URL (e.g., http://evil.com) is passed to the rendering engine, the internal ServerPlatformLocation can be manipulated into adopting the attacker-controlled domain as the \"current\" hostname. Consequently, any relative HttpClient requests or PlatformLocation.hostname references are redirected to the attacker controlled server, potentially exposing internal APIs or metadata services. This vulnerability is fixed in 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-next.12","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.13","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.21","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.22","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:16:15.745160Z","id":"CVE-2026-46417","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.22","matchCriteriaId":"1600564B-1893-478C-8C8F-11283A716D16"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.21","matchCriteriaId":"001C257B-45D7-45E8-BA75-314E5BD4D327"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.13","matchCriteriaId":"E06C979C-D24A-4D29-9684-2F476AB155F7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/68570","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-rfh7-fxqc-q52v","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-46417","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491444","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46417.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50168","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:42.117","lastModified":"2026-07-09T15:24:54.253","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/platform-server package allows remote attackers to bypass host allowlist constraints and direct server-side outgoing requests to arbitrary external endpoints. This occurs due to a parser differential between the strict WHATWG URL parser used for allowlist validation and the lenient Domino URL parser used to initialize the server emulated DOM. When a server-side request contains a malformed URL with a double port structure (e.g., http://evil.com:80:80/path), Node's strict URL.canParse(url) logic returns false and skips host check validation entirely. However, the same malformed URL is later accepted and parsed leniently by Domino's internal parser, which resolves the origin to http://evil.com:80. The Angular SSR HTTP request interceptor (relativeUrlsTransformerInterceptorFn) then resolves all relative backend HTTP requests against this adopted origin, executing the SSRF attack. This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.23","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:59:41.275571Z","id":"CVE-2026-50168","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"18.2.14","matchCriteriaId":"939DF9D7-8867-439B-B06E-FF9D1450057D"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/68928","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-xrxm-cp7j-8xf6","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50169","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:42.253","lastModified":"2026-07-09T15:31:31.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during request reconstruction. When the Angular Service Worker intercepts network requests for matched assets, it reconstructs a new Request object using an internal helper function. During this reconstruction process, the helper function strips the strict, client-defined request redirect policy configuration (such as redirect: 'error'), falling back to the browser's default 'follow' strategy. If the target web application makes client-side requests with a strict policy (e.g., expecting a network error instead of automatically following redirects), the service worker will bypass this instruction and automatically follow HTTP 3xx redirects to other destinations. This acts as an unintended proxy/intermediary (\"Confused Deputy\") and can result in cookie/credential exposure or same-origin session-restricted data leakage if public dynamic routes redirect to sensitive routes. This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.23","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:32:21.478134Z","id":"CVE-2026-50169","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-441"},{"lang":"en","value":"CWE-524"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/67494","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-gv2q-mqqv-365m","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50170","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:42.403","lastModified":"2026-07-09T15:31:59.043","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a vulnerability was discovered in @angular/common when Server-Side Rendering (SSR) and hydration are enabled. The HttpTransferCache utility optimizes hydration by caching outgoing HTTP requests performed during SSR and transferring the cached state to the client-side application via TransferState. However, the caching mechanism fails to inspect the withCredentials flag or the Cookie header of outgoing requests. As a result, credentialed, user-specific responses may be cached by default in the shared TransferState payload. When these responses are serialized into the HTML, any caching layer (such as a CDN, reverse proxy, or shared server cache) that caches the SSR-rendered HTML page could inadvertently cache and leak one user's private data to other users, leading to a high-severity information disclosure vulnerability. This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.23","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T16:00:13.983210Z","id":"CVE-2026-50170","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-524"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/67964","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-q6f4-qqrg-jv6x","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50171","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:42.533","lastModified":"2026-07-09T15:41:41.163","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service (DoS) vulnerability exists in the @angular/common package of Angular. The formatNumber function, which is also utilized by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. Specifically, the minimum and maximum fraction digits parsed from the digitsInfo string (e.g., 1.2-4) are converted to integers and used without limits. When parsing a maliciously crafted digitsInfo string with excessively large fraction digit values (e.g., 1.200000000-200000000), the internal roundNumber function attempts to pad the digits array to match the requested fraction size. This results in an unbounded loop that repeatedly pushes elements into an array.  This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.23","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:16:53.849153Z","id":"CVE-2026-50171","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-834"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/security/advisories/GHSA-p3vc-36g9-x9gr","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50184","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:42.783","lastModified":"2026-07-09T15:32:15.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, an issue in the @angular/service-worker package compromises the integrity of request-policy enforcement during request reconstruction. When the Angular Service Worker intercepts network requests for matched assets, it reconstructs a new Request object using an internal helper function. During this reconstruction process, the helper function strips explicit client-defined safety parameters: the credentials configuration (such as credentials: 'omit') and the HTTP cache mode configuration (such as cache: 'no-store'). These are reverted back to standard browser-default parameters (credentials: 'same-origin' and default HTTP cache properties). This causes the browser to include active credentials (such as cookies or Authorization headers) on outbound requests where the client-side developer explicitly instructed they should be omitted, leading to potential session leaks. Additionally, it causes private or non-cacheable resources to be cached by the service worker's engine, making private page states accessible or persistent inside the client's local cache post-logout. This vulnerability is fixed in 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.15","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.22","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.23","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T13:48:06.163682Z","id":"CVE-2026-50184","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-524"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.23","matchCriteriaId":"9AF8FC47-F9CA-48DC-88C4-51ECA89577A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.22","matchCriteriaId":"6594675A-6A09-4550-AF8B-C9E25CCFE022"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.15","matchCriteriaId":"C446A761-4FD9-43B8-8EF2-8A23EC2091DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/pull/68904","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-95qp-cmmw-mgqv","source":"security-advisories@github.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-50555","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:43.057","lastModified":"2026-07-09T15:41:14.687","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting (XSS) vulnerability exists in @angular/platform-server's DOM emulation dependency (domino) when serializing the content of raw-text elements (such as <script>, <style>, and <iframe>). domino supports escaping raw-text elements during serialization to prevent closing-tag breakout. However, a Unicode index alignment bug existed in this escaping logic. In JavaScript, string lengths and character indices are calculated based on UTF-16 code units (where astral characters—such as emojis—occupy 2 code units / 4 bytes). If the bound dynamic text contained astral Unicode characters before the closing tag (e.g. </script>, </style>, or </iframe>), the index offset calculation in domino's replacement logic shifted. This misalignment caused domino to fail to replace or escape the closing tag, leaving it raw and unescaped in the output HTML. An attacker who controls the dynamic text can supply a payload containing both an astral Unicode character and a closing tag (e.g., 😀</iframe><script>alert(1)</script>). When serialized on the server during SSR, the browser parses the unescaped closing tag, exits the raw-text context early, and executes the subsequent <script> block, leading to same-origin Cross-Site Scripting (XSS). This vulnerability is fixed in 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.16","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.24","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.25","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T17:56:51.469447Z","id":"CVE-2026-50555","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.25","matchCriteriaId":"8E2E1C75-0BD3-43F2-9A4D-6D0A6C21260C"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.24","matchCriteriaId":"B4D49440-37E8-4356-9046-E9803E2CDE3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.6","matchCriteriaId":"7163B68C-7A9B-4997-A716-5105E132ABE2"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/security/advisories/GHSA-hqr9-c56f-3x7f","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/angular/domino/pull/29","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-50556","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T18:16:43.190","lastModified":"2026-07-09T15:38:13.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25, a Cross-Site Scripting (XSS) vulnerability exists in @angular/platform-server's DOM emulation dependency (domino) when serializing the content of <noscript> elements. When rendering dynamic text content inside a <noscript> element via template bindings (such as {{ value }} or [textContent]), the template engine expects the browser to render the content safely. Under Server-Side Rendering (SSR), domino is configured with scripting enabled, meaning <noscript> is treated as a raw-text element. However, domino's serializer completely omitted <noscript> from the list of raw-text elements requiring closing-tag escaping during DOM serialization. As a result, any occurrence of </noscript> in the bound dynamic text was never escaped under any circumstances. The unescaped closing tag was serialized directly into the output HTML (e.g. <noscript></noscript><script>alert(1)</script></noscript>). When parsed by a browser, it closes the <noscript> block early, allowing the injected <script> block to execute in the user's browser context, causing same-origin Cross-Site Scripting (XSS). This vulnerability is fixed in 22.0.0-rc.2, 21.2.16, 20.3.24, and 19.2.25."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"angular","product":"angular","versions":[{"version":">= 22.0.0-next.0, < 22.0.0-rc.2","status":"affected"},{"version":">= 21.0.0-next.0, < 21.2.16","status":"affected"},{"version":">= 20.0.0-next.0, < 20.3.24","status":"affected"},{"version":">= 19.0.0-next.0, < 19.2.25","status":"affected"},{"version":"<= 18.2.14","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_fuse:7"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-22T21:14:35.418340Z","id":"CVE-2026-50556","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionEndIncluding":"18.2.14","matchCriteriaId":"B0857B9D-DDD4-42CC-B026-AF3B4081BD14"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.2.25","matchCriteriaId":"8E2E1C75-0BD3-43F2-9A4D-6D0A6C21260C"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"20.0.0","versionEndExcluding":"20.3.24","matchCriteriaId":"B4D49440-37E8-4356-9046-E9803E2CDE3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:*","versionStartIncluding":"21.0.0","versionEndExcluding":"21.2.16","matchCriteriaId":"C668E140-FBCC-49C3-9C60-DC4AF558E476"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:*","matchCriteriaId":"71DA6BB7-D67B-431B-A4BB-792DEC51C980"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:*","matchCriteriaId":"01F108F8-1BC4-4E33-BB49-646C118CA697"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:*","matchCriteriaId":"C5388FC5-DA5B-4C27-B868-E0D8BAD2EB28"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:*","matchCriteriaId":"4A18EA1D-24C0-43F7-B73B-562F86E3A46E"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next12:*:*:*:node.js:*:*","matchCriteriaId":"B59DAA7F-A7B5-4687-96B0-10CD61165910"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:*","matchCriteriaId":"19366888-B58B-4AEE-B99C-CBB26CCF9AA5"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:*","matchCriteriaId":"D22F98A2-DB7A-41D2-AAA0-90D8AE707267"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:*","matchCriteriaId":"7D19C89E-9D61-4DBD-8CA5-5F317691E1B6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:*","matchCriteriaId":"D6E69821-B1AB-4FE8-9245-74775E86D346"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:*","matchCriteriaId":"E7096357-4623-475F-A015-ADB8EE2B450F"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:*","matchCriteriaId":"A81F04C2-2824-40B9-B7F8-B27E6DF21403"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:*","matchCriteriaId":"D0002A01-F19D-47F3-94EA-C3423EC763E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:next9:*:*:*:node.js:*:*","matchCriteriaId":"7499CFC4-AAA5-461E-909F-0E514CFD5DA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc0:*:*:*:node.js:*:*","matchCriteriaId":"2A781EF8-8ADA-4960-B839-0064607D36AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:angular:angular:22.0.0:rc1:*:*:*:node.js:*:*","matchCriteriaId":"4775F816-6599-44D3-BD0F-9C843AB37DF3"}]}]}],"references":[{"url":"https://github.com/angular/angular/issues/68903","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/angular/angular/security/advisories/GHSA-gxx4-3xcv-f8qx","source":"security-advisories@github.com","tags":["Third Party Advisory"]},{"url":"https://github.com/angular/domino/pull/29","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-50556","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491459","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-50556.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-10852","sourceIdentifier":"psirt@us.ibm.com","published":"2026-06-22T20:16:27.413","lastModified":"2026-07-09T21:16:54.317","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM WebSphere Application Server and IBM WebSphere Application Server Liberty are vulnerable to denial of service in the WebSphere WebServer Plug-in component when an attacker can pass crafted requests to the web server."}],"affected":[{"source":"psirt@us.ibm.com","affectedData":[{"vendor":"IBM","product":"WebSphere Application Server","defaultStatus":"unaffected","cpes":["cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*"],"versions":[{"version":"8.5","status":"affected"},{"version":"9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:51:31.975238Z","id":"CVE-2026-10852","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@us.ibm.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:i:7.3:*:*:*:*:*:*:*","matchCriteriaId":"9A49E8C5-7967-42AE-A787-C533D24A63D7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:i:7.4:*:*:*:*:*:*:*","matchCriteriaId":"92D03306-B6C9-403E-99A2-CE9D8DC3B482"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:i:7.5:*:*:*:*:*:*:*","matchCriteriaId":"F7CCB5BF-08EF-472F-A663-5DE270234F10"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:i:7.6:*:*:*:*:*:*:*","matchCriteriaId":"AFFF96C2-7E0F-4DF9-AF51-3EE357D51095"}]}]}],"references":[{"url":"https://www.ibm.com/support/pages/node/7276560","source":"psirt@us.ibm.com"}]}},{"cve":{"id":"CVE-2026-49468","sourceIdentifier":"security-advisories@github.com","published":"2026-06-22T21:16:25.190","lastModified":"2026-07-08T20:16:50.797","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, a Host-header parsing flaw in the LiteLLM proxy could, under specific conditions, allow unauthenticated access to protected management routes. The auth layer derived the effective route from request.url.path in litellm/proxy/auth/auth_utils.py::get_request_route(), which Starlette reconstructs from the Host header. A crafted Host could therefore make the auth gate evaluate a different route from the one FastAPI dispatched. This vulnerability is fixed in 1.84.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":"< 1.84.0","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Exploit Intelligence","defaultStatus":"affected","cpes":["cpe:/a:redhat:exploit_intelligence:0"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.5,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T00:00:00+00:00","id":"CVE-2026-49468","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:litellm:litellm:*:*:*:*:*:*:*:*","versionEndExcluding":"1.84.0","matchCriteriaId":"0432AF82-95FD-4358-9414-7B41889CEFD2"}]}]}],"references":[{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.84.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-4xpc-pv4p-pm3w","source":"security-advisories@github.com","tags":["Mitigation","Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-49468","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491520","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-49468.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-55653","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T04:17:36.600","lastModified":"2026-07-08T14:17:14.560","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Processing Standards) mode known-group validation when the client processes attacker-controlled DH-GEX group parameters. Successful exploitation leads to client-side process termination, resulting in a Denial of Service (DoS)."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openssh-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"10.3p1-6.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T14:30:51.025049Z","id":"CVE-2026-55653","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*","matchCriteriaId":"7BB9B2AD-A04E-4C93-9FAF-5DC02F69690B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*","matchCriteriaId":"932D137F-528B-4526-9A89-CD59FA1AB0FE"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36759","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-55653","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2462351","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55654","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T04:17:40.587","lastModified":"2026-07-08T14:17:14.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific configurations involving GSSAPI authentication and a Kerberos environment, could exploit this to cause the SSH authentication path to crash or abort. This leads to a denial of service (DoS), impacting the availability of the SSH service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openssh-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"10.3p1-6.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T12:11:38.299870Z","id":"CVE-2026-55654","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*","matchCriteriaId":"7BB9B2AD-A04E-4C93-9FAF-5DC02F69690B"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*","matchCriteriaId":"87DEB507-5B64-47D7-9A50-3B87FD1E571F"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36759","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-55654","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2462493","source":"secalert@redhat.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55655","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T04:17:40.787","lastModified":"2026-07-08T14:17:14.837","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Hardened Images","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"openssh-main","cpes":["cpe:/a:redhat:hummingbird:1"],"versions":[{"version":"10.3p1-6.hum1","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openssh","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T12:21:42.502865Z","id":"CVE-2026-55655","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-923"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*","matchCriteriaId":"7BB9B2AD-A04E-4C93-9FAF-5DC02F69690B"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","matchCriteriaId":"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36759","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-55655","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2462250","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2023-54365","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-06-23T13:16:30.420","lastModified":"2026-07-08T18:12:47.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Traefik before 2.10.5 and 3.0.0-beta4 is affected by a denial-of-service vulnerability in HTTP/2 request handling inherited from the Go standard library's HTTP/2 implementation (CVE-2023-44487 / CVE-2023-39325, the 'Rapid Reset' technique). A remote attacker can rapidly create and cancel HTTP/2 streams to exhaust server resources and cause service unavailability."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Traefik","product":"Traefik","defaultStatus":"unaffected","packageURL":"pkg:golang/github.com/traefik/traefik","versions":[{"version":"0","lessThan":"2.10.5","versionType":"semver","status":"affected"},{"version":"2.10.5","versionType":"semver","status":"unaffected"}]},{"vendor":"Traefik","product":"Traefik","defaultStatus":"unaffected","packageURL":"pkg:golang/github.com/traefik/traefik","versions":[{"version":"3.0.0-beta1","lessThan":"3.0.0-beta4","versionType":"semver","status":"affected"},{"version":"3.0.0-beta4","versionType":"semver","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openshift_devspaces:3"]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T18:13:32.219989Z","id":"CVE-2023-54365","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-400"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionEndExcluding":"2.10.5","matchCriteriaId":"B36BFFB0-C0EC-4926-A1DB-0B711C846A68"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:3.0.0:beta1:*:*:*:*:*:*","matchCriteriaId":"376EAF9B-E994-4268-9704-0A45EA30270F"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:3.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"F3D08335-C291-4623-B80C-3B14C4D1FA32"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:3.0.0:beta3:*:*:*:*:*:*","matchCriteriaId":"21033CEE-CEF5-4B0D-A565-4A6FC764AA6D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionEndExcluding":"1.20.10","matchCriteriaId":"328120E4-C031-44B4-9BE5-03B0CDAA066F"},{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*","versionStartIncluding":"1.21.0","versionEndExcluding":"1.21.3","matchCriteriaId":"5FD9AB15-E5F6-4DBC-9EC7-D0ABA705802A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_ai:-:*:*:*:*:*:*:*","matchCriteriaId":"EBF0A70A-E606-48C8-82C2-4D8760146265"}]}]}],"references":[{"url":"https://github.com/traefik/traefik/security/advisories/GHSA-7v4p-328v-8v5g","source":"disclosure@vulncheck.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/traefik-denial-of-service-via-http-2-request-handling","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2023-54365","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491710","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-54365.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-10609","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T14:17:21.853","lastModified":"2026-07-08T15:10:22.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing authorization flaw was found in the OpenShift Cluster Logging Operator. The operator creates and forwards ServiceAccount tokens to output destinations without verifying that the ClusterLogForwarder creator has permission to use those credentials, allowing a delegated editor to exfiltrate SA tokens and escalate privileges."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Logging Subsystem for Red Hat OpenShift","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"openshift-logging/cluster-logging-rhel9-operator","cpes":["cpe:/a:redhat:logging:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T13:58:23.388681Z","id":"CVE-2026-10609","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:cluster_logging_operator:-:*:*:*:*:*:*:*","matchCriteriaId":"2A0B241E-0214-4C9D-B296-A84ED38C628A"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:-:*:*:*:*:*:*:*","matchCriteriaId":"EF93A27E-AA2B-4C2E-9B8D-FE7267847326"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-10609","source":"secalert@redhat.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2483943","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12969","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T14:17:22.790","lastModified":"2026-07-08T15:10:14.643","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read vulnerability exists in dnsmasq's find_soa() function in src/rfc1035.c. When parsing NS section records, extract_name() is called with extrabytes=0, failing to validate that 10 additional bytes exist for fixed-length DNS record fields. A remote attacker controlling a DNS zone can exploit this via a crafted NXDOMAIN response to cause a 10-byte heap out-of-bounds read, potentially accessing stale data from prior transactions."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"dnsmasq","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Container Platform 4","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhcos","cpes":["cpe:/a:redhat:openshift:4"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T15:02:23.863843Z","id":"CVE-2026-12969","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:thekelleys:dnsmasq:*:*:*:*:*:*:*:*","versionEndExcluding":"2.93","matchCriteriaId":"8D8EBB73-1EA7-47A6-A71A-172ED404E0B6"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-12969","source":"secalert@redhat.com","tags":["Vendor Advisory","Mitigation"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491663","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55255","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T17:17:08.050","lastModified":"2026-07-08T13:39:12.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference (IDOR) vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. This vulnerability is fixed in 1.9.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"langflow-ai","product":"langflow","versions":[{"version":"< 1.9.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-23T00:00:00+00:00","id":"CVE-2026-55255","options":[{"exploitation":"active"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2026-07-07","cisaActionDue":"2026-07-10","cisaRequiredAction":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","cisaVulnerabilityName":"Langflow Authorization Bypass Through User-Controlled Key Vulnerability","weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:langflow:langflow:*:*:*:*:*:*:*:*","versionEndExcluding":"1.9.1","matchCriteriaId":"E5C0C925-9B95-4B10-BACE-5BBE5A9D24C5"}]}]}],"references":[{"url":"https://github.com/langflow-ai/langflow/commit/2c9f498d664a3c32698b57d7c5e752625291060e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/langflow-ai/langflow/pull/12832","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://webflow.sysdig.com/blog/understanding-langflow-cve-2026-55255-and-why-higher-cvss-vulnerabilities-arent-always-the-most-exploited","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-55255","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2026-55736","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-06-23T19:17:12.287","lastModified":"2026-07-09T16:16:45.123","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in ash-project ash allows a user to set the value of a private action argument that is intended to be controlled only by trusted server-side code.\n\nAction arguments declared with public?: false are meant to be set internally (for example via Ash.Changeset.set_private_argument/3) and must not be settable from end-user input. When a changeset is built from a parameter map, Ash filters out private arguments, but the filtering is incomplete.\n\nIn the regular changeset path (for_create, for_update, for_destroy), private arguments are stripped only when the parameter key is an atom. When the key is a binary (string), as is the case for user-supplied parameters, the private argument is kept and the user controls its value. In the atomic path (Ash.Changeset.fully_atomic_changeset/4, also reached through atomic and bulk updates), private arguments are not stripped at all, regardless of whether the key is an atom or a binary.\n\nAn attacker who can submit parameters to an action that defines a private argument can therefore inject a value for that argument. Depending on how the application uses the argument (for example an acting_user_id driving authorization or record ownership), this can lead to an integrity violation or privilege escalation.\n\nThis issue affects ash: from 3.0.0 before 3.29.3."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"ash-project","product":"ash","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"ash","cpes":["cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*"],"modules":["'Elixir.Ash.Changeset'"],"programFiles":["lib/ash/changeset/changeset.ex"],"programRoutines":[{"name":"'Elixir.Ash.Changeset':cast_params/4"},{"name":"'Elixir.Ash.Changeset':get_action_argument/2"},{"name":"'Elixir.Ash.Changeset':atomic_params/4"},{"name":"'Elixir.Ash.Changeset':has_argument?/2"}],"repo":"https://github.com/ash-project/ash","packageURL":"pkg:hex/ash","versions":[{"version":"3.0.0","lessThan":"3.29.3","versionType":"semver","status":"affected"}]},{"vendor":"ash-project","product":"ash","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"ash-project/ash","cpes":["cpe:2.3:a:ash-project:ash:*:*:*:*:*:*:*:*"],"modules":["'Elixir.Ash.Changeset'"],"programFiles":["lib/ash/changeset/changeset.ex"],"programRoutines":[{"name":"'Elixir.Ash.Changeset':cast_params/4"},{"name":"'Elixir.Ash.Changeset':get_action_argument/2"},{"name":"'Elixir.Ash.Changeset':atomic_params/4"},{"name":"'Elixir.Ash.Changeset':has_argument?/2"}],"repo":"https://github.com/ash-project/ash","packageURL":"pkg:github/ash-project/ash","versions":[{"version":"5967ed3a483ab949866e6d7b043b043e61703f17","lessThan":"d9b3100219b3ea86d73202bf7368c03a7688efea","versionType":"git","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:53:04.134939Z","id":"CVE-2026-55736","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-915"}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-55736.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/ash-project/ash/commit/d9b3100219b3ea86d73202bf7368c03a7688efea","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/ash-project/ash/security/advisories/GHSA-f4hc-ppw9-4hhw","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-55736","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db"},{"url":"https://github.com/ash-project/ash/security/advisories/GHSA-f4hc-ppw9-4hhw","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-11819","sourceIdentifier":"secalert@redhat.com","published":"2026-06-23T21:16:54.473","lastModified":"2026-07-08T15:11:07.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Module: plugins/modules/keyring_info.py \n\nCVSS 3.1: 5.5 MEDIUM — AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N \n\nIssue: The module retrieves a passphrase from the OS native keyring (GNOME Keyring, macOS Keychain, Windows Credential Manager) and places it directly into result[\"passphrase\"] with no output suppression, no no_log protection, and no documentation warning. \n\nRoot Cause:\n\nLine 105 (protected): keyring_password=dict(type=\"str\", required=True, no_log=True)\nLine 127 (NOT protected): result[\"passphrase\"] = passphrase\n\nObserved Output:\n\n{\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\nVisible via register + debug:\n{\n\"keyring_result\": {\n\"changed\": false,\n\"passphrase\": \"MyMasterP@ssw0rd!SSH_Key_Secret\"\n}\n}\n\nImpact: \n\nMaster passwords, SSH key passphrases and service credentials appear in all Ansible output \n\nregister: keyring_result followed by debug: var=keyring_result prints passphrase in full \n\nAnsible fact caching backends (Redis, JSON file, memcached) may persist the passphrase \n\nAWX/Tower job logs silently store the live credential\n\nFix:\n\nmodule.exit_json(changed=False, passphrase=passphrase, _ansible_no_log=True)\n\nAlso add a documentation warning requiring callers to use no_log: true at the task level.\n\nPoCs\n\n\nFig 1: PoC execution showing passphrase in plaintext output\n\n\nFig 2: Source code showing no_log=True on input (line 105) vs unprotected output (line 127)"}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhel-system-roles","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhc-worker-playbook","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhel-system-roles","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhel-system-roles","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T14:35:23.411115Z","id":"CVE-2026-11819","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-11819","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2487251","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/cve-2026-11819","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54513","sourceIdentifier":"security-advisories@github.com","published":"2026-06-23T21:17:02.333","lastModified":"2026-07-09T13:17:29.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4, and 3.1.4, BasicPolymorphicTypeValidator.Builder.allowIfSubTypeIsArray() allowlists any array type based only on clazz.isArray(), without validating the array's component (element) type against the configured allowlist. A PTV built with allowIfSubTypeIsArray() plus an explicit concrete-type allowlist therefore still permits EvilType[] even though EvilType is not allowlisted. When Jackson deserializes the elements and no per-element type IDs are present, it instantiates the component type directly with no further PTV check, bypassing the allowlist. This vulnerability is fixed in 2.18.8, 2.21.4, and 3.1.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FasterXML","product":"jackson-databind","versions":[{"version":">= 2.10.0, < 2.18.8","status":"affected"},{"version":">= 2.19.0, < 2.21.4","status":"affected"},{"version":">= 3.0.0, < 3.1.4","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Build of Apache Camel 4.18 for Quarkus 3.33","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_quarkus:3.33"]},{"vendor":"Red Hat","product":"Cryostat 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:cryostat:4"]},{"vendor":"Red Hat","product":"Red Hat AMQ Broker 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_broker:7"]},{"vendor":"Red Hat","product":"Red Hat AMQ Clients","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_clients:2023"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel - HawtIO 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:apache_camel_hawtio:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel 4 for Quarkus 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:camel_quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat build of Apache Camel for Spring Boot 4","defaultStatus":"affected","cpes":["cpe:/a:redhat:camel_spring_boot:4"]},{"vendor":"Red Hat","product":"Red Hat build of Apicurio Registry 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:apicurio_registry:3"]},{"vendor":"Red Hat","product":"Red Hat build of Debezium 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:debezium:3"]},{"vendor":"Red Hat","product":"Red Hat Build of Keycloak","defaultStatus":"affected","cpes":["cpe:/a:redhat:build_keycloak:"]},{"vendor":"Red Hat","product":"Red Hat build of Quarkus","defaultStatus":"affected","cpes":["cpe:/a:redhat:quarkus:3"]},{"vendor":"Red Hat","product":"Red Hat Certificate System 10","defaultStatus":"affected","cpes":["cpe:/a:redhat:certificate_system:10"]},{"vendor":"Red Hat","product":"Red Hat Data Grid 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_data_grid:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"affected","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 2","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:2"]},{"vendor":"Red Hat","product":"streams for Apache Kafka 3","defaultStatus":"affected","cpes":["cpe:/a:redhat:amq_streams:3"]},{"vendor":"Red Hat","product":"OpenShift Developer Tools and Services","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ocp_tools"]},{"vendor":"Red Hat","product":"OpenShift Serverless","defaultStatus":"unknown","cpes":["cpe:/a:redhat:serverless:1"]},{"vendor":"Red Hat","product":"Red Hat AI Inference Server","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ai_inference_server:3"]},{"vendor":"Red Hat","product":"Red Hat Ansible Automation Platform 2","defaultStatus":"unknown","cpes":["cpe:/a:redhat:ansible_automation_platform:2"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux AI (RHEL AI) 3","defaultStatus":"unknown","cpes":["cpe:/a:redhat:enterprise_linux_ai:3"]},{"vendor":"Red Hat","product":"Red Hat Lightspeed for Runtimes Operator","defaultStatus":"unknown","cpes":["cpe:/a:redhat:lightspeed_for_runtimes:1"]},{"vendor":"Red Hat","product":"Red Hat Offline Knowledge Portal","defaultStatus":"unknown","cpes":["cpe:/a:redhat:offline_knowledge_portal:1"]},{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift_ai"]},{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces","defaultStatus":"unknown","cpes":["cpe:/a:redhat:openshift_devspaces:3"]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"unknown","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-24T14:45:02.581065Z","id":"CVE-2026-54513","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"2.10.0","versionEndExcluding":"2.18.8","matchCriteriaId":"925984A4-A2EF-4681-804A-F830B33D6876"},{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"2.19.0","versionEndExcluding":"2.21.4","matchCriteriaId":"59601D96-4AB4-4B53-8DEC-305A6D442E6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.1.4","matchCriteriaId":"5C0F99DE-1DB7-4873-83F9-6CEF8E91F33C"}]}]}],"references":[{"url":"https://github.com/FasterXML/jackson-databind/commit/01d1692c8d0ed03e51a0e3c4f8a9e6908e4931e5","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/commit/24529da29fdf46ff94ca38de9ebf31cd188f5e8e","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/issues/5981","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/FasterXML/jackson-databind/issues/5983","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/pull/5984","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/FasterXML/jackson-databind/security/advisories/GHSA-rmj7-2vxq-3g9f","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36839","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-54513","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492010","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-54513.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-52912","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:20.640","lastModified":"2026-07-08T15:13:08.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_queue: hold bridge skb->dev while queued\n\nbr_pass_frame_up() rewrites skb->dev from the ingress port to the bridge\nmaster before queueing bridge LOCAL_IN packets. NFQUEUE only holds\nreferences on state.in/out and bridge physdevs, so a queued bridge\npacket can retain a freed bridge master in skb->dev until reinjection.\n\nWhen the verdict is reinjected later, br_netif_receive_skb() re-enters\nthe receive path with skb->dev still pointing at the freed bridge master,\ntriggering a use-after-free.\n\nStore skb->dev in the queue entry, hold a reference on it for the queue\nlifetime, and use the saved device when dropping queued packets during\nNETDEV_DOWN handling."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["include/net/netfilter/nf_queue.h","net/netfilter/nf_queue.c","net/netfilter/nfnetlink_queue.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"950d809f154dca04e5fbe5d3c8b9c5e44769cd57","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"a698ac8ab2561cf575d2d9f34095032651dd952e","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"19924bdd8a45ebc72a7b84c57fd63057d1dc75ac","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"1e5e20031c5eee8d2e490a90ff4d6a2feecfc3be","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"3823c27099cfe2482299065814adbaa771be9644","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"15d464265120ab9818bd673af301deee09bedab2","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"3fb0f5c0f64162a8c3f25616a4f1e340b921737f","versionType":"git","status":"affected"},{"version":"ac28634456867b23b95faccba7997a62ec430603","lessThan":"e196115ec330a18de415bdb9f5071aa9f08e53ce","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["include/net/netfilter/nf_queue.h","net/netfilter/nf_queue.c","net/netfilter/nfnetlink_queue.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.259","matchCriteriaId":"3FA30F1C-F514-4A35-83AD-10A879443A42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/15d464265120ab9818bd673af301deee09bedab2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/19924bdd8a45ebc72a7b84c57fd63057d1dc75ac","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1e5e20031c5eee8d2e490a90ff4d6a2feecfc3be","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3823c27099cfe2482299065814adbaa771be9644","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3fb0f5c0f64162a8c3f25616a4f1e340b921737f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/950d809f154dca04e5fbe5d3c8b9c5e44769cd57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a698ac8ab2561cf575d2d9f34095032651dd952e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e196115ec330a18de415bdb9f5071aa9f08e53ce","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52913","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.080","lastModified":"2026-07-08T15:13:03.247","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: v: stop OGMv2 on disabled interface\n\nWhen a batadv_hard_iface is disabled, its mesh_iface pointer is set to\nNULL. However, batadv_v_ogm_send_meshif() may still dispatch OGMs via\nbatadv_v_ogm_queue_on_if() for interfaces that have since lost their\nmesh_iface association. This results in a NULL pointer dereference when\nbatadv_v_ogm_queue_on_if() unconditionally calls netdev_priv() on the\nnow NULL hard_iface->mesh_iface to retrieve the batadv_priv.\n\nIt is necessary to ensure that the batadv_v_ogm_queue_on_if() checks that\nit is using the same mesh_iface for which batadv_v_ogm_send_meshif() was\ncalled."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/bat_v_ogm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"d7391a2b854a62235539c68e9cbf6fc7910a8e9a","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"70c9f6ab0d8f785087fb74fb85464a9a5288bfdb","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"040fe8eb34624002071dd21de9824dfe668ce65d","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"31dcb9711abd1dcd2080d9fac05c79dd9997d6bf","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"aad70db50ea3d7dfe30e402b889ff075a293b287","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"1be1e99cbd5b74a69d3f92200ca87cf1bce852db","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"4ff461af943efb5e74d09942d5ffee7644d1e1fe","versionType":"git","status":"affected"},{"version":"0da0035942d47766c32843143fb5dba7a29cb48c","lessThan":"f8ce8b8331a1bc44ad4905886a482214d428b253","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/bat_v_ogm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.6","status":"affected"},{"version":"0","lessThan":"4.6","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6","versionEndExcluding":"5.10.259","matchCriteriaId":"5600752B-5EBB-43C5-ACFC-8AD628C79467"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.93","matchCriteriaId":"1E73413E-0629-41AA-A4D3-5A3D10A0BD63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/040fe8eb34624002071dd21de9824dfe668ce65d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1be1e99cbd5b74a69d3f92200ca87cf1bce852db","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/31dcb9711abd1dcd2080d9fac05c79dd9997d6bf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ff461af943efb5e74d09942d5ffee7644d1e1fe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/70c9f6ab0d8f785087fb74fb85464a9a5288bfdb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aad70db50ea3d7dfe30e402b889ff075a293b287","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d7391a2b854a62235539c68e9cbf6fc7910a8e9a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f8ce8b8331a1bc44ad4905886a482214d428b253","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52914","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.213","lastModified":"2026-07-08T15:12:54.603","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix fragment reassembly length accounting\n\nbatman-adv keeps a running payload length for queued fragments and uses it\nto validate a fragment chain before reassembly.\n\nThat accounting currently allows the accumulated fragment length to be\ntruncated during updates. As a result, malformed fragment chains can\nbypass the intended validation and drive reassembly with inconsistent\nlength state, leading to a local denial of service.\n\nFix the accounting by storing the accumulated length in a length-typed\nfield and rejecting update overflows before the existing validation logic\nruns.\n\nThe fix was verified against the original reproducer and against valid\nfragment reassembly paths."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/fragmentation.c","net/batman-adv/types.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"e4f3f6b818aa6a678bc54a2d4e0bece2303c6a64","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"37be61825b15534a16ff9cfc9546de155b6df982","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"975563c5de1123dde1ec7946bf5556d20c89d74e","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"f653b040dad1af70fa5cd4fe085e4758925480c9","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"e910dbf509125fe51ad68e4fa74dc8ab0a8e787a","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"3eb8bcb823391bd58997831b3c9c152a4ba8e255","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"fdb2c96efb2baeb3725e9ce3ede8f1e36f5490f0","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"9cd3f16c320bfdadd4509358122368deb56a5741","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/fragmentation.c","net/batman-adv/types.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.13","status":"affected"},{"version":"0","lessThan":"3.13","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.13","versionEndExcluding":"5.10.258","matchCriteriaId":"5719375F-EF0E-4109-B597-92834B5F4367"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/37be61825b15534a16ff9cfc9546de155b6df982","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3eb8bcb823391bd58997831b3c9c152a4ba8e255","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/975563c5de1123dde1ec7946bf5556d20c89d74e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9cd3f16c320bfdadd4509358122368deb56a5741","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e4f3f6b818aa6a678bc54a2d4e0bece2303c6a64","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e910dbf509125fe51ad68e4fa74dc8ab0a8e787a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f653b040dad1af70fa5cd4fe085e4758925480c9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fdb2c96efb2baeb3725e9ce3ede8f1e36f5490f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52915","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.340","lastModified":"2026-07-08T15:12:50.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_hbh: reject oversized option lists\n\nstruct ip6t_opts stores at most IP6T_OPTS_OPTSNR option descriptors,\nbut hbh_mt6_check() does not reject larger optsnr values supplied from\nuserspace.\n\nValidate optsnr in the rule setup path so only match data that fits the\nfixed-size opts array can be installed. This follows the existing xtables\npattern of rejecting invalid user-provided counts in checkentry() and\nkeeps the packet matching path unchanged.\n\n`struct ip6t_opts` has a fixed `opts[IP6T_OPTS_OPTSNR]` array,\nwhere `IP6T_OPTS_OPTSNR` is 16, then off-by-one array access is possible:\n\n[  137.924693][ T8692] UBSAN: array-index-out-of-bounds in ../net/ipv6/netfilter/ip6t_hbh.c:110:29\n[  137.926167][ T8692] index 16 is out of range for type '__u16 [16]'"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/ipv6/netfilter/ip6t_hbh.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"2d523ba48d4ecc46acfb6aba548292cfcce1ac02","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"588933f1a2ca5ff99274f8c9f25dc3a25d0191c3","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"784aadea7a108c9f90985683caa87fb0198c6a39","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"41ec2e242f1702e8370ddfe14d22b7a766021c3e","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"db0250470f023f159094052c0bd5ab026a88ae93","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"57b0ac5e1b46f1f0338dff392ef2092e2871b412","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"6feb43c0995ab3a9c826707eb46541a1696fe4f7","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"4322dcde6b4173c2d8e8e6118ed290794263bcc8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/ipv6/netfilter/ip6t_hbh.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.10.258","matchCriteriaId":"E03287AA-1109-4662-85B8-5E824B2EA646"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2d523ba48d4ecc46acfb6aba548292cfcce1ac02","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/41ec2e242f1702e8370ddfe14d22b7a766021c3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4322dcde6b4173c2d8e8e6118ed290794263bcc8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/57b0ac5e1b46f1f0338dff392ef2092e2871b412","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/588933f1a2ca5ff99274f8c9f25dc3a25d0191c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6feb43c0995ab3a9c826707eb46541a1696fe4f7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/784aadea7a108c9f90985683caa87fb0198c6a39","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/db0250470f023f159094052c0bd5ab026a88ae93","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52916","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.463","lastModified":"2026-07-08T15:12:46.487","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: frag: disallow unicast fragment in fragment\n\nbatadv_frag_skb_buffer() is called by batadv_batman_skb_recv() when a\nBATADV_UNICAST_FRAG packet is received. Once all fragments are collected\nand the packet is reassembled, batadv_recv_frag_packet() calls\nbatadv_batman_skb_recv() again to process the defragmented payload.\n\nA malicious sender can craft a BATADV_UNICAST_FRAG packet whose reassembled\npayload is itself a BATADV_UNICAST_FRAG packet (matryoshka-style nesting).\nEach nesting level recurses through batadv_batman_skb_recv() without bound,\ngrowing the kernel stack until it is exhausted.\n\nSince refragmentation or fragments in fragments are not actually allowed,\ndiscard all packets which are still BATADV_UNICAST_FRAG packets after the\ndefragmentation process."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/fragmentation.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"0c208fa3859e3a33a1c38bebc41d021166e94ac8","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"bcda4814dc6524283c0b958882cb963d75fe411d","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"aea54d0bbe156d5ab7d00d68f66149ff41f4612a","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"b54e459cf86943583c1aa2ee3081874e7ab1f5f3","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"5418be6c2e117bf8a316582795a8e3ff90f45e5d","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"5895ad21c7059a652da83fb817510f7a1e962abf","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"7138c35c9ad39a2fca6264af6b87466471f04ffc","versionType":"git","status":"affected"},{"version":"610bfc6bc99bc83680d190ebc69359a05fc7f605","lessThan":"bc62216dc8e221e3781afa14430f45208bfa9af9","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/fragmentation.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.13","status":"affected"},{"version":"0","lessThan":"3.13","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.13","versionEndExcluding":"5.10.258","matchCriteriaId":"5719375F-EF0E-4109-B597-92834B5F4367"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0c208fa3859e3a33a1c38bebc41d021166e94ac8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5418be6c2e117bf8a316582795a8e3ff90f45e5d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5895ad21c7059a652da83fb817510f7a1e962abf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7138c35c9ad39a2fca6264af6b87466471f04ffc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aea54d0bbe156d5ab7d00d68f66149ff41f4612a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b54e459cf86943583c1aa2ee3081874e7ab1f5f3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bc62216dc8e221e3781afa14430f45208bfa9af9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bcda4814dc6524283c0b958882cb963d75fe411d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52917","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.587","lastModified":"2026-07-08T15:12:41.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: diag: reject stale associations in dump_one path\n\nThe SCTP exact sock_diag lookup can hold a transport reference, block on\nlock_sock(sk), and then resume after sctp_association_free() has marked\nthe association dead and freed its bind address list.\n\nWhen that happens, inet_assoc_attr_size() and\ninet_diag_msg_sctpasoc_fill() can still dereference association state\nthat is no longer valid for reporting. In particular,\ninet_diag_msg_sctpasoc_fill() may read an empty bind-address list as a\nreal sctp_sockaddr_entry and trigger an out-of-bounds read from\nunrelated association memory.\n\nReject the association after taking the socket lock if it has been\nreaped or detached from the endpoint, and report the lookup as stale.\nThis keeps the exact dump-one path from formatting torn association\nstate."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/sctp/diag.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"6657af827e21883ae90693e42e7f59a6aab690b5","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"b2be72d401833194917e44fbd8d8144bb4f2db16","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"5425de8bd6e9fe5bd67d158e3348171ae7510117","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"e97c2a535e23ed0fdd2660993fb3f10d9535c9bc","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"480f754580b5686b928977d16a59f20cef83ff01","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"78c4f964b2f94e405721c093773f6250e1e676b2","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"f5af203dec6e0e7a6090fcc2130e9f3901bfc84d","versionType":"git","status":"affected"},{"version":"8f840e47f190cbe61a96945c13e9551048d42cef","lessThan":"5eba3e48d78edd7551b992cb7ba687019b3a78da","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/sctp/diag.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.259","matchCriteriaId":"3FA30F1C-F514-4A35-83AD-10A879443A42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/480f754580b5686b928977d16a59f20cef83ff01","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5425de8bd6e9fe5bd67d158e3348171ae7510117","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5eba3e48d78edd7551b992cb7ba687019b3a78da","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6657af827e21883ae90693e42e7f59a6aab690b5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/78c4f964b2f94e405721c093773f6250e1e676b2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b2be72d401833194917e44fbd8d8144bb4f2db16","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e97c2a535e23ed0fdd2660993fb3f10d9535c9bc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f5af203dec6e0e7a6090fcc2130e9f3901bfc84d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52918","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.713","lastModified":"2026-07-08T15:12:36.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: serialize accept_q access\n\nbt_sock_poll() walks the accept queue without synchronization, while\nchild teardown can unlink the same socket and drop its last reference.\nThe unsynchronized accept queue walk has existed since the initial\nBluetooth import.\n\nProtect accept_q with a dedicated lock for queue updates and polling.\nAlso rework bt_accept_dequeue() to take temporary child references under\nthe queue lock before dropping it and locking the child socket."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["include/net/bluetooth/bluetooth.h","net/bluetooth/af_bluetooth.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"d9ce4de05df2385c19e2c7d12f529144e1a44af1","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"41c8c1c7923e86e0eb59cfb4279349112756a336","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"4ec17782fd186f901a7329605d11048b085b945a","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"be43e6b4043113c3b3cf887c3c8350f67140274c","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"85f8674cae82053f1e6bab295f6a8422cca14db5","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"8b4c412e001b0c670eb937beab491af974da55b3","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"a218bf69eb51fefe59a3976fa8925261141f681c","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"e83f5e24da741fa9405aeeff00b08c5ee7c37b88","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["include/net/bluetooth/bluetooth.h","net/bluetooth/af_bluetooth.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.10.259","matchCriteriaId":"1D09A811-8082-4A08-AF10-F1F8501C5596"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/41c8c1c7923e86e0eb59cfb4279349112756a336","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ec17782fd186f901a7329605d11048b085b945a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/85f8674cae82053f1e6bab295f6a8422cca14db5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8b4c412e001b0c670eb937beab491af974da55b3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a218bf69eb51fefe59a3976fa8925261141f681c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/be43e6b4043113c3b3cf887c3c8350f67140274c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d9ce4de05df2385c19e2c7d12f529144e1a44af1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e83f5e24da741fa9405aeeff00b08c5ee7c37b88","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52919","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.833","lastModified":"2026-07-08T18:02:43.953","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: fix tp_meter counter underflow during shutdown\n\nbatadv_tp_sender_shutdown() unconditionally decrements the \"sending\"\natomic counter. If multiple paths (e.g. timeout, user cancel, and\nnormal finish) call this function, the counter can underflow to -1.\n\nSince the sender logic treats any non-zero value as \"still sending\",\na negative value causes the sender kthread to loop indefinitely.\nThis leads to a use-after-free when the interface is removed while\nthe zombie thread is still active.\n\nFix this by using atomic_xchg() to ensure the counter only transitions\nfrom 1 to 0 once.\n\n[sven: added missing change in batadv_tp_send]"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/tp_meter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"e75e2ab463b5b34df6b98f94d740aff327ce9f6b","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"abae88fa254f2981d39ac003a7b302528a22af64","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"c66d20a3ff095e3f000551d208ec2606616db15c","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"c1bac194733aabd731aafa6a01350c229e187dba","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"01cefc5923889e29dbb5f281c3d457714ceb9c00","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"90ae3eae06b7b8ab9f6250b9497c860915b4c17b","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"aeae11c5dad9cd0d50723890bdd866f8e6db2e7d","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"94f3b133168d1c49895e7cc6afbcf1cc0b354602","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/tp_meter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.8","status":"affected"},{"version":"0","lessThan":"4.8","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-191"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.8","versionEndExcluding":"5.10.258","matchCriteriaId":"1CA35684-7A23-48C2-8A06-2BD61F906C76"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/01cefc5923889e29dbb5f281c3d457714ceb9c00","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/90ae3eae06b7b8ab9f6250b9497c860915b4c17b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/94f3b133168d1c49895e7cc6afbcf1cc0b354602","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/abae88fa254f2981d39ac003a7b302528a22af64","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aeae11c5dad9cd0d50723890bdd866f8e6db2e7d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c1bac194733aabd731aafa6a01350c229e187dba","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c66d20a3ff095e3f000551d208ec2606616db15c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e75e2ab463b5b34df6b98f94d740aff327ce9f6b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52920","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:21.950","lastModified":"2026-07-08T17:58:21.763","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_policy: fix strict mode inbound policy matching\n\nmatch_policy_in() walks sec_path entries from the last transform to the\nfirst one, but strict policy matching needs to consume info->pol[] in\nthe same forward order as the rule layout.\n\nDerive the strict-match policy position from the number of transforms\nalready consumed so that multi-element inbound rules are matched\nconsistently."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/xt_policy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"eb323f7b82d2e2f638de0cc2a177803eb20e0707","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"fc1c518bb1f054831ecabb32da9b8e1dff9699c6","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"f98b7f85e04b40e28b08c461ded0cc79f14f5509","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"82664d0f1ba25e4f9a71994954abae24c60f4067","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"b130a6eefa02bd4d475f2f059da8bcfb3e7d18d9","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"938867e870fb5471bb16f442aeac81326e05bf65","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"392cc1d8408b5665215c1e9290bbf0f92339b043","versionType":"git","status":"affected"},{"version":"c4b885139203d37f76662c37ae645fe8e0f4e4e5","lessThan":"4b2b4d7d4e203c92db8966b163edfacb1f0e1e29","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/xt_policy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.17","status":"affected"},{"version":"0","lessThan":"2.6.17","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.5}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.17","versionEndExcluding":"5.10.258","matchCriteriaId":"412F45FE-23AA-4172-854C-E4F795059C6B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.141","matchCriteriaId":"97A9FFFA-22BB-4D5C-9790-5A2286E392F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/392cc1d8408b5665215c1e9290bbf0f92339b043","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4b2b4d7d4e203c92db8966b163edfacb1f0e1e29","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/82664d0f1ba25e4f9a71994954abae24c60f4067","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/938867e870fb5471bb16f442aeac81326e05bf65","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b130a6eefa02bd4d475f2f059da8bcfb3e7d18d9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eb323f7b82d2e2f638de0cc2a177803eb20e0707","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f98b7f85e04b40e28b08c461ded0cc79f14f5509","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fc1c518bb1f054831ecabb32da9b8e1dff9699c6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52921","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.067","lastModified":"2026-07-08T17:52:39.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ipset: stop hash:* range iteration at end\n\nThe following hash set variants:\n\nhash:ip,mark\nhash:ip,port\nhash:ip,port,ip\nhash:ip,port,net\n\niterate IPv4 ranges with a 32-bit iterator.\n\nThe iterator must stop once the last address in the requested range has\nbeen processed. Advancing it once more can move the traversal state past\nthe end of the request, so a later retry may continue from an unintended\nposition.\n\nHandle the iterator increment explicitly at the end of the loop and stop\nonce the upper bound has been processed. This keeps the existing retry\nbehaviour intact for valid ranges while preventing traversal from\ncontinuing past the original boundary."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/ipset/ip_set_hash_ipmark.c","net/netfilter/ipset/ip_set_hash_ipport.c","net/netfilter/ipset/ip_set_hash_ipportip.c","net/netfilter/ipset/ip_set_hash_ipportnet.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"be75218fadea22e59c8673db212f29c681bf45bb","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"383418c20e69f5761b6ec5238f599423f4fb77fb","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"0d7b33ace701fe397e6e4de145f32e098178d901","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"c281e018af98df91827d65bec00f4956c00a1b02","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"02f75f041a93ea045834da89cd3234f4c1d749b4","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"952e988163c2ab9939c3db9f0f8e77af6a1bb436","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc","versionType":"git","status":"affected"},{"version":"48596a8ddc46f96afb6a2cd72787cb15d6bb01fc","lessThan":"0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/ipset/ip_set_hash_ipmark.c","net/netfilter/ipset/ip_set_hash_ipport.c","net/netfilter/ipset/ip_set_hash_ipportip.c","net/netfilter/ipset/ip_set_hash_ipportnet.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.14","status":"affected"},{"version":"0","lessThan":"4.14","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14.1","versionEndExcluding":"5.10.258","matchCriteriaId":"AB2F738D-6862-490A-9F9A-13DB2A58034C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.14:-:*:*:*:*:*:*","matchCriteriaId":"7875AA30-1F6F-470C-A52D-ECBD6663CEC5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.14:rc5:*:*:*:*:*:*","matchCriteriaId":"4C9B8FA6-754F-42F5-98BC-410AF7DB9F4C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.14:rc6:*:*:*:*:*:*","matchCriteriaId":"EC8F8565-B401-4F3C-B423-51F371DCB908"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.14:rc7:*:*:*:*:*:*","matchCriteriaId":"C834B5F2-810F-4291-8E1F-1B32635E08F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:4.14:rc8:*:*:*:*:*:*","matchCriteriaId":"BB4A96BC-72CC-4EF1-916C-9ED7177C196E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/02f75f041a93ea045834da89cd3234f4c1d749b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0b530efb2cc9dbdddfd49d392e3a857f0d4ce8dc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0d3a282ab5f165fc207ff49ea5b6ad8f54616bd6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0d7b33ace701fe397e6e4de145f32e098178d901","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/383418c20e69f5761b6ec5238f599423f4fb77fb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/952e988163c2ab9939c3db9f0f8e77af6a1bb436","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/be75218fadea22e59c8673db212f29c681bf45bb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c281e018af98df91827d65bec00f4956c00a1b02","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52922","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.187","lastModified":"2026-07-08T17:50:16.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: dat: handle forward allocation error\n\nbatadv_dat_forward_data() calls pskb_copy_for_clone() to duplicate an skb\nfor each DHT candidate, but does not check the return value before passing\nit to batadv_send_skb_prepare_unicast_4addr(). That function dereferences\nthe skb unconditionally, so a failed allocation triggers a NULL pointer\ndereference.\n\nSkip forwarding to the current DHT candidate on allocation failure."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/distributed-arp-table.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"9bcebaedfb8479cb4affb23c7a0d000ca9a20e73","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"2edb8aeb3cdda9d00ec4997252dc5bcd6f54d8ef","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"ce0c381199402a2c58f4599f4f6ed100d872d0da","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"866ac1d57040ed0b44ca732e3c66b3aa6b93011c","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"4d420d9ee70a220a2cd95aa0dd2e15acad66a505","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"9cceea8eeba710def2a5707ee00f00c74a9a1cac","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"cf48e75fc4fe0d5cc7721c82d454221d01367b93","versionType":"git","status":"affected"},{"version":"785ea1144182c341b8b85b0f8180291839d176a8","lessThan":"2d8826a2d3657cea66fb0370f9e521575a673871","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/distributed-arp-table.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.8","status":"affected"},{"version":"0","lessThan":"3.8","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.8","versionEndExcluding":"5.10.258","matchCriteriaId":"1215BB7C-68EA-4A1C-94B1-1D8FABDF881E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2d8826a2d3657cea66fb0370f9e521575a673871","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2edb8aeb3cdda9d00ec4997252dc5bcd6f54d8ef","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4d420d9ee70a220a2cd95aa0dd2e15acad66a505","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/866ac1d57040ed0b44ca732e3c66b3aa6b93011c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9bcebaedfb8479cb4affb23c7a0d000ca9a20e73","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9cceea8eeba710def2a5707ee00f00c74a9a1cac","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ce0c381199402a2c58f4599f4f6ed100d872d0da","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cf48e75fc4fe0d5cc7721c82d454221d01367b93","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52925","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.563","lastModified":"2026-07-08T15:29:07.590","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nvrf: Fix a potential NPD when removing a port from a VRF\n\nRCU readers that identified a net device as a VRF port using\nnetif_is_l3_slave() assume that a subsequent call to\nnetdev_master_upper_dev_get_rcu() will return a VRF device. They then\ncontinue to dereference its l3mdev operations.\n\nThis assumption is not always correct and can result in a NPD [1]. There\nis no RCU synchronization when removing a port from a VRF, so it is\npossible for an RCU reader to see a new master device (e.g., a bridge)\nthat does not have l3mdev operations.\n\nFix by adding RCU synchronization after clearing the IFF_L3MDEV_SLAVE\nflag. Skip this synchronization when a net device is removed from a VRF\nas part of its deletion and when the VRF device itself is deleted. In\nthe latter case an RCU grace period will pass by the time RTNL is\nreleased.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n[...]\nRIP: 0010:l3mdev_fib_table_rcu (net/l3mdev/l3mdev.c:181)\n[...]\nCall Trace:\n<TASK>\nl3mdev_fib_table_by_index (net/l3mdev/l3mdev.c:201 net/l3mdev/l3mdev.c:189)\n__inet_bind (net/ipv4/af_inet.c:499 (discriminator 3))\ninet_bind_sk (net/ipv4/af_inet.c:469)\n__sys_bind (./include/linux/file.h:62 (discriminator 1) ./include/linux/file.h:83 (discriminator 1) net/socket.c:1951 (discriminator 1))\n__x64_sys_bind (net/socket.c:1969 (discriminator 1) net/socket.c:1967 (discriminator 1) net/socket.c:1967 (discriminator 1))\ndo_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/vrf.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"2c022f582fd16a470df6ed9e7fb7e9fc48946d49","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"4ab6fc60ed5a0344b60711b09bff1dc238d8d6a4","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"468defa0b70902a22f4478c1207624bc1b31c124","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"3db8d078f7f652379ee394132b169d304f6eb4c1","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"8c2b792f04a3db97c9d8d2a45817e93f8884baf5","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"a7a97f2303e63ede105c1d55ef53dc497364e11d","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"d47204c127992da0c976ac9747070a575912e0fe","versionType":"git","status":"affected"},{"version":"fdeea7be88b12742bfd50d9e19a06c0d2e702400","lessThan":"2674d603a9e6970463b2b9ebcf8e31e90beae169","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/vrf.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.12","status":"affected"},{"version":"0","lessThan":"4.12","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"5.10.258","matchCriteriaId":"7FED9066-C252-4AA0-A5D6-7FDDC40E11A6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.141","matchCriteriaId":"97A9FFFA-22BB-4D5C-9790-5A2286E392F7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2674d603a9e6970463b2b9ebcf8e31e90beae169","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2c022f582fd16a470df6ed9e7fb7e9fc48946d49","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3db8d078f7f652379ee394132b169d304f6eb4c1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/468defa0b70902a22f4478c1207624bc1b31c124","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4ab6fc60ed5a0344b60711b09bff1dc238d8d6a4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8c2b792f04a3db97c9d8d2a45817e93f8884baf5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a7a97f2303e63ede105c1d55ef53dc497364e11d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d47204c127992da0c976ac9747070a575912e0fe","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52926","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.697","lastModified":"2026-07-08T15:28:58.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: clear current gateway during teardown\n\nbatadv_gw_node_free() removes the gateway list entries during mesh teardown,\nbut it does not clear the currently selected gateway. This leaves stale\ngateway state behind across cleanup and can break a later mesh recreation.\n\nClear bat_priv->gw.curr_gw before walking the gateway list so the selected\ngateway reference is dropped as part of teardown."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/gateway_client.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"a3f3f1ec8aad84c5dd386c430b9c61cddd85b18f","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"e2ec4c712d19141ca7bf7fbbb1d842f73abaa186","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"9a1a8ed4facfe843bde6fdfcf7af0e9923eb2e17","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"6de089b545db013433cf934bb4e4433dec2dd65f","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"30bda3ef4b0cac777f1a7c314cd08b8ff6437365","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"ae7aeb0ce3c0ebbe357ed525779acac197a18086","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"17e3a441111cd1a530cd6ee69a22f3161d80d810","versionType":"git","status":"affected"},{"version":"2265c141086474bbae55a5bb3afa1ebb78ccaa7c","lessThan":"a340a51ed801eab7bb454150c226323b865263cc","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/gateway_client.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.1","status":"affected"},{"version":"0","lessThan":"3.1","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.10.258","matchCriteriaId":"B5F925AF-0571-45EB-B3C7-3046B450381F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/17e3a441111cd1a530cd6ee69a22f3161d80d810","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/30bda3ef4b0cac777f1a7c314cd08b8ff6437365","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6de089b545db013433cf934bb4e4433dec2dd65f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9a1a8ed4facfe843bde6fdfcf7af0e9923eb2e17","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a340a51ed801eab7bb454150c226323b865263cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a3f3f1ec8aad84c5dd386c430b9c61cddd85b18f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ae7aeb0ce3c0ebbe357ed525779acac197a18086","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e2ec4c712d19141ca7bf7fbbb1d842f73abaa186","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52927","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.810","lastModified":"2026-07-08T15:28:53.080","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ebtables: fix OOB read in compat_mtw_from_user\n\nLuxiao Xu says:\n\n The function compat_mtw_from_user() converts ebtables extensions from\n 32-bit user structures to kernel native structures. However, it lacks\n proper validation of the user-supplied match_size/target_size.\n\n When certain extensions are processed, the kernel-side translation\n logic may perform memory accesses based on the extension's expected\n size. If the user provides a size smaller than what the extension\n requires, it results in an out-of-bounds read as reported by KASAN.\n\n This fix introduces a check to ensure match_size is at least as large\n as the extension's required compatsize. This covers matches, watchers,\n and targets, while maintaining compatibility with standard targets.\n\nAFAIU this is relevant for matches that need to go though\nmatch->compat_from_user() call.  Those that use plain memcpy with the\nuser-provided size are ok because the caller checks that size vs the\nstart of the next rule entry offset (which itself is checked vs. total\nsize copied from userspace).\n\nThe ->compat_from_user() callbacks assume they can read compatsize bytes,\nso they need this extra check.\n\nBased on an earlier patch from Luxiao Xu."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bridge/netfilter/ebtables.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"d7a8fb6f10d55a1c37b0bf8c20cca24dffd76e00","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"21af4c030567d2e6c89bb927bc18b51fba52a400","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"dad9ebf8107955bb54bd3f9cf22591b6ff37bac1","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"a27cb7325a6c69970041c7f8541fafed5a1ea3ec","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"7ad0e463fc7eafae2141cc38054264636f8b3e94","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"bf8e8eac7ede51dc318e06acef5a896dcbba7595","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"fcc4c043d137e7f1de4673dba1f3116e45377c67","versionType":"git","status":"affected"},{"version":"81e675c227ec60a0bdcbb547dc530ebee23ff931","lessThan":"f438d1786d657d57790c5d138d6db3fc9fdac392","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bridge/netfilter/ebtables.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.34","status":"affected"},{"version":"0","lessThan":"2.6.34","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.34","versionEndExcluding":"5.10.259","matchCriteriaId":"8EFA81C6-11F5-426B-A795-3F05B59387EE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.93","matchCriteriaId":"1E73413E-0629-41AA-A4D3-5A3D10A0BD63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.35","matchCriteriaId":"0FCCB23A-7629-4386-93B6-B119237C4382"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/21af4c030567d2e6c89bb927bc18b51fba52a400","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7ad0e463fc7eafae2141cc38054264636f8b3e94","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a27cb7325a6c69970041c7f8541fafed5a1ea3ec","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bf8e8eac7ede51dc318e06acef5a896dcbba7595","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d7a8fb6f10d55a1c37b0bf8c20cca24dffd76e00","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dad9ebf8107955bb54bd3f9cf22591b6ff37bac1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f438d1786d657d57790c5d138d6db3fc9fdac392","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fcc4c043d137e7f1de4673dba1f3116e45377c67","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52928","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:22.937","lastModified":"2026-07-08T15:28:47.317","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Reject SIOCATMARK on non-stream sockets\n\nSIOCATMARK reports whether the receive queue is at the urgent mark for\nMSG_OOB.\n\nIn AF_UNIX, MSG_OOB is supported only for SOCK_STREAM sockets.\nSOCK_DGRAM and SOCK_SEQPACKET reject MSG_OOB in sendmsg() and recvmsg(),\nso they should not support SIOCATMARK either.\n\nReturn -EOPNOTSUPP for non-stream sockets before checking the receive\nqueue."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/unix/af_unix.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"ec123873fdc83e7244c8ed6d17b8f8ea6c416a67","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"f085971de6d6b8ef946a5e0bcd73ff24509a0f85","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"b741c9c6ef59f17c1f104ddf1217ef77f79ed29b","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"645b1ed3259af38b7814242a420bc2081bdd1eb6","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"c34c41446acf6c0d13b5b06c809be11e0f7f2729","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"3147ddf5a41c20c45c2eb69e00b62f10f822056a","versionType":"git","status":"affected"},{"version":"314001f0bf927015e459c9d387d62a231fe93af3","lessThan":"d119775f2bad827edc28071c061fdd4a91f889a5","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/unix/af_unix.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","versionType":"semver","status":"unaffected"},{"version":"5.15.211","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.177","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.144","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.88","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.30","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.7","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"5.15.211","matchCriteriaId":"43D10312-92C4-46B5-814B-F619CB272440"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.177","matchCriteriaId":"333C9E30-7FD4-46A2-94EF-C1AA1F3EE28B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.144","matchCriteriaId":"C8AD3BC8-C843-423C-B9DB-CB52F67F578E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.88","matchCriteriaId":"5AFBE0EC-CCDF-4207-AE92-ABF958125CA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.30","matchCriteriaId":"BF39AE08-AE6D-4410-8FBE-76F6BF5BF55B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.7","matchCriteriaId":"D0893CA7-9AE6-4DFE-AC75-48967D73AD8E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3147ddf5a41c20c45c2eb69e00b62f10f822056a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/645b1ed3259af38b7814242a420bc2081bdd1eb6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b741c9c6ef59f17c1f104ddf1217ef77f79ed29b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c34c41446acf6c0d13b5b06c809be11e0f7f2729","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d119775f2bad827edc28071c061fdd4a91f889a5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec123873fdc83e7244c8ed6d17b8f8ea6c416a67","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f085971de6d6b8ef946a5e0bcd73ff24509a0f85","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52929","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.040","lastModified":"2026-07-08T15:28:40.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: stream: fully roll back denied add-stream state\n\nWhen ADD_OUT_STREAMS is denied, SCTP only shrinks the queued chunks and\nthen lowers outcnt. That leaves removed stream metadata behind, so a\nlater re-add can reuse a stale ext and hit a null-pointer dereference in\nthe scheduler get path.\n\nFix the rollback by tearing down the removed stream state the same way\nother stream resizes do. Unschedule the current scheduler state, drop\nthe removed stream ext state with sctp_stream_outq_migrate(), and then\nreschedule the remaining streams.\n\nThis keeps scheduler-private RR/FC/PRIO lists consistent while fully\nrolling back denied outgoing stream additions."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/sctp/stream.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"0cd2dc6dce8ca47212cd306ccd52eb315ef3cf85","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"a6724b7b812ac8793514a1d5938db5d9d29ae725","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"9662eb0401518f0b4681f10e7fbf688f504f24cf","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"7dd9a42b044aad2dbe037db1c1e2943582485b44","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"39dc2b0eb5371a669ebc9ec6072b9184eac95418","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"d5ea0b3e261fcb2cfff142675516165244cab1da","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"1c6773b8c081509dcd5cd2954f2b02c50c00f151","versionType":"git","status":"affected"},{"version":"637784ade221a3c8a7ecd0f583eddd95d6276b9a","lessThan":"a5f8a90ac9f77c678a9781c0a464b635e0d63e49","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/sctp/stream.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.10.259","matchCriteriaId":"E2E6634B-DED7-40B3-A18B-2140A791419F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0cd2dc6dce8ca47212cd306ccd52eb315ef3cf85","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1c6773b8c081509dcd5cd2954f2b02c50c00f151","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/39dc2b0eb5371a669ebc9ec6072b9184eac95418","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7dd9a42b044aad2dbe037db1c1e2943582485b44","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9662eb0401518f0b4681f10e7fbf688f504f24cf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a5f8a90ac9f77c678a9781c0a464b635e0d63e49","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a6724b7b812ac8793514a1d5938db5d9d29ae725","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d5ea0b3e261fcb2cfff142675516165244cab1da","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52930","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.157","lastModified":"2026-07-08T15:28:26.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nipc/shm: serialize orphan cleanup with shm_nattch updates\n\nshm_destroy_orphaned() walks the shm idr under shm_ids(ns).rwsem, but that\ndoes not serialize all fields tested by shm_may_destroy().  In particular,\nshm_nattch is updated while holding shm_perm.lock, and attach paths can do\nthat without holding the rwsem.\n\nDo not decide that an orphaned segment is unused before taking the object\nlock.  Move the shm_may_destroy() check under shm_perm.lock, matching the\nother destroy paths, and unlock the segment when it no longer qualifies\nfor removal."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["ipc/shm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"b1e9aef48e4d8a0c1b54fb913077b0824ed7d650","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"92cda2593cf2ed25b0e9d78e5e6d8303bba1a064","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"1f0d01e35dbb228084d5187212e32c91a30dcbeb","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"6560be3f6a5bb84f006f184f0c966747bb58e1a3","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"b5107b4ce3ad45fcf369ee2058c8910620f4b5a8","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"db752ebfdaf2c7f27cd9690ef48b616af068319c","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"030bbc857bd51d4b25a90d931d3f8775ef22823a","versionType":"git","status":"affected"},{"version":"4c677e2eefdba9c5bfc4474e2e91b26ae8458a1d","lessThan":"2e5c6f4fd4001562781e99bbfc7f1f0127187542","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["ipc/shm.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.1","status":"affected"},{"version":"0","lessThan":"3.1","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndExcluding":"5.10.259","matchCriteriaId":"F0425231-04DF-4E0A-A7EB-C92DB0EFA805"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/030bbc857bd51d4b25a90d931d3f8775ef22823a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1f0d01e35dbb228084d5187212e32c91a30dcbeb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2e5c6f4fd4001562781e99bbfc7f1f0127187542","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6560be3f6a5bb84f006f184f0c966747bb58e1a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/92cda2593cf2ed25b0e9d78e5e6d8303bba1a064","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b1e9aef48e4d8a0c1b54fb913077b0824ed7d650","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b5107b4ce3ad45fcf369ee2058c8910620f4b5a8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/db752ebfdaf2c7f27cd9690ef48b616af068319c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52931","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.273","lastModified":"2026-07-08T15:28:16.203","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: tp_meter: avoid use of uninit sender vars\n\nbatadv_tp_recv_ack() and batadv_tp_stop() are only valid for tp_vars in the\nBATADV_TP_SENDER role. When called with a BATADV_TP_RECEIVER role, it\nproceeds to read sender-only members that were never initialized, leading\nto undefined behavior.\n\nThis can be triggered when a node that is currently acting as a receiver in\nan ongoing tp_meter session receives a malicious ACK packet.\n\nGuard against this by checking tp_vars->role immediately after the\nlookup and bailing out if it is not BATADV_TP_SENDER, before any of\nthose members are accessed."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/tp_meter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"0e388af04b3958b178a1b979527f93eb46ea1fee","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"1a21c055f66e78973712a4a1be2a554f1ee2e4f4","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"9884c9c02d3c90e9215db3c5128f59045d20ae91","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"53f931e0146ae5bdab4cba302646827d06b3794b","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"ecdaa3e4d91040206afe21bc8a0d1198a0971ff3","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"dc2ae5fbd2dadc26735092f140b246841d969a11","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"85397e48afe6be83ffca5ad3f4792296bfc81d3d","versionType":"git","status":"affected"},{"version":"33a3bb4a3345bb511f9c69c913da95d4693e2a4e","lessThan":"6c65cf23d4c6170fcf5714c32aa64689718cb142","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/tp_meter.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.8","status":"affected"},{"version":"0","lessThan":"4.8","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.8","versionEndExcluding":"5.10.258","matchCriteriaId":"1CA35684-7A23-48C2-8A06-2BD61F906C76"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.209","matchCriteriaId":"919C10A9-7951-4A74-BADD-C135A0A8D8B4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0e388af04b3958b178a1b979527f93eb46ea1fee","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1a21c055f66e78973712a4a1be2a554f1ee2e4f4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/53f931e0146ae5bdab4cba302646827d06b3794b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6c65cf23d4c6170fcf5714c32aa64689718cb142","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/85397e48afe6be83ffca5ad3f4792296bfc81d3d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9884c9c02d3c90e9215db3c5128f59045d20ae91","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dc2ae5fbd2dadc26735092f140b246841d969a11","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ecdaa3e4d91040206afe21bc8a0d1198a0971ff3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52932","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.390","lastModified":"2026-07-08T15:28:06.697","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: ipcomp: Free destination pages on acomp errors\n\nMove the out_free_req label up by a couple of lines so that the\nallocated dst SG list gets freed on error as well as success."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xfrm/xfrm_ipcomp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"eb2953d26971f3083bbf95de4bc997b5bedf0b6e","lessThan":"dc6dcba80d72a27ab61831ad3d253316e0c9b9d5","versionType":"git","status":"affected"},{"version":"eb2953d26971f3083bbf95de4bc997b5bedf0b6e","lessThan":"b30aa173c3809f6af4c83a86099be1be19aa48eb","versionType":"git","status":"affected"},{"version":"eb2953d26971f3083bbf95de4bc997b5bedf0b6e","lessThan":"7dbac7680eb629b3b4dc7e98c34f943b8814c0c8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xfrm/xfrm_ipcomp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.15","status":"affected"},{"version":"0","lessThan":"6.15","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15","versionEndExcluding":"6.18.35","matchCriteriaId":"264F6745-E680-4AA9-A01E-4F9E3E10F604"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/7dbac7680eb629b3b4dc7e98c34f943b8814c0c8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b30aa173c3809f6af4c83a86099be1be19aa48eb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dc6dcba80d72a27ab61831ad3d253316e0c9b9d5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52933","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.480","lastModified":"2026-07-08T15:28:00.520","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/poll: fix signed comparison in io_poll_get_ownership()\n\nio_poll_get_ownership() uses a signed comparison to check whether\npoll_refs has reached the threshold for the slowpath:\n\n    if (unlikely(atomic_read(&req->poll_refs) >= IO_POLL_REF_BIAS))\n\natomic_read() returns int (signed). When IO_POLL_CANCEL_FLAG\n(BIT(31)) is set in poll_refs, the value becomes negative in\nsigned arithmetic, so the >= 128 comparison always evaluates to\nfalse and the slowpath is never taken.\n\nFix this by casting the atomic_read() result to unsigned int\nbefore the comparison, so that the cancel flag is treated as a\nlarge positive value and correctly triggers the slowpath."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["io_uring/poll.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"81bf96b0abbfa4cd47ea32e12596aed3855fb2f3","versionType":"git","status":"affected"},{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"cf522703d4f194991615763697ae25a3f9539763","versionType":"git","status":"affected"},{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"fc47043f3d9af3efa407665b47f8378ec691ba18","versionType":"git","status":"affected"},{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"ea0697129807d718037f618221037aa0660ee3c5","versionType":"git","status":"affected"},{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"c6d191164dc81838d8dbf452a6000f68c558d1ae","versionType":"git","status":"affected"},{"version":"a26a35e9019fd70bf3cf647dcfdae87abc7bacea","lessThan":"326941b22806cbf2df1fbfe902b7908b368cce42","versionType":"git","status":"affected"},{"version":"4b702b7d11ce1b9d26fc6d7c5a7ef4ac1d455048","versionType":"git","status":"affected"},{"version":"bc4e6ee16778149811333a969a7a893d4cc110c5","versionType":"git","status":"affected"},{"version":"5.15.82","lessThan":"5.16","versionType":"semver","status":"affected"},{"version":"6.0.11","lessThan":"6.1","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["io_uring/poll.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.1","status":"affected"},{"version":"0","lessThan":"6.1","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.140","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.86","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.27","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.4","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15.82","versionEndExcluding":"5.16","matchCriteriaId":"0CA7F6C7-DF61-4D29-ADBF-C4A79AAA85C8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.11","versionEndExcluding":"6.1","matchCriteriaId":"5D80EA67-1B78-4B36-AE0D-92718B28A1C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.1","versionEndExcluding":"6.1.175","matchCriteriaId":"F8A015A3-130B-47F1-899B-AEDD0994D3D4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.140","matchCriteriaId":"A1A92866-F406-43B5-B2D1-CFC274753E9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.86","matchCriteriaId":"55DA1C62-9991-451E-B8A8-E0004E00F789"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.27","matchCriteriaId":"A10AC84F-C058-47D5-85B4-E6E51A613B74"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.4","matchCriteriaId":"CDB78D6D-22C3-4154-B0D0-94AF1CE5C2E3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:-:*:*:*:*:*:*","matchCriteriaId":"DE093B34-F4CD-4052-8122-730D6537A91A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*","matchCriteriaId":"8535320E-A0DB-4277-800E-D0CE5BBA59E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*","matchCriteriaId":"21718AA4-4056-40F2-968E-BDAA465A7872"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/326941b22806cbf2df1fbfe902b7908b368cce42","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/81bf96b0abbfa4cd47ea32e12596aed3855fb2f3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c6d191164dc81838d8dbf452a6000f68c558d1ae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cf522703d4f194991615763697ae25a3f9539763","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ea0697129807d718037f618221037aa0660ee3c5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fc47043f3d9af3efa407665b47f8378ec691ba18","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52934","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.620","lastModified":"2026-07-08T17:48:48.370","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: tvlv: reject oversized TVLV packets\n\nbatadv_tvlv_container_ogm_append() builds a TVLV packet section from\nthe tvlv.container_list. The total size of this section is computed by\nbatadv_tvlv_container_list_size(), which sums the sizes of all registered\ncontainers.\n\nThe return type and accumulator in batadv_tvlv_container_list_size() were\nu16. If the accumulated size exceeds U16_MAX, the value wraps around,\ncausing the subsequent allocation in batadv_tvlv_container_ogm_append()\nto be undersized. The memcpy-style copy that follows would then write\nbeyond the end of the allocated buffer, corrupting kernel memory.\n\nFix this by widening the return type of batadv_tvlv_container_list_size()\nto size_t. In batadv_tvlv_container_ogm_append(), check the computed length\nagainst U16_MAX before proceeding, and bail out as if the allocation had\nfailed when the limit is exceeded."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/batman-adv/tvlv.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"c02aa6c0c9d1bea9bb75dea362b75ad225137bae","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"1595628a2f877d052eda18865ccf539392c47c04","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"6448a49344e87487b61bd88cb850cd694a0f576d","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"13493b00dd1e05a705981e052158652ea23eb482","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"94db72e9dac202e017ee3db22c59d17e4f3bf171","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"ede47988ac5687793745b17c1634a496a2299919","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"94a3d72cd9b21116d7c6d5bdc57c11401fc28557","versionType":"git","status":"affected"},{"version":"ef26157747d42254453f6b3ac2bd8bd3c53339c3","lessThan":"f50487e3566358b2b982b7801945e858c78ad9ab","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/batman-adv/tvlv.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3.13","status":"affected"},{"version":"0","lessThan":"3.13","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.13","versionEndExcluding":"5.10.259","matchCriteriaId":"2C7BC85C-F836-4342-84E7-0F022765B961"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.93","matchCriteriaId":"1E73413E-0629-41AA-A4D3-5A3D10A0BD63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/13493b00dd1e05a705981e052158652ea23eb482","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1595628a2f877d052eda18865ccf539392c47c04","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6448a49344e87487b61bd88cb850cd694a0f576d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/94a3d72cd9b21116d7c6d5bdc57c11401fc28557","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/94db72e9dac202e017ee3db22c59d17e4f3bf171","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c02aa6c0c9d1bea9bb75dea362b75ad225137bae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ede47988ac5687793745b17c1634a496a2299919","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f50487e3566358b2b982b7801945e858c78ad9ab","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52935","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.760","lastModified":"2026-07-08T20:35:16.957","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: espintcp: do not reuse an in-progress partial send\n\nespintcp keeps a single in-flight transmit in ctx->partial.\nBefore building a new sk_msg, espintcp_sendmsg() first tries to flush\nthat state through espintcp_push_msgs().\n\nFor blocking callers, espintcp_push_msgs() may return success even when\nthe previous partial send is still pending. espintcp_sendmsg() would\nthen reinitialize emsg->skmsg and reuse ctx->partial while the old\ntransfer still owns that state.\n\nDo not rebuild the send message when ctx->partial is still in progress.\nIf espintcp_push_msgs() returns with emsg->len still set, fail the new\nsend instead of overwriting the live partial state.\n\nThis is a memory-safety fix: reusing the live partial-send state can\nleave a stale offset attached to a new sk_msg and lead to an out-of-\nbounds read in the send path.\n\ntcp_sendmsg_locked() already handles waiting for send buffer memory, so\nthe fix here is just to preserve espintcp's one-message-at-a-time\ntransmit state."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xfrm/espintcp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"6564e9c7af7e1dc7bfe7f3093b728abe484d7630","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"1777ceac4bea5e568a5ad44b7f9bb219c1db21b6","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"8c6c691bf062dc0753a139a4ab8cb92a70fcf8f3","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"aa82a078f70f7ff88ba7d1017134e79d1ac140f2","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"ba21439302db9a82fe4edbed1e38a97271529421","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"f9b38a8fbfa07f1deaf7ee1eb38fa8b21ea13990","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"37487d55bf3300e3d2c1368da5c2bd3e3834ea4f","versionType":"git","status":"affected"},{"version":"e27cca96cd68fa2c6814c90f9a1cfd36bb68c593","lessThan":"c381039ade2e161ab08c0eda73c4f8b9a7115928","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xfrm/espintcp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.6","status":"affected"},{"version":"0","lessThan":"5.6","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.6","versionEndExcluding":"5.10.259","matchCriteriaId":"047C25D4-CC7B-4FD9-B441-C8E72652C2D0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1777ceac4bea5e568a5ad44b7f9bb219c1db21b6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/37487d55bf3300e3d2c1368da5c2bd3e3834ea4f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6564e9c7af7e1dc7bfe7f3093b728abe484d7630","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8c6c691bf062dc0753a139a4ab8cb92a70fcf8f3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aa82a078f70f7ff88ba7d1017134e79d1ac140f2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ba21439302db9a82fe4edbed1e38a97271529421","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c381039ade2e161ab08c0eda73c4f8b9a7115928","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f9b38a8fbfa07f1deaf7ee1eb38fa8b21ea13990","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52936","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.883","lastModified":"2026-07-08T20:31:02.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: jitterentropy - replace long-held spinlock with mutex\n\njent_kcapi_random() serializes the shared jitterentropy state, but it\ncurrently holds a spinlock across the jent_read_entropy() call. That\npath performs expensive jitter collection and SHA3 conditioning, so\nparallel readers can trigger stalls as contending waiters spin for\nthe same lock.\n\nTo prevent non-preemptible lock hold, replace rng->jent_lock with a\nmutex so contended readers sleep instead of spinning on a shared lock\nheld across expensive entropy generation."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["crypto/jitterentropy-kcapi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"bb5530e4082446aac3a3d69780cd4dbfa4520013","lessThan":"18216b8ab6904753eaf31baf453cb02ecd202ba4","versionType":"git","status":"affected"},{"version":"bb5530e4082446aac3a3d69780cd4dbfa4520013","lessThan":"4c03e6eb98443dc4d6d422a9780034a5b75376b4","versionType":"git","status":"affected"},{"version":"bb5530e4082446aac3a3d69780cd4dbfa4520013","lessThan":"ff734dbd9e2432601a6dcd167cfb0bf8a36d1880","versionType":"git","status":"affected"},{"version":"bb5530e4082446aac3a3d69780cd4dbfa4520013","lessThan":"ec427dc5286da1ed08f2d510e2147a7581b0cb02","versionType":"git","status":"affected"},{"version":"bb5530e4082446aac3a3d69780cd4dbfa4520013","lessThan":"01d798e9feb30212952d4e992801ba6bd6a82351","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["crypto/jitterentropy-kcapi.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.2","status":"affected"},{"version":"0","lessThan":"4.2","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"6.6.141","matchCriteriaId":"EF97161C-1BB5-4ADC-A7BA-2A18D7A44511"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.91","matchCriteriaId":"C918746B-DE6F-448F-A93E-A04C5481688D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.33","matchCriteriaId":"96D99E49-380D-43AB-BDBA-25C3AD018A9C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.10","matchCriteriaId":"A13475D2-59BF-4716-94B5-7C1D239A2CF4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/01d798e9feb30212952d4e992801ba6bd6a82351","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/18216b8ab6904753eaf31baf453cb02ecd202ba4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4c03e6eb98443dc4d6d422a9780034a5b75376b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec427dc5286da1ed08f2d510e2147a7581b0cb02","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ff734dbd9e2432601a6dcd167cfb0bf8a36d1880","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52937","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:23.980","lastModified":"2026-07-08T19:22:42.793","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR\n\nIn the SIOCGIFHWADDR path, tap_ioctl() copies 16 bytes of an\nuninitialised on-stack struct sockaddr_storage to userspace via\nifr_hwaddr, but netif_get_mac_address() only writes sa_family and\ndev->addr_len (6 for Ethernet) bytes, leaving sa_data[6..13] uninitialised.\n\nThose 8 trailing bytes leak kernel stack contents; SIOCGIFHWADDR on a\nmacvtap chardev returns kernel .text and direct-map pointers, defeating\nKASLR.\n\nInitialise ss at declaration."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/tap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3b23a32a63219f51a5298bc55a65ecee866e79d0","lessThan":"719007c3492f0f1f9e9cdbed8ac45ba45bb13eeb","versionType":"git","status":"affected"},{"version":"3b23a32a63219f51a5298bc55a65ecee866e79d0","lessThan":"05305e832be7b9d65b2b72caacf7d850b3942b2a","versionType":"git","status":"affected"},{"version":"3b23a32a63219f51a5298bc55a65ecee866e79d0","lessThan":"bddc09212c24934643bd44fc794748d2bbb3b6cd","versionType":"git","status":"affected"},{"version":"176188cff67ec1aa55103647b61d02315cc38e98","versionType":"git","status":"affected"},{"version":"1fc205d9e400f069ebf30d3faa6ec2bab2cbd7b4","versionType":"git","status":"affected"},{"version":"4d0ae760c02c98fc78b78d3a0509896bc648ad1c","versionType":"git","status":"affected"},{"version":"5.4.103","lessThan":"5.5","versionType":"semver","status":"affected"},{"version":"5.10.21","lessThan":"5.11","versionType":"semver","status":"affected"},{"version":"5.11.4","lessThan":"5.12","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/tap.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.12","status":"affected"},{"version":"0","lessThan":"5.12","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.4.103","versionEndExcluding":"5.5","matchCriteriaId":"77F47A48-724C-4A8A-BE16-F2C832EECA05"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.21","versionEndExcluding":"5.11","matchCriteriaId":"FA8451E2-8B08-45A9-AEC4-3F6C9C651E35"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11.4","versionEndExcluding":"6.18.34","matchCriteriaId":"0B6E32E7-34D9-4D94-B9F6-8D3A2D90FF06"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/05305e832be7b9d65b2b72caacf7d850b3942b2a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/719007c3492f0f1f9e9cdbed8ac45ba45bb13eeb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bddc09212c24934643bd44fc794748d2bbb3b6cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52938","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:24.073","lastModified":"2026-07-08T19:19:19.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix NULL pointer dereference in bpf_sk_storage_clone and diag paths\n\nbpf_selem_unlink_nofail() sets SDATA(selem)->smap to NULL before\nremoving the selem from the storage hlist. A concurrent RCU reader in\nbpf_sk_storage_clone() can observe the selem still on the list with\nsmap already NULL, causing a NULL pointer dereference.\n\n general protection fault, probably for non-canonical address 0xdffffc000000000a:\n KASAN: null-ptr-deref in range [0x0000000000000050-0x0000000000000057]\n RIP: 0010:bpf_sk_storage_clone+0x1cd/0xaa0 net/core/bpf_sk_storage.c:174\n Call Trace:\n  <IRQ>\n  sk_clone+0xfed/0x1980 net/core/sock.c:2591\n  inet_csk_clone_lock+0x30/0x760 net/ipv4/inet_connection_sock.c:1222\n  tcp_create_openreq_child+0x35/0x2680 net/ipv4/tcp_minisocks.c:571\n  tcp_v4_syn_recv_sock+0x123/0xf90 net/ipv4/tcp_ipv4.c:1729\n  tcp_check_req+0x8e1/0x2580 include/net/tcp.h:855\n  tcp_v4_rcv+0x1845/0x3b80 net/ipv4/tcp_ipv4.c:2347\n\nAdd a NULL check for smap in bpf_sk_storage_clone().\n\nbpf_sk_storage_diag_put_all() has the same issue. Add a NULL check\nand pass the validated smap directly to diag_get(), which is refactored\nto take smap as a parameter instead of reading it internally.\n\nbpf_sk_storage_diag_put() uses diag->maps[i] which is always valid\nunder its refcount, so diag->maps[i] is passed directly to diag_get()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/bpf_sk_storage.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5d800f87d0a5ea1b156c47a4b9fd128479335153","lessThan":"16af24fea29c209dea53595c99f6da9398548e1b","versionType":"git","status":"affected"},{"version":"5d800f87d0a5ea1b156c47a4b9fd128479335153","lessThan":"375e4e33c18dfa05c5dfd5f3dfffeb29343dd4c7","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/bpf_sk_storage.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7.0","status":"affected"},{"version":"0","lessThan":"7.0","versionType":"semver","status":"unaffected"},{"version":"7.0.14","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0","versionEndExcluding":"7.0.14","matchCriteriaId":"14E4FCA7-41D5-49FE-BAC9-92AC6CD1E220"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/16af24fea29c209dea53595c99f6da9398548e1b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/375e4e33c18dfa05c5dfd5f3dfffeb29343dd4c7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52939","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:24.160","lastModified":"2026-07-08T19:14:19.547","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/rds: fix NULL deref in rds_ib_send_cqe_handler() on masked atomic completion\n\nrds_ib_xmit_atomic() always programs a masked atomic opcode\n(IB_WR_MASKED_ATOMIC_CMP_AND_SWP or IB_WR_MASKED_ATOMIC_FETCH_AND_ADD)\nfor every RDS atomic cmsg.  But the completion-side switch in\nrds_ib_send_unmap_op() only handles the non-masked opcodes, so a masked\natomic completion falls through to default and returns rm == NULL while\nsend->s_op is left set.  rds_ib_send_cqe_handler() then dereferences the\nNULL rm via rm->m_final_op, oopsing in softirq context.  An unprivileged\nAF_RDS sendmsg() of an atomic cmsg over an active RDS/IB connection\ntriggers it; on hardware that natively accepts masked atomics (mlx4,\nmlx5) no extra setup is needed.\n\n  RDS/IB: rds_ib_send_unmap_op: unexpected opcode 0xd in WR!\n  Oops: general protection fault [#1] SMP KASAN\n  KASAN: null-ptr-deref in range [0x0000000000000190-0x0000000000000197]\n  RIP: rds_ib_send_cqe_handler+0x25c/0xb10 (net/rds/ib_send.c:282)\n  Call Trace:\n   <IRQ>\n   rds_ib_send_cqe_handler (net/rds/ib_send.c:282)\n   poll_scq (net/rds/ib_cm.c:274)\n   rds_ib_tasklet_fn_send (net/rds/ib_cm.c:294)\n   tasklet_action_common (kernel/softirq.c:943)\n   handle_softirqs (kernel/softirq.c:573)\n   run_ksoftirqd (kernel/softirq.c:479)\n   </IRQ>\n  Kernel panic - not syncing: Fatal exception in interrupt\n\nHandle the masked atomic opcodes in the same case as the non-masked\nones: they map to the same struct rds_message.atomic union member, so\nthe existing container_of()/rds_ib_send_unmap_atomic() body is correct\nfor them."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/rds/ib_send.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"a0148342badd8c9b2e46551766a27cb76c82e715","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"4dd262f875e87653df50b138de1390ab0628e6b7","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"6e4615164d185a26badb2f376a2449f4d174a5f0","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"0f22412a2f4fbbe0251c132abee045d15a90e5b6","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"0f7baa82a24813cdad0b06a6f8f07e4824af5ed5","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"dcf458120add64c96a6ef5cf719340453f6e6abf","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"4fd34669558085bcb589aa2078a13b0ca79e360d","versionType":"git","status":"affected"},{"version":"20c72bd5f5f902e5a8745d51573699605bf8d21c","lessThan":"34080db3e70ddf94c38512ad2331e3c3afca6cc1","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/rds/ib_send.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.37","status":"affected"},{"version":"0","lessThan":"2.6.37","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.37","versionEndExcluding":"5.10.259","matchCriteriaId":"FDF693F3-8226-4C51-AFC4-6ABB2C88B2E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0f22412a2f4fbbe0251c132abee045d15a90e5b6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0f7baa82a24813cdad0b06a6f8f07e4824af5ed5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/34080db3e70ddf94c38512ad2331e3c3afca6cc1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4dd262f875e87653df50b138de1390ab0628e6b7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4fd34669558085bcb589aa2078a13b0ca79e360d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6e4615164d185a26badb2f376a2449f4d174a5f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a0148342badd8c9b2e46551766a27cb76c82e715","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/dcf458120add64c96a6ef5cf719340453f6e6abf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52940","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:24.287","lastModified":"2026-07-08T19:12:57.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntun: zero the whole vnet header in tun_put_user()\n\ntun_put_user() declares an on-stack struct virtio_net_hdr_v1_hash_tunnel\nwithout zeroing it. For a non-tunnel skb, virtio_net_hdr_tnl_from_skb()\nonly initializes the first 10 bytes (sizeof(struct virtio_net_hdr)),\nleaving bytes 10..23 (num_buffers and the hash/tunnel fields) as stack\ngarbage.\n\nAn unprivileged user can set the vnet header size to 24 with\nTUNSETVNETHDRSZ, so __tun_vnet_hdr_put() copies all 24 bytes of the\npartially-initialized struct to userspace, leaking 14 bytes of kernel\nstack on every read of a non-tunnel packet.\n\nFix it the same way tun_get_user() already does by zeroing the whole\nheader right after declaration."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"288f30435132d2f9e7a29ec9b9745a4f9dc7fd37","lessThan":"5fd1fa5a4254bfdd70571c77f5e3bcb4e43738d5","versionType":"git","status":"affected"},{"version":"288f30435132d2f9e7a29ec9b9745a4f9dc7fd37","lessThan":"585cb85e9a29185be05f326369573c2663cf4380","versionType":"git","status":"affected"},{"version":"288f30435132d2f9e7a29ec9b9745a4f9dc7fd37","lessThan":"7f2fcff15e99bb852f6967396ed12b38376e2c8d","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/tun.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.17","status":"affected"},{"version":"0","lessThan":"6.17","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.18.36","matchCriteriaId":"43D90067-1014-46EC-861E-3BAF5F823B65"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/585cb85e9a29185be05f326369573c2663cf4380","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5fd1fa5a4254bfdd70571c77f5e3bcb4e43738d5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7f2fcff15e99bb852f6967396ed12b38376e2c8d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52941","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:24.380","lastModified":"2026-07-08T19:10:24.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint\n\nThe smc_msg_event tracepoint class, shared by smc_tx_sendmsg and\nsmc_rx_recvmsg, unconditionally dereferences smc->conn.lnk:\n\n\t__string(name, smc->conn.lnk->ibname)\n\nconn->lnk is only set for SMC-R; for SMC-D it is NULL. Other code on\nthese paths already handles this (e.g. !conn->lnk in\nSMC_STAT_RMB_TX_SIZE_SMALL()). With the tracepoint enabled, the first\nsendmsg()/recvmsg() on an SMC-D socket crashes:\n\n  Oops: general protection fault, probably for non-canonical address\n  KASAN: null-ptr-deref in range [...]\n  RIP: 0010:strlen+0x1e/0xa0\n  Call Trace:\n   trace_event_raw_event_smc_msg_event (net/smc/smc_tracepoint.h:44)\n   smc_rx_recvmsg (net/smc/smc_rx.c:515)\n   smc_recvmsg (net/smc/af_smc.c:2859)\n   __sys_recvfrom (net/socket.c:2315)\n   __x64_sys_recvfrom (net/socket.c:2326)\n   do_syscall_64\n\nThe faulting address 0x3e0 is offsetof(struct smc_link, ibname),\nconfirming the NULL ->lnk deref. Enabling the tracepoint requires\nroot, but the trigger itself is unprivileged: socket(AF_SMC, ...) has\nno capability check, and SMC-D negotiation needs no admin step on\ns390 or on x86 with the loopback ISM device loaded.\n\nLog an empty device name for SMC-D instead of dereferencing NULL."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/smc/smc_tracepoint.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"68200112534bb2acd1d7117dc2d5c124868d866d","versionType":"git","status":"affected"},{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"720c76b930c52cd58f50eb6b10569d03dccc7959","versionType":"git","status":"affected"},{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"b706d6d76a2a2793fe5ad0fbc2a75b6a460094ef","versionType":"git","status":"affected"},{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"d2ea0b8aef8746e147602eac87ca8538f4bc7e66","versionType":"git","status":"affected"},{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"561cf66fa9b6c86dfe4e687d2d1aeaaa6739917f","versionType":"git","status":"affected"},{"version":"aff3083f10bff7a37eaa2b4e6bc5fb627ddd5f84","lessThan":"7bf563badd37cb796df5477d2b78bb64148a1268","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/smc/smc_tracepoint.h"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.16","status":"affected"},{"version":"0","lessThan":"5.16","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.142","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.92","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.34","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.11","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.175","matchCriteriaId":"92385813-D91D-480D-83A1-F423D2CBB2BA"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.142","matchCriteriaId":"FBFF77B0-526A-4AF1-84D0-ED7187624A67"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.92","matchCriteriaId":"9CB90BD9-95B7-4D7F-9F17-4ECE6CFB66C9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.34","matchCriteriaId":"A4B1EF6D-18D7-4838-BC37-7499D5DCC3C0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.11","matchCriteriaId":"0520D091-FC52-4A50-AF07-70AE7D08B750"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/561cf66fa9b6c86dfe4e687d2d1aeaaa6739917f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/68200112534bb2acd1d7117dc2d5c124868d866d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/720c76b930c52cd58f50eb6b10569d03dccc7959","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7bf563badd37cb796df5477d2b78bb64148a1268","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b706d6d76a2a2793fe5ad0fbc2a75b6a460094ef","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d2ea0b8aef8746e147602eac87ca8538f4bc7e66","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52942","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T08:16:24.490","lastModified":"2026-07-08T19:08:21.873","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_log: validate MAC header was set before dumping it\n\nThe fallback path of dump_mac_header() guards the MAC header access\nonly with \"skb->mac_header != skb->network_header\", without checking\nskb_mac_header_was_set(). When the MAC header is unset, mac_header is\n0xffff, so the test passes and skb_mac_header(skb) returns\nskb->head + 0xffff, ~64 KiB past the buffer; the loop then reads\ndev->hard_header_len bytes out of bounds into the kernel log.\n\nThis is reachable via the netdev logger: nf_log_unknown_packet() calls\ndump_mac_header() unconditionally, and an skb sent through AF_PACKET\nwith PACKET_QDISC_BYPASS reaches the egress hook with mac_header still\nunset (__dev_queue_xmit(), which would reset it, is bypassed).\n\nAdd the skb_mac_header_was_set() check the ARPHRD_ETHER path already\nuses, and replace the open-coded MAC header length test with\nskb_mac_header_len(). Only skbs with an unset MAC header are affected;\nvalid ones are dumped as before.\n\n BUG: KASAN: slab-out-of-bounds in dump_mac_header (net/netfilter/nf_log_syslog.c:831)\n Read of size 1 at addr ffff88800ea49d3f by task exploit/148\n Call Trace:\n  kasan_report (mm/kasan/report.c:595)\n  dump_mac_header (net/netfilter/nf_log_syslog.c:831)\n  nf_log_netdev_packet (net/netfilter/nf_log_syslog.c:938 net/netfilter/nf_log_syslog.c:963)\n  nf_log_packet (net/netfilter/nf_log.c:260)\n  nft_log_eval (net/netfilter/nft_log.c:60)\n  nft_do_chain (net/netfilter/nf_tables_core.c:285)\n  nft_do_chain_netdev (net/netfilter/nft_chain_filter.c:307)\n  nf_hook_slow (net/netfilter/core.c:619)\n  nf_hook_direct_egress (net/packet/af_packet.c:257)\n  packet_xmit (net/packet/af_packet.c:280)\n  packet_sendmsg (net/packet/af_packet.c:3114)\n  __sys_sendto (net/socket.c:2265)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netfilter/nf_log_syslog.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"d704ee9c7bc68a161684c51a7ac05b446dcf38d4","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"befb8968a2abdfa948d5600ea7f7a509a292a590","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"8a81e336da685423f5b64aac4d571e63d674c52a","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"c38d41134085193efd5b237cf513ad5b3421a60d","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"af1b7699466f6556b351fa25d3dc870abfb5d310","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"65ef7397eb9a296e91839f5fd10be96f23d332e7","versionType":"git","status":"affected"},{"version":"7eb9282cd0efac08b8377cbd5037ba297c77e3f7","lessThan":"a84b6fedbc97078788be78dbdd7517d143ad1a77","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netfilter/nf_log_syslog.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.36","status":"affected"},{"version":"0","lessThan":"2.6.36","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.36","versionEndExcluding":"5.15.210","matchCriteriaId":"6F1B61BC-E6AC-449C-B36A-46449DF524A3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/65ef7397eb9a296e91839f5fd10be96f23d332e7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8a81e336da685423f5b64aac4d571e63d674c52a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a84b6fedbc97078788be78dbdd7517d143ad1a77","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/af1b7699466f6556b351fa25d3dc870abfb5d310","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/befb8968a2abdfa948d5600ea7f7a509a292a590","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c38d41134085193efd5b237cf513ad5b3421a60d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d704ee9c7bc68a161684c51a7ac05b446dcf38d4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-52943","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T10:17:19.293","lastModified":"2026-07-08T20:28:57.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: fix missing zerocopy reference in pskb_carve helpers\n\npskb_carve_inside_header() and pskb_carve_inside_nonlinear() both copy\nthe old skb_shared_info header into a new buffer via memcpy(), which\nincludes the destructor_arg pointer (uarg) for MSG_ZEROCOPY skbs.\nNeither function calls net_zcopy_get() for the new shinfo, creating an\nunaccounted holder: every skb_shared_info with destructor_arg set will\ncall skb_zcopy_clear() once when freed, but the corresponding\nnet_zcopy_get() was never called for the new copy. Repeated calls\ndrive uarg->refcnt to zero prematurely, freeing ubuf_info_msgzc while\nTX skbs still hold live destructor_arg pointers.\n\nKASAN reports use-after-free on a freed ubuf_info_msgzc:\n\n  BUG: KASAN: slab-use-after-free in skb_release_data+0x77b/0x810\n  Read of size 8 at addr ffff88801574d3e8 by task poc/220\n\n  Call Trace:\n   skb_release_data+0x77b/0x810\n   kfree_skb_list_reason+0x13e/0x610\n   skb_release_data+0x4cd/0x810\n   sk_skb_reason_drop+0xf3/0x340\n   skb_queue_purge_reason+0x282/0x440\n   rds_tcp_inc_free+0x1e/0x30\n   rds_recvmsg+0x354/0x1780\n   __sys_recvmsg+0xdf/0x180\n\n  Allocated by task 219:\n   msg_zerocopy_realloc+0x157/0x7b0\n   tcp_sendmsg_locked+0x2892/0x3ba0\n\n  Freed by task 219:\n   ip_recv_error+0x74a/0xb10\n   tcp_recvmsg+0x475/0x530\n\nThe skb consuming the late access still referenced the same uarg via\nshinfo->destructor_arg copied by pskb_carve_inside_nonlinear() without\na refcount bump. This has been verified to be reliably exploitable: a\nworking proof-of-concept achieves full root privilege escalation from\nan unprivileged local user on a default kernel configuration.\n\nThe fix follows the pattern of pskb_expand_head() which has the same\nmemcpy/cloned structure. For pskb_carve_inside_header(), net_zcopy_get()\nis placed after skb_orphan_frags() succeeds, so the orphan error path\nneeds no cleanup. For pskb_carve_inside_nonlinear(), net_zcopy_get() is\nplaced after all failure points and just before skb_release_data(), so\nno error path needs cleanup at all -- matching pskb_expand_head() more\nclosely and avoiding the need for a balancing net_zcopy_put()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/skbuff.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"8dbed691e43a50903658130bde0fcb5abc425b37","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"9b40bdc2a3298225dffab8158208a0d8c6300578","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"fd470f0a97b8e9a125f520265d2f3b088ffb5b8a","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"ceafb893b12f23331dcc5ff9587e643c3a40ee9f","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"2e0e74c59b2761a414d9f48d7bee1e45220b2427","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"96a4713ae041cc85e712bac682cd2e644004d6c6","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"474d6c771d798bca84f0a140b611e36743511e18","versionType":"git","status":"affected"},{"version":"6fa01ccd883021105e9f8af7d04b9f156fa3494a","lessThan":"98d0912e9f841e5529a5b89a972805f34cb1c69d","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/skbuff.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.7","status":"affected"},{"version":"0","lessThan":"4.7","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.93","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-911"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.7","versionEndExcluding":"5.10.259","matchCriteriaId":"3FA30F1C-F514-4A35-83AD-10A879443A42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.93","matchCriteriaId":"1E73413E-0629-41AA-A4D3-5A3D10A0BD63"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.35","matchCriteriaId":"0FCCB23A-7629-4386-93B6-B119237C4382"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2e0e74c59b2761a414d9f48d7bee1e45220b2427","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/474d6c771d798bca84f0a140b611e36743511e18","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8dbed691e43a50903658130bde0fcb5abc425b37","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/96a4713ae041cc85e712bac682cd2e644004d6c6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98d0912e9f841e5529a5b89a972805f34cb1c69d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9b40bdc2a3298225dffab8158208a0d8c6300578","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ceafb893b12f23331dcc5ff9587e643c3a40ee9f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fd470f0a97b8e9a125f520265d2f3b088ffb5b8a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-52943","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492137","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-52943.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-52944","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T10:17:19.447","lastModified":"2026-07-08T19:03:29.597","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE\n\nFSCTL_SET_SPARSE in fsctl_set_sparse() modifies the file's sparse\nattribute and saves it through xattr without any permission checks.\n\nThis exposes two issues:\n\n1) A client on a read-only share can change the sparse attribute\n   on files it opened, even though the share is read-only.\n   Other FSCTL write operations already check\n   test_tree_conn_flag(work->tcon, KSMBD_TREE_CONN_FLAG_WRITABLE),\n   but FSCTL_SET_SPARSE does not.\n\n2) Even on writable shares, clients without FILE_WRITE_DATA or\n   FILE_WRITE_ATTRIBUTES access should not modify the sparse\n   attribute. Similar handle-level checks exist in other functions\n   but are missing here.\n\nAdd both share-level writable check and per-handle access check.\nUse goto out on error to avoid leaking file references."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["fs/smb/server/smb2pdu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9","lessThan":"3127a884525dc8ca4def73254bfcd3ccef0bf812","versionType":"git","status":"affected"},{"version":"e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9","lessThan":"de9eb0b44fa9123170e6245b49638e0e453c10f8","versionType":"git","status":"affected"},{"version":"e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9","lessThan":"aef151bcfa494bfe983669de2726734b534adb73","versionType":"git","status":"affected"},{"version":"e2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9","lessThan":"cc57232cae23c0df91b4a59d0f519141ce9b5b02","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["fs/smb/server/smb2pdu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.15","status":"affected"},{"version":"0","lessThan":"5.15","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.18.35","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.12","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.15","versionEndExcluding":"6.6.143","matchCriteriaId":"3CEFB6A8-22D7-4D35-832D-007ECEE72942"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.18.35","matchCriteriaId":"78991494-12C9-4A28-BB46-23FB277E185A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.12","matchCriteriaId":"9161A938-0FA8-44BC-95FE-C5A271601AB3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3127a884525dc8ca4def73254bfcd3ccef0bf812","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/aef151bcfa494bfe983669de2726734b534adb73","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cc57232cae23c0df91b4a59d0f519141ce9b5b02","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/de9eb0b44fa9123170e6245b49638e0e453c10f8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53071","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-24T17:17:20.843","lastModified":"2026-07-08T13:16:53.650","vulnStatus":"Received","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp\n\nl2cap_ecred_reconf_rsp() calls l2cap_chan_del() without holding\nl2cap_chan_lock(). Every other l2cap_chan_del() caller in the file\nacquires the lock first. A remote BLE device can send a crafted\nL2CAP ECRED reconfiguration response to corrupt the channel list\nwhile another thread is iterating it.\n\nAdd l2cap_chan_hold() and l2cap_chan_lock() before l2cap_chan_del(),\nand l2cap_chan_unlock() and l2cap_chan_put() after, matching the\npattern used in l2cap_ecred_conn_rsp() and l2cap_conn_del()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/l2cap_core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"96dca51715d86559ed6ed8028e5445cecb80f3ae","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"330b20ec97916961ee0e6c29c06bc0fa7c96e64c","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"0ccd75c51f620374086f359e906917676e699a1c","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"77a853aec710b2fdf41fa298ea3cbc9a4358f917","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"fe1188abdae9b7a8199dcdfcf9244d5e5d61eb14","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"dc89961b76f12aff47124c1df4bdb32a080f4d0c","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"5501d055a1ce3c747141e3955ba8cf034d193f3e","versionType":"git","status":"affected"},{"version":"15f02b91056253e8cdc592888f431da0731337b8","lessThan":"42776497cdbc9a665b384a6dcb85f0d4bd927eab","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/l2cap_core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.7","status":"affected"},{"version":"0","lessThan":"5.7","versionType":"semver","status":"unaffected"},{"version":"5.10.258","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.209","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.175","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.141","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.91","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.33","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.10","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}]},"weaknesses":[{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"references":[{"url":"https://git.kernel.org/stable/c/0ccd75c51f620374086f359e906917676e699a1c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/330b20ec97916961ee0e6c29c06bc0fa7c96e64c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/42776497cdbc9a665b384a6dcb85f0d4bd927eab","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/5501d055a1ce3c747141e3955ba8cf034d193f3e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/77a853aec710b2fdf41fa298ea3cbc9a4358f917","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/96dca51715d86559ed6ed8028e5445cecb80f3ae","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/dc89961b76f12aff47124c1df4bdb32a080f4d0c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://git.kernel.org/stable/c/fe1188abdae9b7a8199dcdfcf9244d5e5d61eb14","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67"},{"url":"https://access.redhat.com/security/cve/CVE-2026-53071","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492458","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53071.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"}]}},{"cve":{"id":"CVE-2026-11998","sourceIdentifier":"36c7be3b-2937-45df-85ea-ca7133ea542c","published":"2026-06-24T21:16:52.170","lastModified":"2026-07-09T13:16:47.160","vulnStatus":"Awaiting Analysis","cveTags":[{"sourceIdentifier":"36c7be3b-2937-45df-85ea-ca7133ea542c","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"A flaw in AngularJS' Strict Contextual Escaping (SCE) logic allows bypassing certain SCE policies for resource URLs and can lead to arbitrary JavaScript execution within the context of the victim's browser session.\n\n\nSCE's purpose is to ensure that only trusted or safe values are used in certain security-sensitive contexts, such as resource URLs, including URLs that define executable JavaScript scripts, '<iframe>' documents, route templates, etc. A flaw in the logic that tries to match entire URLs against regular expression matchers can result in partial matches for certain types of regular expressions, effectively bypassing the policies and allowing the use of unsafe values as resource URLs.\n\n\nThis issue affects AngularJS versions greater than or equal to 1.2.0-rc.3.\n\n\nNote:\nThe AngularJS project was already End-of-Life when this CVE was published and will not receive any updates to address this issue. For more information see the  End-of-Life announcement https://docs.angularjs.org/misc/version-support-status ."}],"affected":[{"source":"36c7be3b-2937-45df-85ea-ca7133ea542c","affectedData":[{"vendor":"Google","product":"AngularJS","defaultStatus":"unaffected","collectionURL":"https://registry.npmjs.org","packageName":"angular","repo":"https://github.com/angular/angular.js","versions":[{"version":">=1.2.0-rc.3","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]},{"vendor":"Red Hat","product":"Red Hat Fuse 7","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:jboss_fuse:7"]},{"vendor":"Red Hat","product":"Red Hat OpenStack Platform 16.2","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:openstack:16.2"]},{"vendor":"Red Hat","product":"Red Hat Quay 3","defaultStatus":"unaffected","cpes":["cpe:/a:redhat:quay:3"]}]}],"metrics":{"cvssMetricV31":[{"source":"36c7be3b-2937-45df-85ea-ca7133ea542c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-25T13:12:17.669220Z","id":"CVE-2026-11998","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"36c7be3b-2937-45df-85ea-ca7133ea542c","type":"Secondary","description":[{"lang":"en","value":"CWE-791"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://codepen.io/herodevs/pen/JobQdmz/5b3896f56fab66f20cd25e698cf3faa8","source":"36c7be3b-2937-45df-85ea-ca7133ea542c"},{"url":"https://www.herodevs.com/vulnerability-directory/cve-2026-11998","source":"36c7be3b-2937-45df-85ea-ca7133ea542c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-11998","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492579","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-11998.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://www.herodevs.com/vulnerability-directory/cve-2026-11998?nes-for-angularjs","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-53143","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.607","lastModified":"2026-07-08T14:43:56.283","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11\n\nThe v11 MQD manager incorrectly assigned the CP-compute variants of\ncheckpoint_mqd/restore_mqd for KFD_MQD_TYPE_SDMA queues. These functions\nuse sizeof(struct v11_compute_mqd) (2048 bytes) instead of sizeof(struct\nv11_sdma_mqd) (512 bytes), causing a 1536-byte overflow.\n\nDuring CRIU checkpoint of an SDMA queue on Navi3x:\n- checkpoint_mqd() reads 2048 bytes from a 512-byte SDMA MQD buffer,\n  leaking 1536 bytes of adjacent GTT memory to userspace\n\nDuring CRIU restore:\n- restore_mqd() writes 2048 bytes into a 512-byte SDMA MQD buffer,\n  corrupting 1536 bytes of adjacent GTT memory (often the ring buffer\n  or neighboring MQDs)\n\nThis is a copy-paste regression unique to v11. All other ASIC backends\n(cik, vi, v9, v10, v12) correctly use the SDMA-specific variants.\n\nAdd checkpoint_mqd_sdma() and restore_mqd_sdma() functions that properly\nhandle the smaller v11_sdma_mqd structure, matching the pattern used in\nother MQD managers.\n\n(cherry picked from commit 6fa41db7ffdec97d62433adf03b7b9b759af8c2c)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"cc009e613de6560eb499f8bc92c80a737752cb30","lessThan":"16dad1fb0d783a4008de30e32d0038c393de05b1","versionType":"git","status":"affected"},{"version":"cc009e613de6560eb499f8bc92c80a737752cb30","lessThan":"2c5b66c9b4057b385566940935ebc32f6e6ebfd2","versionType":"git","status":"affected"},{"version":"cc009e613de6560eb499f8bc92c80a737752cb30","lessThan":"d3efcadfe3eea5b4263b8f2d4463b15c9fc46a64","versionType":"git","status":"affected"},{"version":"cc009e613de6560eb499f8bc92c80a737752cb30","lessThan":"d02f05d30f35b036f7cbaf72de634affb5b38ec6","versionType":"git","status":"affected"},{"version":"cc009e613de6560eb499f8bc92c80a737752cb30","lessThan":"352ea59028ea48a6fff77f19ae28f98f71946a80","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpu/drm/amd/amdkfd/kfd_mqd_manager_v11.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.19","status":"affected"},{"version":"0","lessThan":"5.19","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-131"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.19","versionEndExcluding":"6.6.143","matchCriteriaId":"83122EE5-06E7-4996-8D74-0522071B474D"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/16dad1fb0d783a4008de30e32d0038c393de05b1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2c5b66c9b4057b385566940935ebc32f6e6ebfd2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/352ea59028ea48a6fff77f19ae28f98f71946a80","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d02f05d30f35b036f7cbaf72de634affb5b38ec6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d3efcadfe3eea5b4263b8f2d4463b15c9fc46a64","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-53143","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492719","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53143.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53145","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:31.810","lastModified":"2026-07-08T14:57:03.593","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Try to fix change_handle ioctl, attempt 4\n\n[airlied: just added some comments on how to reenable]\nOn-list because the cat is out of the bag and we're clearly not good\nenough to figure this out in private. The story thus far:\n\n5e28b7b94408 (\"drm: Set old handle to NULL before prime swap in\nchange_handle\") tried to fix a race condition between the gem_close and\ngem_change_handle ioctls, but got a few things wrong:\n\n- There's a confusion with the local variable handle, which is actually\n  the new handle, and so the two-stage trick was actually applied to the\n  wrong idr slot. 7164d78559b0 (\"drm/gem: fix race between\n  change_handle and handle_delete\") tried to fix that by adding yet\n  another code block, but forgot to add the error handling. Which meant\n  we now have two paths, both kinda wrong.\n\n- dc366607c41c (\"drm: Replace old pointer to new idr\") tried to apply\n  another fix, but inconsistently, again because of the handle confusion\n  - this would be the right fix (kinda, somewhat, it's a mess) if we'd\n  do the two-stage approach for the new handle. Except that wasn't the\n  intent of the original fix.\n\nWe also didn't have an igt merged for the original ioctl, which is a big\nno-go. This was attempted to address off-list in the original bugfix,\nand amd QA people claimed the bug was fixed now. Very clearly that's not\nthe case. Here's my attempt to sort this out:\n\n- Rename the local variable to new_handle, the old aliasing with\n  args->handle is just too dangerously confusing.\n\n- Merge the gem obj lookup with the two-stage idr_replace so that we\n  avoid getting ourselves confused there.\n\n- This means we don't have a surplus temporary reference anymore, only\n  an inherited from the idr. A concurrent gem_close on the new_handle\n  could steal that. Fix that with the same two-stage approach\n  create_tail uses. This is a bit overkill as documented in the comment,\n  but I also don't trust my ability to understand this all correctly, so\n  go with the established pattern we have from other ioctls instead for\n  maximum paranoia.\n\n- Adjust error paths. I've tried to make the error and success paths\n  common, because they are identical except for which handle is removed\n  and on which we call idr_replace to (re)install the object again. But\n  that made things messier to read, so I've left it at the more verbose\n  version, which unfortunately hides the symmetry in the entire code\n  flow a bit.\n\n- While at it, also replace the 7 space indent with 1 tab.\n\nAnd finally, because I flat out don't trust my abilities here at all\nanymore:\n\n- Disable the ioctl until we have the igt situation and everything else\n  sorted out on-list and with full consensus.\n\nv2:\n\nSashiko noticed that I didn't handle the error path for idr_replace\ncorrectly, it must be checked with IS_ERR_OR_NULL like in\ngem_handle_delete. So yeah, definitely should just the existing paths\n1:1 because this is endless amounts of tricky.\n\nAlso add the Fixes: line for the original ioctl, I forgot that too."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/drm_gem.c","drivers/gpu/drm/drm_ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"672464dd53231509c9c771110798c56d4660e19e","lessThan":"c0639ede2f24ac224b2079cd35ecd5fd8ad4e3cd","versionType":"git","status":"affected"},{"version":"61bd96d3e5472c253f9c1ab77608f0c8aaa9d025","lessThan":"1d9b93df7fc768228906e24220591ec1cddad391","versionType":"git","status":"affected"},{"version":"5e28b7b94408897e41c63477aabc9e1db439bc8c","lessThan":"1a4f03d22fb655e5f192244fb2c87d8066fcfca2","versionType":"git","status":"affected"},{"version":"318b995cffcfcaa69a234d28123a3f4ae186a9df","versionType":"git","status":"affected"},{"version":"38f12d0e10d83b66fa1466400d876a3a8da31542","versionType":"git","status":"affected"},{"version":"0dfa42cfe4dbe114533480503934f43e33c1e83d","versionType":"git","status":"affected"},{"version":"cde2c9257cbe8463b9dcf7b1075177b72b5fd938","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpu/drm/drm_gem.c","drivers/gpu/drm/drm_ioctl.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.18.32","lessThan":"6.18.36","versionType":"semver","status":"affected"},{"version":"7.0.9","lessThan":"7.0.13","versionType":"semver","status":"affected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:9"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-367"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18.32","versionEndExcluding":"6.18.36","matchCriteriaId":"31CD171B-DFD5-4D12-B633-B42F02ACBD80"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.9","versionEndExcluding":"7.0.13","matchCriteriaId":"322D0AF5-A8BD-4FEE-82F7-1CCC7E7693B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1a4f03d22fb655e5f192244fb2c87d8066fcfca2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1d9b93df7fc768228906e24220591ec1cddad391","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c0639ede2f24ac224b2079cd35ecd5fd8ad4e3cd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-53145","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492773","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53145.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53148","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:32.140","lastModified":"2026-07-08T14:41:01.103","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Clamp XDomain response data copy to allocation size\n\ntb_xdp_properties_request() derives the per-packet copy length from\nthe response header without checking that it fits in the previously\nallocated data buffer.  A malicious peer can set its length field\nlarger than the declared data_length, causing memcpy to write past\nthe kcalloc allocation.\n\nClamp the per-packet copy length so that the cumulative offset\nnever exceeds data_len."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/thunderbolt/xdomain.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"0b334279a82d79fb4723bd4f614305de1ab69caa","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"6021d39ccd979713b39b980286020d8f9a45efd1","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"89ae04365e01d5ae4aae83044a8bbd2a9aaf8d0d","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"5db10c8ad8c09f72c847dfeef3d876098257f505","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"05a43157676c243c248d1c6d9dcecbe6eba2f35d","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"fcbd0cdab92838854a5818be7ed8a097164ef6d5","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"906035d5c3784570191d259cbf9a0ac1617852b5","versionType":"git","status":"affected"},{"version":"cdae7c07e3e3509eaabc18c1640a55dc5b99c179","lessThan":"322e93448d908434ae5545660fcbe8f5a7a8e141","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/thunderbolt/xdomain.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.15","status":"affected"},{"version":"0","lessThan":"4.15","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"5.10.259","matchCriteriaId":"E2E6634B-DED7-40B3-A18B-2140A791419F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/05a43157676c243c248d1c6d9dcecbe6eba2f35d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0b334279a82d79fb4723bd4f614305de1ab69caa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/322e93448d908434ae5545660fcbe8f5a7a8e141","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5db10c8ad8c09f72c847dfeef3d876098257f505","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6021d39ccd979713b39b980286020d8f9a45efd1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/89ae04365e01d5ae4aae83044a8bbd2a9aaf8d0d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/906035d5c3784570191d259cbf9a0ac1617852b5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fcbd0cdab92838854a5818be7ed8a097164ef6d5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-53148","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492756","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53148.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53153","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:32.680","lastModified":"2026-07-08T13:51:05.307","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nmm/list_lru: drain before clearing xarray entry on reparent\n\nmemcg_reparent_list_lrus() clears the dying memcg's xarray entry with\nxas_store(&xas, NULL) before reparenting its per-node lists into the\nparent.  This opens a window where a concurrent list_lru_del() arriving\nfor the dying memcg sees xa_load() == NULL, walks to the parent in\nlock_list_lru_of_memcg(), takes the parent's per-node lock, and calls\nlist_del_init() on an item still physically linked on the dying memcg's\nlist.\n\nIf another in-flight thread holds the dying memcg's per-node lock at the\nsame moment (another list_lru_del, or a list_lru_walk_one running an\nisolate callback), both threads modify ->next/->prev pointers on the same\nphysical list under different locks.  Adjacent items can corrupt each\nother's links.\n\nFix it by reversing the order: reparent each per-node list and mark the\nchild's list lru dead and then clear the xarray entry.  Any concurrent\nlist_lru op that finds the still-set xarray entry either takes the dying\nmemcg's per-node lock (synchronizing with the drain) or sees LONG_MIN and\nwalks to the parent, where the items now live."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["mm/list_lru.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"fb56fdf8b9a2f7397f8a83dce50189f3f0cf71af","lessThan":"c19ff4351214f059349788e13e70e74325831ff6","versionType":"git","status":"affected"},{"version":"fb56fdf8b9a2f7397f8a83dce50189f3f0cf71af","lessThan":"2b66496d794e98f7aeec7688573051f22ec40bac","versionType":"git","status":"affected"},{"version":"fb56fdf8b9a2f7397f8a83dce50189f3f0cf71af","lessThan":"98733f3f0becb1ae0701d021c1748e974e5fa55c","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["mm/list_lru.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.13","status":"affected"},{"version":"0","lessThan":"6.13","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"unaffected","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-820"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/2b66496d794e98f7aeec7688573051f22ec40bac","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98733f3f0becb1ae0701d021c1748e974e5fa55c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c19ff4351214f059349788e13e70e74325831ff6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-53153","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2492790","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-53153.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53234","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.293","lastModified":"2026-07-08T19:02:06.450","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ibm: emac: Fix use-after-free during device removal\n\nThe driver was using devm_register_netdev() which causes unregister_netdev()\nto be deferred until the devres cleanup phase, which runs after emac_remove()\nreturns. This creates a use-after-free window where:\n\n1. emac_remove() is called, which tears down hardware (cancels work, detaches\n   modules, unregisters from MAL)\n2. emac_remove() returns\n3. devres cleanup runs and finally calls unregister_netdev()\n\nDuring step 3, the network stack might still process packets, triggering\nemac_irq(), emac_poll(), or other handlers that access now-freed hardware\nresources (dev->emacp, dev->mal, etc.).\n\nFix this by replacing devm_register_netdev() with manual register_netdev()\nand calling unregister_netdev() at the beginning of emac_remove(), before\nany hardware teardown. This ensures the network device is fully stopped and\nunregistered before hardware resources are released.\n\nThe change is safe because:\n- dev->ndev is assigned very early in probe (before any error paths that\n  could bypass emac_remove)\n- platform_set_drvdata() is only called after successful registration, so\n  emac_remove() only runs for fully registered devices\n- unregister_netdev() is idempotent and safe to call on any registered device"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/net/ethernet/ibm/emac/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"a4dd8535a527061a01f2fd335596fa77ca240a96","lessThan":"cf8e14db93eaecc4c0c58299be3b3183b0e53ed5","versionType":"git","status":"affected"},{"version":"a4dd8535a527061a01f2fd335596fa77ca240a96","lessThan":"c09c2e236eef6f59e105f38a30f5439e6ccbcad7","versionType":"git","status":"affected"},{"version":"a4dd8535a527061a01f2fd335596fa77ca240a96","lessThan":"c12584cd6078085d707266be864e7e1cc91d74e3","versionType":"git","status":"affected"},{"version":"a4dd8535a527061a01f2fd335596fa77ca240a96","lessThan":"a0130d682222ae21afc395aead7cd2d87e1a8358","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/net/ethernet/ibm/emac/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"6.12.94","matchCriteriaId":"7327870E-8777-43EF-92CB-081E4B51D6F9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/a0130d682222ae21afc395aead7cd2d87e1a8358","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c09c2e236eef6f59e105f38a30f5439e6ccbcad7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c12584cd6078085d707266be864e7e1cc91d74e3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cf8e14db93eaecc4c0c58299be3b3183b0e53ed5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53235","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.397","lastModified":"2026-07-08T19:00:57.917","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: add pskb_may_pull() to skb_gro_receive_list()\n\nskb_gro_receive_list() calls skb_pull(skb, skb_gro_offset(skb)) without\nfirst ensuring the data is in the linear area via pskb_may_pull(). When\nthe skb arrives via napi_gro_frags(), skb_headlen can be 0 (all data in\npage fragments) while skb_gro_offset is non-zero (after IP+TCP header\nparsing). The skb_pull() then decrements skb->len by skb_gro_offset\nbut skb->data_len stays unchanged, hitting BUG_ON(skb->len < skb->data_len)\nin __skb_pull().\n\nThe UDP fraglist GRO path already contains this guard at\nudp_offload.c:749. Adding it to skb_gro_receive_list() itself provides\ncentralized protection for all callers (TCP, UDP, and any future\nprotocols), and ensures the precondition of skb_pull() is satisfied\nbefore it is called.\n\nOn pskb_may_pull() failure, set NAPI_GRO_CB(skb)->flush = 1 so the\nskb is not held as a new GRO head and is instead delivered through the\nnormal receive path, matching the UDP handling."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/gro.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"8d95dc474f85481652a0e422d2f1f079de81f63c","lessThan":"9e636c995b7beeb74ea882968248752821c244c4","versionType":"git","status":"affected"},{"version":"8d95dc474f85481652a0e422d2f1f079de81f63c","lessThan":"0cde3a004119db637b401c54e77536e4145fc0b4","versionType":"git","status":"affected"},{"version":"8d95dc474f85481652a0e422d2f1f079de81f63c","lessThan":"848571dcbbbea7ba44dd4f7ebe1fbb274afe08ac","versionType":"git","status":"affected"},{"version":"8d95dc474f85481652a0e422d2f1f079de81f63c","lessThan":"f2bb3434544454099a5b6dec213567267b05d79d","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/gro.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.10","status":"affected"},{"version":"0","lessThan":"6.10","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.10","versionEndExcluding":"6.12.94","matchCriteriaId":"75F2C460-8745-4342-9F01-D6B029B4B9ED"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0cde3a004119db637b401c54e77536e4145fc0b4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/848571dcbbbea7ba44dd4f7ebe1fbb274afe08ac","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9e636c995b7beeb74ea882968248752821c244c4","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f2bb3434544454099a5b6dec213567267b05d79d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53236","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.493","lastModified":"2026-07-08T13:20:37.600","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: restrict SO_ATTACH_FILTER to priv users\n\nThis patch restricts the use of SO_ATTACH_FILTER (cBPF) on TCP sockets\nto users with CAP_NET_ADMIN capability.\n\nThis blocks potential side-channel attack where an unprivileged application\nattaches a filter to leak TCP sequence/acknowledgment numbers."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/core/sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"3747de241a66ef2c7032d2cc2b826a47c5fa0f6a","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"ecfe9171b26ae3eed0cd8bab7a943e9e2c9e51ba","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"82b3e7ce10c53fc12aab8904745603efc74f8c07","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"ede69b8f6670600e534591664584f810d7c385f9","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"c68517a3e18e20997808821c5559d0cba4d776c1","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"5d39580f68e6ddeedd15e587282207489dfb3da2","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/core/sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"6.1.176","matchCriteriaId":"82D831C2-08D3-43F5-A6A7-F4B9A5A9B631"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3747de241a66ef2c7032d2cc2b826a47c5fa0f6a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5d39580f68e6ddeedd15e587282207489dfb3da2","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/82b3e7ce10c53fc12aab8904745603efc74f8c07","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c68517a3e18e20997808821c5559d0cba4d776c1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ecfe9171b26ae3eed0cd8bab7a943e9e2c9e51ba","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ede69b8f6670600e534591664584f810d7c385f9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53237","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.597","lastModified":"2026-07-08T13:13:22.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix NULL pointer dereference in suspend/resume\n\nmvebu_pwm_suspend() and mvebu_pwm_resume() are called for all GPIO\nbanks during suspend/resume, but not all banks have PWM functionality.\nGPIO banks without PWM have mvchip->mvpwm set to NULL.\n\nCalling mvebu_pwm_suspend() with mvpwm == NULL causes a NULL pointer\ndereference when it tries to access mvpwm->blink_select.\n\n  Unable to handle kernel NULL pointer dereference at virtual address 00000020 when write\n  [00000020] *pgd=00000000\n  Internal error: Oops: 815 [#1] PREEMPT ARM\n  Modules linked in:\n  CPU: 0 UID: 0 PID: 406 Comm: sh Not tainted 6.12.74-rt12-yocto-standard-g4e96f98fb7db-dirty #353\n  Hardware name: Marvell Armada 370/XP (Device Tree)\n  PC is at regmap_mmio_read+0x38/0x54\n  LR is at regmap_mmio_read+0x38/0x54\n  pc : [<c05fd2ac>]    lr : [<c05fd2ac>]    psr: 200f0013\n  sp : f0c11d10  ip : 00000000  fp : c100d2f0\n  r10: c14fb854  r9 : 00000000  r8 : 00000000\n  r7 : c1799c00  r6 : 00000020  r5 : 00000020  r4 : c179c7c0\n  r3 : f0a231a0  r2 : 00000020  r1 : 00000020  r0 : 00000000\n  Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none\n  Control: 10c5387d  Table: 135ec059  DAC: 00000051\n  Call trace:\n   regmap_mmio_read from _regmap_bus_reg_read+0x78/0xac\n   _regmap_bus_reg_read from _regmap_read+0x60/0x154\n   _regmap_read from regmap_read+0x3c/0x60\n   regmap_read from mvebu_gpio_suspend+0xa4/0x14c\n   mvebu_gpio_suspend from dpm_run_callback+0x54/0x180\n   dpm_run_callback from device_suspend+0x124/0x630\n   device_suspend from dpm_suspend+0x124/0x270\n   dpm_suspend from dpm_suspend_start+0x64/0x6c\n   dpm_suspend_start from suspend_devices_and_enter+0x140/0x8e8\n   suspend_devices_and_enter from pm_suspend+0x2fc/0x308\n   pm_suspend from state_store+0x6c/0xc8\n   state_store from kernfs_fop_write_iter+0x10c/0x1f8\n   kernfs_fop_write_iter from vfs_write+0x270/0x468\n   vfs_write from ksys_write+0x70/0xf0\n   ksys_write from ret_fast_syscall+0x0/0x54\n\nAdd a NULL check for mvchip->mvpwm before calling the PWM\nsuspend/resume functions."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["drivers/gpio/gpio-mvebu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"757642f9a584e893f3f4e50c99b674ee8a3ed363","lessThan":"7db09011ce62162d72897fc4856b4425245dfe35","versionType":"git","status":"affected"},{"version":"757642f9a584e893f3f4e50c99b674ee8a3ed363","lessThan":"4ef24338eda3c7e96d6f94a988266ff16ed3985d","versionType":"git","status":"affected"},{"version":"757642f9a584e893f3f4e50c99b674ee8a3ed363","lessThan":"6136c1474db88272231573e222896e1998d34662","versionType":"git","status":"affected"},{"version":"757642f9a584e893f3f4e50c99b674ee8a3ed363","lessThan":"c9677a9274ffb44987ec209dc8ec9f2d34946956","versionType":"git","status":"affected"},{"version":"757642f9a584e893f3f4e50c99b674ee8a3ed363","lessThan":"b9ad50d7505ebd48282ec3630258dc820fc85c81","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["drivers/gpio/gpio-mvebu.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.12","status":"affected"},{"version":"0","lessThan":"4.12","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12","versionEndExcluding":"6.6.143","matchCriteriaId":"5A633716-C5E6-4EC9-BEBD-D8A0818C7F95"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/4ef24338eda3c7e96d6f94a988266ff16ed3985d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6136c1474db88272231573e222896e1998d34662","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7db09011ce62162d72897fc4856b4425245dfe35","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b9ad50d7505ebd48282ec3630258dc820fc85c81","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9677a9274ffb44987ec209dc8ec9f2d34946956","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53238","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.713","lastModified":"2026-07-08T13:12:15.800","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetlabel: validate unlabeled address and mask attribute lengths\n\nnetlbl_unlabel_addrinfo_get() used the address attribute length to\ndetermine whether the attribute data could be read as an IPv4 or IPv6\naddress, but did not independently validate the corresponding mask\nattribute length.  A crafted Generic Netlink request could therefore\nprovide a valid IPv4/IPv6 address attribute with a shorter mask\nattribute, which would later be read as a full struct in_addr or\nstruct in6_addr.\n\nNLA_BINARY policy lengths are maximum lengths by default, so use\nNLA_POLICY_EXACT_LEN() for the unlabeled IPv4/IPv6 address and mask\nattributes.  This rejects short attributes during policy validation and\nalso exposes the exact length requirements through policy introspection."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/netlabel/netlabel_unlabeled.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"975a84fd741440853380d37465b6e226cf47254c","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"672f0f3b8f875ffe6525a37847eafa7648c4c0c6","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"95bda3eac0b1454c2cee98d58d9ba6dd8391e843","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"07a18f5c90dd3d586b73242f5a5bbf0a72f2fdc6","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"71c52da13c3737493b42d20d9f33de34e03b3156","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"0c4bb32ad7fdc2dc6a8050f41eb04d4bda56b6c8","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"ccfe292a966079c61ea68a2da303b2a336170993","versionType":"git","status":"affected"},{"version":"8cc44579d1bd77ba3a32f2cb76fd9669c229c5fd","lessThan":"9772589b57e44aedc240211c5c3f7a684a034d3a","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/netlabel/netlabel_unlabeled.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.25","status":"affected"},{"version":"0","lessThan":"2.6.25","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.25","versionEndExcluding":"5.10.259","matchCriteriaId":"3D7B1C25-B15B-469B-86ED-C02BFEC9F0DB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/07a18f5c90dd3d586b73242f5a5bbf0a72f2fdc6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0c4bb32ad7fdc2dc6a8050f41eb04d4bda56b6c8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/672f0f3b8f875ffe6525a37847eafa7648c4c0c6","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/71c52da13c3737493b42d20d9f33de34e03b3156","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/95bda3eac0b1454c2cee98d58d9ba6dd8391e843","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/975a84fd741440853380d37465b6e226cf47254c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/9772589b57e44aedc240211c5c3f7a684a034d3a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ccfe292a966079c61ea68a2da303b2a336170993","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53239","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.840","lastModified":"2026-07-08T13:06:06.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()\n\nFix the race by pruning the bin while still holding xfrm_policy_lock,\nbefore dropping it. Use __xfrm_policy_inexact_prune_bin() directly since\nthe lock is already held. The wrapper xfrm_policy_inexact_prune_bin()\nbecomes unused and is removed.\n\nRace:\n\n  CPU0 (XFRM_MSG_DELPOLICY)           CPU1 (XFRM_MSG_NEWSPDINFO)\n  ==========================          ==========================\n  xfrm_policy_bysel_ctx():\n    spin_lock_bh(xfrm_policy_lock)\n    bin = xfrm_policy_inexact_lookup()\n    __xfrm_policy_unlink(pol)\n    spin_unlock_bh(xfrm_policy_lock)\n    xfrm_policy_kill(ret)\n    // wide window, lock not held\n                                       xfrm_hash_rebuild():\n                                         spin_lock_bh(xfrm_policy_lock)\n                                         __xfrm_policy_inexact_flush():\n                                           kfree_rcu(bin)  // bin freed\n                                         spin_unlock_bh(xfrm_policy_lock)\n    xfrm_policy_inexact_prune_bin(bin)\n    // UAF: bin is freed"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xfrm/xfrm_policy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"8fc536e9f6856230f19c7d13e71af064b6a77b22","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"c4c1ea36d83bf3c4569468ca5b8b614fda1bf821","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"25c8c7fb3b0b9668c7d05e209f58c158d2b020c7","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"42827d03f8009a6a218bacab153e21f39d6a121c","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"88697cf980222d5906a37bf47662dac0732e2a0f","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"b5316e2b8614a87d8736941972441cb47bfd4491","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"ec82ea4eb220164d854f8734ca5a35e23e577b94","versionType":"git","status":"affected"},{"version":"6be3b0db6db82cf056a72cc18042048edd27f8ee","lessThan":"7f2d76c9c03257c0782afef9d95321fa04096f60","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xfrm/xfrm_policy.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.0","status":"affected"},{"version":"0","lessThan":"5.0","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0","versionEndExcluding":"5.10.259","matchCriteriaId":"1A9E792C-DB8D-45E1-BA0E-FADA558D6B15"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/25c8c7fb3b0b9668c7d05e209f58c158d2b020c7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/42827d03f8009a6a218bacab153e21f39d6a121c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7f2d76c9c03257c0782afef9d95321fa04096f60","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/88697cf980222d5906a37bf47662dac0732e2a0f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8fc536e9f6856230f19c7d13e71af064b6a77b22","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b5316e2b8614a87d8736941972441cb47bfd4491","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c4c1ea36d83bf3c4569468ca5b8b614fda1bf821","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ec82ea4eb220164d854f8734ca5a35e23e577b94","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53240","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:41.960","lastModified":"2026-07-08T13:05:31.967","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: iptfs: fix use-after-free on first_skb in __input_process_payload\n\n__input_process_payload() stores first_skb into xtfs->ra_newskb under\ndrop_lock when starting partial reassembly, then unlocks and breaks out\nof the processing loop. The post-loop check reads xtfs->ra_newskb\nwithout the lock to decide whether first_skb is still owned:\n\n    if (first_skb && first_iplen && !defer && first_skb != xtfs->ra_newskb)\n\nBetween spin_unlock and this read, a concurrent CPU running\niptfs_reassem_cont() (or the drop_timer hrtimer) can complete\nreassembly, NULL xtfs->ra_newskb, and free the skb. The check then\nevaluates first_skb != NULL as true, and pskb_trim/ip_summed/consume_skb\noperate on the freed skb — a use-after-free in skbuff_head_cache.\n\nReplace the unlocked read with a local bool that records whether\nfirst_skb was handed to the reassembly state in the current call. The\nflag is set after the existing spin_unlock, before the break, using the\npointer equality that is stable at that point (first_skb == skb iff\nfirst_skb was stored in ra_newskb)."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xfrm/xfrm_iptfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"3f3339885fb343b7b42d7c34717108ce07da24ae","lessThan":"8d9a79fbf5172d9c4c0146057af2360913265a11","versionType":"git","status":"affected"},{"version":"3f3339885fb343b7b42d7c34717108ce07da24ae","lessThan":"ff2ee35b6ce5fa8a8e24ea50b15733d5c8780198","versionType":"git","status":"affected"},{"version":"3f3339885fb343b7b42d7c34717108ce07da24ae","lessThan":"eb48730bb827d1550401a5d391903f9d90b493c8","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xfrm/xfrm_iptfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.14","status":"affected"},{"version":"0","lessThan":"6.14","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.14","versionEndExcluding":"6.18.36","matchCriteriaId":"F44E71B4-36C2-4FDD-9239-2EEBD641A1C8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc7:*:*:*:*:*:*","matchCriteriaId":"1039E95A-8CC3-4C88-8FF9-5C08EEB861C9"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/8d9a79fbf5172d9c4c0146057af2360913265a11","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/eb48730bb827d1550401a5d391903f9d90b493c8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ff2ee35b6ce5fa8a8e24ea50b15733d5c8780198","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53250","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:42.960","lastModified":"2026-07-08T13:04:07.603","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: cache csum_start/csum_offset to fix TOCTOU in xsk_skb_metadata()\n\nThe TX metadata area resides in the UMEM buffer which is memory-mapped\nand concurrently writable by userspace. In xsk_skb_metadata(),\ncsum_start and csum_offset are read from shared memory for bounds\nvalidation, then read again for skb assignment. A malicious userspace\napplication can race to overwrite these values between the two reads,\nbypassing the bounds check and causing out-of-bounds memory access\nduring checksum computation in the transmit path.\n\nFix this by reading csum_start and csum_offset into local variables\nonce, then using the local copies for both validation and assignment.\n\nNote that other metadata fields (flags, launch_time) and the cached\ncsum fields may be mutually inconsistent due to concurrent userspace\nwrites, but this is benign: the only security-critical invariant is\nthat each field's validated value is the same one used, which local\ncaching guarantees."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/xdp/xsk.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"48eb03dd26304c24f03bdbb9382e89c8564e71df","lessThan":"0dfe05b938435892875e07771170051346412df9","versionType":"git","status":"affected"},{"version":"48eb03dd26304c24f03bdbb9382e89c8564e71df","lessThan":"bfdfd2706d5fb2cd496a1506e680daf979309c8b","versionType":"git","status":"affected"},{"version":"48eb03dd26304c24f03bdbb9382e89c8564e71df","lessThan":"22ba97ea9cc1f63a0d0244fae38057ed452b6ac7","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/xdp/xsk.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.8","status":"affected"},{"version":"0","lessThan":"6.8","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-367"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.8","versionEndExcluding":"6.18.36","matchCriteriaId":"D3538284-FFD4-4105-A79C-901B10A64A4C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0dfe05b938435892875e07771170051346412df9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/22ba97ea9cc1f63a0d0244fae38057ed452b6ac7","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bfdfd2706d5fb2cd496a1506e680daf979309c8b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53251","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.047","lastModified":"2026-07-08T16:51:26.347","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix not releasing hdev reference on iso_conn_big_sync\n\nhci_get_route() returns a reference-counted hci_dev pointer via\nhci_dev_hold(). The function exits normally or with an error without ever\nreleasing it."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/iso.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1360e5b6ce63d63d23223a659ca2bbafa30a53aa","lessThan":"4bbec25f47b930101294fd310c627c3f53e9661f","versionType":"git","status":"affected"},{"version":"07a9342b94a91b306ed1cf6aa8254aea210764c9","lessThan":"33d677d2e3713d98012c3dbd4a9207f7d785b854","versionType":"git","status":"affected"},{"version":"07a9342b94a91b306ed1cf6aa8254aea210764c9","lessThan":"23e8eb16820b866528fb300dc67fe3f67f00ef62","versionType":"git","status":"affected"},{"version":"07a9342b94a91b306ed1cf6aa8254aea210764c9","lessThan":"5cbf290b79351971f20c7a533247e8d58a3f970c","versionType":"git","status":"affected"},{"version":"bfec1e55314896bf4a4cfdb3a9ad4872be9f06ed","versionType":"git","status":"affected"},{"version":"6.12.2","lessThan":"6.12.94","versionType":"semver","status":"affected"},{"version":"6.11.11","lessThan":"6.12","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/iso.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.13","status":"affected"},{"version":"0","lessThan":"6.13","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-772"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.11.11","versionEndExcluding":"6.12","matchCriteriaId":"4CBF5F6E-D446-4CAE-AAA4-413442319824"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.2","versionEndExcluding":"6.12.94","matchCriteriaId":"18CC1B47-674B-4A44-90C8-E21FD96CFC54"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/23e8eb16820b866528fb300dc67fe3f67f00ef62","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/33d677d2e3713d98012c3dbd4a9207f7d785b854","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4bbec25f47b930101294fd310c627c3f53e9661f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5cbf290b79351971f20c7a533247e8d58a3f970c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53252","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.137","lastModified":"2026-07-08T16:48:59.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: fix memory leak in error path of hci_alloc_dev()\n\nEarly failures in Bluetooth HCI UART configuration leak SRCU percpu\nmemory.\n\nWhen device initialization fails before hci_register_dev() completes,\nthe HCI_UNREGISTER flag is never set. As a result, when the device\nreference count reaches zero, bt_host_release() evaluates this flag as\nfalse and falls back to a direct kfree(hdev).\n\nBecause hci_release_dev() is bypassed, the SRCU struct initialized\nearly in hci_alloc_dev() is never cleaned up, resulting in a leak of\npercpu memory.\n\nFix the leak by explicitly calling cleanup_srcu_struct() in the\nfallback (unregistered) branch of bt_host_release() before freeing\nthe device."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/hci_sysfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"90dee0a0ff84fac8accd5be98412b3819f667149","lessThan":"5b7dfca6f852e6b9d809fd0263b5427cc9fb33fd","versionType":"git","status":"affected"},{"version":"c56b177efce8b62798e4d96bdb9867106cb7c4a0","lessThan":"c016118b9e51eeaf5bc93850d4c455a3b583c0aa","versionType":"git","status":"affected"},{"version":"bc0819a25e04cd68ef3568cfa51b63118fea39a7","lessThan":"0622e527a31d4b44737fed5c1a2ac1fc2cfb5184","versionType":"git","status":"affected"},{"version":"ce23b73f0f27e2dbeb81734a79db710f05aa33c6","lessThan":"bc2efe73c194a74839d7cf57b63880d97e21d309","versionType":"git","status":"affected"},{"version":"1d6123102e9fbedc8d25bf4731da6d513173e49e","lessThan":"ce4b4cac3c5749b6aa75e62e2991ae2263f2f889","versionType":"git","status":"affected"},{"version":"1d6123102e9fbedc8d25bf4731da6d513173e49e","lessThan":"f82799407a50af7bcacacf09cc9b279af8fe9b81","versionType":"git","status":"affected"},{"version":"1d6123102e9fbedc8d25bf4731da6d513173e49e","lessThan":"37b3009bf5976e8ab77c8b9a9bc3bbd7ff49e37f","versionType":"git","status":"affected"},{"version":"dd4becd3fd4102696e1c15e6d260a1712a2d8685","versionType":"git","status":"affected"},{"version":"0e5c144c557df910ab64d9c25d06399a9a735e65","versionType":"git","status":"affected"},{"version":"5.15.209","lessThan":"5.15.210","versionType":"semver","status":"affected"},{"version":"6.1.167","lessThan":"6.1.176","versionType":"semver","status":"affected"},{"version":"6.6.97","lessThan":"6.6.143","versionType":"semver","status":"affected"},{"version":"6.12.36","lessThan":"6.12.94","versionType":"semver","status":"affected"},{"version":"5.10.259","lessThan":"5.11","versionType":"semver","status":"affected"},{"version":"6.15.5","lessThan":"6.16","versionType":"semver","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/hci_sysfs.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.16","status":"affected"},{"version":"0","lessThan":"6.16","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.259","versionEndExcluding":"5.11","matchCriteriaId":"52F60680-8824-4BB5-AF9B-B593D23018AE"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.167","versionEndExcluding":"6.1.176","matchCriteriaId":"EA4D47D7-0677-4EA5-A70C-E66CDE321414"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6.97","versionEndExcluding":"6.6.143","matchCriteriaId":"8C5F210A-4D29-4A1A-A880-4FECCDC57247"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12.36","versionEndExcluding":"6.12.94","matchCriteriaId":"34DC91E5-0FE4-476B-907F-F40D3F5F1197"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.15.5","versionEndExcluding":"6.16","matchCriteriaId":"D10C9120-0117-4346-95CC-E5D06B9133C4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16.1","versionEndExcluding":"6.18.36","matchCriteriaId":"1A9D8D37-BEDC-49CA-9E82-4D6B11A5675C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:5.15.209:*:*:*:*:*:*:*","matchCriteriaId":"06EE5040-044C-46B4-B840-27D15DB507EC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:-:*:*:*:*:*:*","matchCriteriaId":"6238B17D-C12B-458F-A138-97039BFC4595"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc4:*:*:*:*:*:*","matchCriteriaId":"A0517869-312D-4429-80C2-561086E1421C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc5:*:*:*:*:*:*","matchCriteriaId":"85421F4E-C863-4ABF-B4B4-E887CC2F7F92"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc6:*:*:*:*:*:*","matchCriteriaId":"3827F0D4-5FEE-4181-B267-5A45E7CA11FC"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.16:rc7:*:*:*:*:*:*","matchCriteriaId":"7A9C2DE5-43B8-4D73-BDB5-EA55C7671A52"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0622e527a31d4b44737fed5c1a2ac1fc2cfb5184","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/37b3009bf5976e8ab77c8b9a9bc3bbd7ff49e37f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/5b7dfca6f852e6b9d809fd0263b5427cc9fb33fd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bc2efe73c194a74839d7cf57b63880d97e21d309","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c016118b9e51eeaf5bc93850d4c455a3b583c0aa","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ce4b4cac3c5749b6aa75e62e2991ae2263f2f889","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f82799407a50af7bcacacf09cc9b279af8fe9b81","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53253","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.253","lastModified":"2026-07-08T16:46:13.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: bnep: reject short frames before parsing\n\nA BNEP peer can send a short BNEP SDU. bnep_rx_frame() reads the\npacket type byte immediately and, for control packets, reads the control\nopcode and setup UUID-size byte before proving that those bytes are\npresent. bnep_rx_control() also dereferences the control opcode without\nrejecting an empty control payload.\n\nUse skb_pull_data() for the fixed fields in bnep_rx_frame() so a NULL\nreturn gates each dereference. Split the control handler so the frame\npath can pass an opcode that has already been pulled, and keep the\nbyte-buffer wrapper for extension control payloads.\n\nFor BNEP_SETUP_CONN_REQ, name the UUID-size byte before pulling the\nsetup payload. struct bnep_setup_conn_req carries destination and source\nservice UUIDs after that byte, each uuid_size bytes, so the parser now\ndocuments that tuple explicitly instead of leaving the pull length as an\nopaque multiplication.\n\nValidation reproduced this kernel report:\nKASAN slab-out-of-bounds in bnep_rx_frame.isra.0+0x130c/0x1790\nThe buggy address belongs to the object at ffff88800c0f7908 which belongs\nto the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes to the right of allocated 1-byte\nregion [ffff88800c0f7908, ffff88800c0f7909)\nRead of size 1\nCall trace:\n  dump_stack_lvl+0xb3/0x140 (?:?)\n  print_address_description+0x57/0x3a0 (?:?)\n  bnep_rx_frame+0x130c/0x1790 (net/bluetooth/bnep/core.c:306)\n  print_report+0xb9/0x2b0 (?:?)\n  __virt_addr_valid+0x1ba/0x3a0 (?:?)\n  srso_alias_return_thunk+0x5/0xfbef5 (?:?)\n  kasan_addr_to_slab+0x21/0x60 (?:?)\n  kasan_report+0xe0/0x110 (?:?)\n  process_one_work+0xfce/0x17e0 (kernel/workqueue.c:3200)\n  worker_thread+0x65c/0xe40 (?:?)\n  __kthread_parkme+0x184/0x230 (?:?)\n  kthread+0x35e/0x470 (?:?)\n  _raw_spin_unlock_irq+0x28/0x50 (?:?)\n  ret_from_fork+0x586/0x870 (?:?)\n  __switch_to+0x74f/0xdc0 (?:?)\n  ret_from_fork_asm+0x1a/0x30 (?:?)"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/bnep/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"0ef2ea86c82b2615902d085cd5a586fe9f58994f","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"2b83afb19293e4de700edae306115f18966dc4f9","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"691f14b6a48b637655755134f1e551c7c6fedc2e","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"d76dec1a37122bc16d83d059c08c0512ea8de909","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"c893e17d2809ec9c4b3f1cdd5847cecbc27a311b","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"be837cd09897e9e6e1958174501d467bdcbcc2bc","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"6770d3a8acdf9151769180cc3710346c4cfbe6f0","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/bnep/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.15.210","matchCriteriaId":"9C9C01DE-8B58-4685-BE17-27C5DE19C71B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0ef2ea86c82b2615902d085cd5a586fe9f58994f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2b83afb19293e4de700edae306115f18966dc4f9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6770d3a8acdf9151769180cc3710346c4cfbe6f0","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/691f14b6a48b637655755134f1e551c7c6fedc2e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/be837cd09897e9e6e1958174501d467bdcbcc2bc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c893e17d2809ec9c4b3f1cdd5847cecbc27a311b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/d76dec1a37122bc16d83d059c08c0512ea8de909","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53254","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.373","lastModified":"2026-07-08T16:45:33.413","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: validate skb length in MCC handlers\n\nThe RFCOMM MCC handlers cast skb->data to protocol-specific structs\nwithout validating skb->len first. A malicious remote device can send\ntruncated MCC frames and trigger out-of-bounds reads in these handlers.\n\nFix this by using skb_pull_data() to validate and access the required\ndata before dereferencing it.\n\nrfcomm_recv_rpn() requires special handling since ETSI TS 07.10 allows\n1-byte RPN requests. Handle this by validating only the DLCI byte first,\nand validating the full struct only when len > 1."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/rfcomm/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"7c15c7c2878957cbfed93bcc29c13fdace464254","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"0d637136ce89f9a2309b2c3502402ce400dab0ef","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"98377e6b1a1a56561ec66a181573ea2b61b2079e","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"1b070ac9e99c2c2c3a8112943ca98ab6fca7f10c","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"3eabc6d47a0ad22b053329997aaf0ec1e581e392","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"08b9c1fbe78f4ad3f6250c6541cfaabdbeb81997","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"23882b828c3c8c51d0c946446a396b10abb3b16b","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/rfcomm/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.15.210","matchCriteriaId":"9C9C01DE-8B58-4685-BE17-27C5DE19C71B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/08b9c1fbe78f4ad3f6250c6541cfaabdbeb81997","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/0d637136ce89f9a2309b2c3502402ce400dab0ef","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1b070ac9e99c2c2c3a8112943ca98ab6fca7f10c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/23882b828c3c8c51d0c946446a396b10abb3b16b","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3eabc6d47a0ad22b053329997aaf0ec1e581e392","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/7c15c7c2878957cbfed93bcc29c13fdace464254","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/98377e6b1a1a56561ec66a181573ea2b61b2079e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53255","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.480","lastModified":"2026-07-08T16:44:20.713","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: validate advertising TLV before type checks\n\ntlv_data_is_valid() reads each advertising data field length from\ndata[i], then inspects data[i + 1] for managed EIR types before\nchecking that the current field still fits inside the supplied buffer.\n\nA malformed field whose length byte is the last byte of the buffer can\ntherefore make the parser read one byte past the advertising data.\n\nKASAN reported the following when a malformed MGMT_OP_ADD_ADVERTISING\nrequest reached that path:\n\n  BUG: KASAN: vmalloc-out-of-bounds in tlv_data_is_valid()\n  Read of size 1\n  Call trace:\n    tlv_data_is_valid()\n    add_advertising()\n    hci_mgmt_cmd()\n    hci_sock_sendmsg()\n\nMove the existing element-length check before any type-octet inspection\nso each non-empty element is proven to contain its type byte before the\nparser looks at data[i + 1]."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/mgmt.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"13ad995071a06570668dd8daab3616c247c72080","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"06fcbd79c3c360a50f9be9d370769bbd738d0976","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"f7093ac233c1e7f51d125534f46067772a113175","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"74c08e4db35a476c3462aeb65846f955be732626","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"18fea1cb0c2599752e908c8217490f73ddd33e00","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"1a3c8ffbb469859b076445af44bdfa6a711d483e","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"2a3f3ed9e198ae23c15859ace2f9ca6cfdc35b57","versionType":"git","status":"affected"},{"version":"2bb36870e8cb29949ef9acec37129cd8e70f1857","lessThan":"de23fb62259aa01d294f77238ae3b835eb674413","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/mgmt.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"4.9","status":"affected"},{"version":"0","lessThan":"4.9","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.9","versionEndExcluding":"5.10.259","matchCriteriaId":"16757D5D-A936-4C6B-9458-0CCE90C2EE13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/06fcbd79c3c360a50f9be9d370769bbd738d0976","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/13ad995071a06570668dd8daab3616c247c72080","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/18fea1cb0c2599752e908c8217490f73ddd33e00","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1a3c8ffbb469859b076445af44bdfa6a711d483e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/2a3f3ed9e198ae23c15859ace2f9ca6cfdc35b57","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/74c08e4db35a476c3462aeb65846f955be732626","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/de23fb62259aa01d294f77238ae3b835eb674413","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f7093ac233c1e7f51d125534f46067772a113175","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53256","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.593","lastModified":"2026-07-08T16:42:18.713","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind()\n\nrfcomm_get_sock_by_channel() scans rfcomm_sk_list under the list lock,\nbut returns the selected listener after dropping that lock without\ntaking a reference. rfcomm_connect_ind() then locks the listener,\nqueues a child socket on it, and may notify it after unlocking it.\n\nThe buggy scenario involves two paths, with each column showing the\norder within that path:\n\nrfcomm_connect_ind():            listener close:\n  1. Find parent in              1. close() enters\n     rfcomm_get_sock_by_channel()   rfcomm_sock_release().\n  2. Drop rfcomm_sk_list.lock    2. rfcomm_sock_shutdown()\n     without pinning parent.        closes the listener.\n  3. Call lock_sock(parent) and  3. rfcomm_sock_kill()\n     bt_accept_enqueue(parent,      unlinks and puts parent.\n     sk, true).\n  4. Read parent flags and may   4. parent can be freed.\n     call sk_state_change().\n\nIf close wins the race, parent can be freed before\nrfcomm_connect_ind() reaches lock_sock(), bt_accept_enqueue(), or the\ndeferred-setup callback.\n\nTake a reference on the listener before leaving rfcomm_sk_list.lock.\nAfter lock_sock() succeeds, recheck that it is still in BT_LISTEN\nbefore queueing a child, cache the deferred-setup bit while the parent\nis locked, and drop the reference after the last parent use.\n\nKASAN reported a slab-use-after-free in lock_sock_nested() from\nrfcomm_connect_ind(), with the freeing stack going through\nrfcomm_sock_kill() and rfcomm_sock_release()."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/bluetooth/rfcomm/sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"f5ec76bdbeb80f75ad0be204371afffee0f8fac8","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"a07d741c077d4e34b16458241a94d29039386553","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"1f73f92f66251065a5f39b09a47cf05ea14d3107","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"de31973ef00e5aa55496f84cf6a44bb157a34e02","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"b0e33e409715c617e2a20f46f99aa5403a14dfda","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"8802413ce63175fb522a2bd609fb043a3550c720","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"6f4462d12133106460d7c046b95aad2491e3fddf","versionType":"git","status":"affected"},{"version":"1da177e4c3f41524e886b7f1b8a0c1fc7321cac2","lessThan":"43c441edacf953b39517a44f5e5e10a93618b226","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/bluetooth/rfcomm/sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.12","status":"affected"},{"version":"0","lessThan":"2.6.12","versionType":"semver","status":"unaffected"},{"version":"5.10.259","lessThanOrEqual":"5.10.*","versionType":"semver","status":"unaffected"},{"version":"5.15.210","lessThanOrEqual":"5.15.*","versionType":"semver","status":"unaffected"},{"version":"6.1.176","lessThanOrEqual":"6.1.*","versionType":"semver","status":"unaffected"},{"version":"6.6.143","lessThanOrEqual":"6.6.*","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.1,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12.1","versionEndExcluding":"5.10.259","matchCriteriaId":"1D09A811-8082-4A08-AF10-F1F8501C5596"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.210","matchCriteriaId":"5E938CDF-D1C4-43D0-98DC-9E11B6B55801"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.176","matchCriteriaId":"C4446623-5F2B-4DD8-8666-9FAAC285A757"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.143","matchCriteriaId":"9062F1CD-CAD6-4EA2-A73F-C06D4A887B8C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:-:*:*:*:*:*:*","matchCriteriaId":"6F62EECE-8FB1-4D57-85D8-CB9E23CF313C"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*","matchCriteriaId":"4F76C298-81DC-43E4-8FC9-DC005A2116EF"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*","matchCriteriaId":"0AB349B2-3F78-4197-882B-90ADB3BF645A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*","matchCriteriaId":"6AC88830-A9BC-4607-B572-A4B502FC9FD0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*","matchCriteriaId":"476CB3A5-D022-4F13-AAEF-CB6A5785516A"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1f73f92f66251065a5f39b09a47cf05ea14d3107","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/43c441edacf953b39517a44f5e5e10a93618b226","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/6f4462d12133106460d7c046b95aad2491e3fddf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/8802413ce63175fb522a2bd609fb043a3550c720","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a07d741c077d4e34b16458241a94d29039386553","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/b0e33e409715c617e2a20f46f99aa5403a14dfda","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/de31973ef00e5aa55496f84cf6a44bb157a34e02","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f5ec76bdbeb80f75ad0be204371afffee0f8fac8","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53257","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.713","lastModified":"2026-07-08T16:40:58.443","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: enforce HE/EHT cap/oper consistency\n\nXiang Mei reports that mac80211 could crash if eht_cap is set\nbut eht_oper isn't. Rather than fixing that for the individual\nuser(s), enforce that both HE/EHT have consistent elements."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/wireless/nl80211.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"22c64f37e1d4e757b0073a72f1439c2c3509c5cb","lessThan":"0f5e9ddd7e8e7758771a63cdd498a2007dc8da7a","versionType":"git","status":"affected"},{"version":"22c64f37e1d4e757b0073a72f1439c2c3509c5cb","lessThan":"cb9959ab5f99611d27a06586add84811fe8102dc","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/wireless/nl80211.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.16","status":"affected"},{"version":"0","lessThan":"6.16","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"7.0.13","matchCriteriaId":"7B612572-0B7C-4F1E-894D-060FED494683"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/0f5e9ddd7e8e7758771a63cdd498a2007dc8da7a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cb9959ab5f99611d27a06586add84811fe8102dc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53258","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.800","lastModified":"2026-07-08T16:40:07.403","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: fix leak if split 6 GHz scanning fails\n\nrdev->int_scan_req is leaked if cfg80211_scan() fails.  Note that it's\nsupposed to be released at ___cfg80211_scan_done() but this doesn't happen\nas rdev->scan_req is NULL at that point, too, leading to the early return\nfrom the freeing function.\n\nunreferenced object 0xffff8881161d0800 (size 512):\n  comm \"wpa_supplicant\", pid 379, jiffies 4294749765\n  hex dump (first 32 bytes):\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 f0 81 13 16 81 88 ff ff  ................\n  backtrace (crc c867fdb6):\n    kmemleak_alloc+0x89/0x90\n    __kmalloc_noprof+0x2fd/0x410\n    cfg80211_scan+0x133/0x730\n    nl80211_trigger_scan+0xc69/0x1cc0\n    genl_family_rcv_msg_doit+0x204/0x2f0\n    genl_rcv_msg+0x431/0x6b0\n    netlink_rcv_skb+0x143/0x3f0\n    genl_rcv+0x27/0x40\n    netlink_unicast+0x4f6/0x820\n    netlink_sendmsg+0x797/0xce0\n    __sock_sendmsg+0xc4/0x160\n    ____sys_sendmsg+0x5e4/0x890\n    ___sys_sendmsg+0xf8/0x180\n    __sys_sendmsg+0x136/0x1e0\n    __x64_sys_sendmsg+0x76/0xc0\n    x64_sys_call+0x13f0/0x17d0\n\nFound by Linux Verification Center (linuxtesting.org)."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/wireless/scan.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c8cb5b854b40f2ce52ccd032fa19750f4181d5fc","lessThan":"fb8db813eba2e56ee001c9fb5c2ce2cb78c42642","versionType":"git","status":"affected"},{"version":"c8cb5b854b40f2ce52ccd032fa19750f4181d5fc","lessThan":"a24134ddc18b4d440714365637d440b7121447b9","versionType":"git","status":"affected"},{"version":"c8cb5b854b40f2ce52ccd032fa19750f4181d5fc","lessThan":"e8694f7cc29287e843648d1075177b9a2000d957","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/wireless/scan.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"5.10","status":"affected"},{"version":"0","lessThan":"5.10","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10","versionEndExcluding":"6.18.36","matchCriteriaId":"71576ED2-59A4-421C-AFAF-7379A7DAE364"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/a24134ddc18b4d440714365637d440b7121447b9","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e8694f7cc29287e843648d1075177b9a2000d957","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fb8db813eba2e56ee001c9fb5c2ce2cb78c42642","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53259","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.893","lastModified":"2026-07-08T16:39:16.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: anycast: insert aca into global hash under idev->lock\n\nsyzbot reported a splat [1]: a slab-use-after-free in\nipv6_chk_acast_addr(), which walks the global inet6_acaddr_lst[] hash\nunder RCU and dereferences a struct ifacaddr6 that has already been\nfreed while still linked in the hash, so a later reader walks into a\ndangling node.\n\nIn __ipv6_dev_ac_inc() the aca is allocated with refcount 1, then\naca_get() bumps it to 2 to keep it alive across the unlocked region.\nIt is published to idev->ac_list under idev->lock, but\nipv6_add_acaddr_hash() runs after write_unlock_bh(). A concurrent\nteardown (ipv6_ac_destroy_dev() from addrconf_ifdown(), under RTNL)\ncan slip into that window:\n\n  CPU0 __ipv6_dev_ac_inc           CPU1 ipv6_ac_destroy_dev (RTNL)\n  ------------------------------   ------------------------------------\n  aca_alloc()              refcnt 1\n  aca_get()               refcnt 2\n  write_lock_bh(idev->lock)\n    add aca to ac_list\n  write_unlock_bh(idev->lock)\n                                   write_lock_bh(idev->lock)\n                                     pull aca off ac_list\n                                   write_unlock_bh(idev->lock)\n                                   ipv6_del_acaddr_hash(aca)\n                                     hlist_del_init_rcu() is a no-op,\n                                     aca is not in the hash yet\n                                   aca_put()           refcnt 2->1\n  ipv6_add_acaddr_hash(aca)\n    aca now inserted into the hash\n  aca_put()                refcnt 1->0\n    call_rcu(aca_free_rcu) -> kfree(aca)\n\nThe hash removal becomes a no-op because the insertion has not\nhappened yet, so once CPU0 inserts and drops the last reference, the\naca is freed while still linked in inet6_acaddr_lst[], and readers\ndereference freed memory after the slab slot is reused.\n\nThis window opened once RTNL stopped serializing the join path against\ndevice teardown. Move ipv6_add_acaddr_hash() inside the idev->lock\nsection so the ac_list and hash insertions are atomic with respect to\nteardown: a racing remover now either misses the aca entirely or finds\nit in both lists.\n\nacaddr_hash_lock is now nested under idev->lock, which is acquired in\nsoftirq context, so switch all acaddr_hash_lock sites to spin_lock_bh()\nto avoid the irq lock inversion reported in [2].\n\n[1] https://syzkaller.appspot.com/bug?extid=a01df04303c131efbf3a\n[2] https://lore.kernel.org/netdev/6a194ef7.ba3b1513.1890b4.0000.GAE@google.com/"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/ipv6/anycast.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"eb1ac9ff6c4a5720b1a1476233be374c5dc44bff","lessThan":"15be7e9fdbff831fb3e89b83cc337a4f85ad3310","versionType":"git","status":"affected"},{"version":"eb1ac9ff6c4a5720b1a1476233be374c5dc44bff","lessThan":"3a967c498baa976b11d4800dda224c507416e97c","versionType":"git","status":"affected"},{"version":"eb1ac9ff6c4a5720b1a1476233be374c5dc44bff","lessThan":"f723ccaff2fb72b71ae8a9fd283f0dee4d9ae7a3","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/ipv6/anycast.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.17","status":"affected"},{"version":"0","lessThan":"6.17","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.18.36","matchCriteriaId":"43D90067-1014-46EC-861E-3BAF5F823B65"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/15be7e9fdbff831fb3e89b83cc337a4f85ad3310","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3a967c498baa976b11d4800dda224c507416e97c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f723ccaff2fb72b71ae8a9fd283f0dee4d9ae7a3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53260","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:43.993","lastModified":"2026-07-08T15:25:49.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req().\n\nsyzbot reported a weird reqsk->rsk_refcnt underflow in\n__inet_csk_reqsk_queue_drop().\n\nThe captured reqsk_put() in __inet_csk_reqsk_queue_drop()\nis called only when it successfully removes reqsk from ehash.\n\nMoreover, reqsk_timer_handler() calls another reqsk_put()\nafter that.\n\nThis indicates that the reqsk was missing both refcnts for\nehash and the timer itself.\n\nSince all the syzbot reports had PREEMPT_RT enabled, the only\npossible scenario is that reqsk_queue_hash_req() is preempted\nafter mod_timer() and before refcount_set(), and then the timer\ntriggered after 1s aborts the reqsk due to its listener's close().\n\nLet's wrap mod_timer() and refcount_set() with\npreempt_disable_nested() and preempt_enable_nested().\n\nNote that inet_ehash_insert() holds the normal spin_lock()\n(mutex in PREEMPT_RT), so it must be called outside of\npreempt_disable_nested(), but this is fine.\n\nThe lookup path just ignores 0 sk_refcnt entries in ehash\nand tries to create another reqsk, but this will fail at\ninet_ehash_insert().\n\n[0]:\nrefcount_t: underflow; use-after-free.\nWARNING: lib/refcount.c:28 at refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28, CPU#0: ktimers/0/16\nModules linked in:\nCPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)}\nTainted: [L]=SOFTLOCKUP\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026\nRIP: 0010:refcount_warn_saturate+0xb2/0x110 lib/refcount.c:28\nCode: e4 7d d1 0a 67 48 0f b9 3a eb 4a e8 38 3d 23 fd 48 8d 3d e1 7d d1 0a 67 48 0f b9 3a eb 37 e8 25 3d 23 fd 48 8d 3d de 7d d1 0a <67> 48 0f b9 3a eb 24 e8 12 3d 23 fd 48 8d 3d db 7d d1 0a 67 48 0f\nRSP: 0000:ffffc90000157948 EFLAGS: 00010246\nRAX: ffffffff84a1301b RBX: 0000000000000003 RCX: ffff88801ca98000\nRDX: 0000000000000100 RSI: 0000000000000000 RDI: ffffffff8f72ae00\nRBP: ffffffff99ae3b01 R08: ffff88801ca98000 R09: 0000000000000005\nR10: 0000000000000100 R11: 0000000000000004 R12: ffff8880425ef568\nR13: ffff8880425ef4f8 R14: ffff8880425ef578 R15: 0000000000000000\nFS:  0000000000000000(0000) GS:ffff888126386000(0000) knlGS:0000000000000000\nCS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f7b46710e9c CR3: 000000000dbb6000 CR4: 00000000003526f0\nCall Trace:\n <TASK>\n __refcount_sub_and_test include/linux/refcount.h:400 [inline]\n __refcount_dec_and_test include/linux/refcount.h:432 [inline]\n refcount_dec_and_test include/linux/refcount.h:450 [inline]\n reqsk_put include/net/request_sock.h:136 [inline]\n __inet_csk_reqsk_queue_drop+0x3ce/0x440 net/ipv4/inet_connection_sock.c:1007\n reqsk_timer_handler+0x651/0xdf0 net/ipv4/inet_connection_sock.c:1137\n call_timer_fn+0x192/0x5e0 kernel/time/timer.c:1748\n expire_timers kernel/time/timer.c:1799 [inline]\n __run_timers kernel/time/timer.c:2374 [inline]\n __run_timer_base+0x6a3/0x9f0 kernel/time/timer.c:2386\n run_timer_base kernel/time/timer.c:2395 [inline]\n run_timer_softirq+0x67/0x170 kernel/time/timer.c:2403\n handle_softirqs+0x1de/0x6d0 kernel/softirq.c:622\n __do_softirq kernel/softirq.c:656 [inline]\n run_ktimerd+0x69/0x100 kernel/softirq.c:1151\n smpboot_thread_fn+0x541/0xa50 kernel/smpboot.c:160\n kthread+0x388/0x470 kernel/kthread.c:436\n ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245\n </TASK>"}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/ipv4/inet_connection_sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"d2d6422f8bd17c6bb205133e290625a564194496","lessThan":"b183215ff714efb747d9d5a429322ba6404b5401","versionType":"git","status":"affected"},{"version":"d2d6422f8bd17c6bb205133e290625a564194496","lessThan":"e10902df24488ca722303133acfc82490f7d59ad","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/ipv4/inet_connection_sock.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.12","status":"affected"},{"version":"0","lessThan":"6.12","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.12","versionEndExcluding":"7.0.13","matchCriteriaId":"5F7CA1CD-70DF-41F4-8C32-AFEA390C118F"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/b183215ff714efb747d9d5a429322ba6404b5401","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e10902df24488ca722303133acfc82490f7d59ad","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53261","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:44.100","lastModified":"2026-07-08T15:17:32.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: Release nested relation on devlink free\n\ndevlink relation state is normally released from devl_unregister(), which\ncalls devlink_rel_put(). This misses devlink instances that get a nested\nrelation before registration and then fail probe before devl_register() is\nreached.\n\nThat flow can happen for SFs. The child devlink gets linked to its\nparent before registration, then a later probe error calls devlink_free()\ndirectly. Since the instance was never registered, devl_unregister() is not\ncalled and devlink->rel is leaked.\n\nRelease any pending relation from devlink_free() as well. The registered\npath is unchanged because devl_unregister() already clears devlink->rel\nbefore devlink_free() runs."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/devlink/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"c137743bce02b18c1537d4681aa515f7b80bf0a8","lessThan":"a9137286884703113b1c9e6403bd6d7d97b14754","versionType":"git","status":"affected"},{"version":"c137743bce02b18c1537d4681aa515f7b80bf0a8","lessThan":"927f96861f939c0b517d13ed27bf4fabbfc1cfb3","versionType":"git","status":"affected"},{"version":"c137743bce02b18c1537d4681aa515f7b80bf0a8","lessThan":"11324d52b0c63f4f202b35793c6507a575e9a689","versionType":"git","status":"affected"},{"version":"c137743bce02b18c1537d4681aa515f7b80bf0a8","lessThan":"3522b21fd7e1863d0734537737bd59f1b90d0190","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/devlink/core.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"6.7","status":"affected"},{"version":"0","lessThan":"6.7","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.12.94","matchCriteriaId":"85421C0C-ABDE-4357-971C-67F9087DE1B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/11324d52b0c63f4f202b35793c6507a575e9a689","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/3522b21fd7e1863d0734537737bd59f1b90d0190","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/927f96861f939c0b517d13ed27bf4fabbfc1cfb3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a9137286884703113b1c9e6403bd6d7d97b14754","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-53262","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2026-06-25T09:16:44.190","lastModified":"2026-07-08T15:15:55.710","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nl2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()\n\npppol2tp_ioctl() read sock->sk->sk_user_data directly without any\nlocks or reference counting.  If a controllable sleep was induced during\ncopy_from_user() (e.g. via a userfaultfd page fault sleep), a concurrent\nsocket close could trigger pppol2tp_session_close() asynchronously.  This\nfrees the l2tp_session structure via the l2tp_session_del_work workqueue.\nUpon resuming, the ioctl thread dereferences the stale session pointer,\nresulting in a Use-After-Free (UAF).\n\nFix this by securely fetching the session reference using the RCU-safe,\nrefcounted helper pppol2tp_sock_to_session(sk) on entry.  This locks the\nsession's refcount across the sleep.  We structured the function to exit\nvia standard err breaks, guaranteeing that l2tp_session_put() is cleanly\ncalled on all return paths to drop the reference.\n\nTo preserve existing behavior we validate the session and its magic\nsignature only for the specific L2TP commands that require it.  This\nensures that generic/unknown ioctls called on an unconnected socket\nstill return -ENOIOCTLCMD and correctly fall back to generic handlers\n(e.g. in sock_do_ioctl())."}],"affected":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","affectedData":[{"vendor":"Linux","product":"Linux","defaultStatus":"unaffected","programFiles":["net/l2tp/l2tp_ppp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"fd558d186df2c13a22455373858bae634a4795af","lessThan":"78cdfdca88cbf731a92f3b9ee5427c633dd94e28","versionType":"git","status":"affected"},{"version":"fd558d186df2c13a22455373858bae634a4795af","lessThan":"e251d4cdfc725c9e7d686161e3b775a0e7d95053","versionType":"git","status":"affected"},{"version":"fd558d186df2c13a22455373858bae634a4795af","lessThan":"62f327e287cf7b595ae3f73ba72f5cd2a9e9f39f","versionType":"git","status":"affected"},{"version":"fd558d186df2c13a22455373858bae634a4795af","lessThan":"a213a8950414c684999dcf03edeea6c46ede172e","versionType":"git","status":"affected"}]},{"vendor":"Linux","product":"Linux","defaultStatus":"affected","programFiles":["net/l2tp/l2tp_ppp.c"],"repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","versions":[{"version":"2.6.35","status":"affected"},{"version":"0","lessThan":"2.6.35","versionType":"semver","status":"unaffected"},{"version":"6.12.94","lessThanOrEqual":"6.12.*","versionType":"semver","status":"unaffected"},{"version":"6.18.36","lessThanOrEqual":"6.18.*","versionType":"semver","status":"unaffected"},{"version":"7.0.13","lessThanOrEqual":"7.0.*","versionType":"semver","status":"unaffected"},{"version":"7.1","lessThanOrEqual":"*","versionType":"original_commit_for_fix","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.35","versionEndExcluding":"6.12.94","matchCriteriaId":"8E092CDC-D238-443D-B52B-C57704BE09B7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.13","versionEndExcluding":"6.18.36","matchCriteriaId":"389025D2-958D-41BD-BD96-70ED1033A9F3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"7.0.13","matchCriteriaId":"6A64BF9F-3BCA-42FD-98CB-8F03474D2B1E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc1:*:*:*:*:*:*","matchCriteriaId":"B1EF7059-E670-45F4-B422-54C40FA86390"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc2:*:*:*:*:*:*","matchCriteriaId":"0D38F0BF-A728-4133-A358-D44A2F7EE6D6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc3:*:*:*:*:*:*","matchCriteriaId":"EC732D08-5F7B-46D9-B154-E60C7F4F0A97"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc4:*:*:*:*:*:*","matchCriteriaId":"E5910A9D-F60A-409A-B486-FE66BFEBA9B9"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc5:*:*:*:*:*:*","matchCriteriaId":"81DFF19E-9CF8-49C6-8C36-1E4038622933"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:7.1:rc6:*:*:*:*:*:*","matchCriteriaId":"B0E8FC71-3952-444C-83E9-718DBBBEC615"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/62f327e287cf7b595ae3f73ba72f5cd2a9e9f39f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/78cdfdca88cbf731a92f3b9ee5427c633dd94e28","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a213a8950414c684999dcf03edeea6c46ede172e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/e251d4cdfc725c9e7d686161e3b775a0e7d95053","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-50740","sourceIdentifier":"support@hackerone.com","published":"2026-06-26T02:16:53.517","lastModified":"2026-07-08T20:16:51.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A missing sanitisation vulnerability of user input in the zone-include.php script exists in Revive Adserver 6.0.7 and earlier. A low‑privileged user could exploit the refresh parameter of the iFrame invocation tag to perform reflected XSS attacks."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Revive","product":"Adserver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV30":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-26T12:24:26.214843Z","id":"CVE-2026-50740","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:*","versionEndExcluding":"6.0.8","matchCriteriaId":"FD0ED938-344E-44B5-B3A6-793B968229B0"}]}]}],"references":[{"url":"https://hackerone.com/reports/3780806","source":"support@hackerone.com","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48090","sourceIdentifier":"security-advisories@github.com","published":"2026-06-26T19:16:41.590","lastModified":"2026-07-08T20:16:50.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Envoy is an open source edge and service proxy designed for cloud-native applications. From 1.37.0 until 1.37.5 and 1.38.3, the HTTP OAuth2 filter (envoy.filters.http.oauth2) can leave an in-flight async token exchange attached to a downstream stream that has already been torn down. A late AsyncClient completion can still invoke OAuth2Filter methods that use StreamDecoderFilterCallbacks after that object’s lifetime has ended, causing undefined behavior, worker crashes (availability loss), and use-after-free / invalid-vptr failures under AddressSanitizer. This is a memory-safety / lifetime issue in the data plane, not a trivial config bug. Remote code execution is not claimed here; the primary demonstrated impact is DoS via crash and UB; any further impact would be deployment- and allocator-dependent.  This vulnerability is fixed in 1.37.5 and 1.38.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"envoyproxy","product":"envoy","versions":[{"version":">= 1.38.0, < 1.38.3","status":"affected"},{"version":">= 1.37.0, < 1.37.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T12:01:33.641021Z","id":"CVE-2026-48090","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.37.0","versionEndExcluding":"1.37.5","matchCriteriaId":"2057BF79-00D1-4154-9DC0-3F278C72F4E1"},{"vulnerable":true,"criteria":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","versionStartIncluding":"1.38.0","versionEndExcluding":"1.38.3","matchCriteriaId":"2A218AD4-BF4B-46EA-96D7-3B25B7E71AC8"}]}]}],"references":[{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-3cj2-c63f-q26f","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/envoyproxy/envoy/security/advisories/GHSA-3cj2-c63f-q26f","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57676","sourceIdentifier":"audit@patchstack.com","published":"2026-06-29T09:16:31.147","lastModified":"2026-07-08T20:16:53.687","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels.\n\nThis issue affects Simple User Avatar: from n/a through 4.9."}],"affected":[{"source":"audit@patchstack.com","affectedData":[{"vendor":"Matteo Manna","product":"Simple User Avatar","defaultStatus":"unaffected","collectionURL":"https://wordpress.org/plugins","packageName":"simple-user-avatar","versions":[{"version":"n/a","lessThanOrEqual":"4.9","versionType":"custom","status":"affected","changes":[{"at":"5.0","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"audit@patchstack.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T10:23:41.207667Z","id":"CVE-2026-57676","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"audit@patchstack.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/simple-user-avatar/vulnerability/wordpress-simple-user-avatar-plugin-4-9-insecure-direct-object-references-idor-vulnerability?_s_id=cve","source":"audit@patchstack.com"}]}},{"cve":{"id":"CVE-2026-12856","sourceIdentifier":"secalert@redhat.com","published":"2026-06-29T14:16:41.473","lastModified":"2026-07-09T13:16:50.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the vscode-java extension, which provides Java language support for Visual Studio Code. The extension incorrectly trusts all Markdown content in JavaDoc hovers, allowing a malicious Java file to include hidden commands. If a user clicks a specially crafted link within a JavaDoc hover popup, an attacker can execute arbitrary VS Code commands, which can lead to full system compromise in trusted workspaces."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"devspaces/pluginregistry-rhel9","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"],"versions":[{"version":"1782989367","lessThan":"*","versionType":"rpm","status":"unaffected"}]}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift Dev Spaces 3.29","defaultStatus":"affected","cpes":["cpe:/a:redhat:openshift_devspaces:3.29::el9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-29T00:00:00+00:00","id":"CVE-2026-12856","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]},{"source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*","matchCriteriaId":"99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-12856","source":"secalert@redhat.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491278","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/redhat-developer/vscode-java/security/advisories/GHSA-7qv8-6qrw-3crv","source":"secalert@redhat.com","tags":["Broken Link"]},{"url":"https://access.redhat.com/errata/RHSA-2026:36820","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c"},{"url":"https://access.redhat.com/security/cve/CVE-2026-12856","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Mitigation","Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2491278","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Issue Tracking","Vendor Advisory"]},{"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-12856.json","source":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56290","sourceIdentifier":"security@joomla.org","published":"2026-06-29T15:16:42.360","lastModified":"2026-07-08T13:37:08.977","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"joomlack.fr","product":"JoomlaCK.fr Page Builder CK extension for Joomla","defaultStatus":"unaffected","versions":[{"version":"1.0-3.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:A/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:Red","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"ATTACKED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"RED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T00:00:00+00:00","id":"CVE-2026-56290","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2026-07-07","cisaActionDue":"2026-07-10","cisaRequiredAction":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","cisaVulnerabilityName":"Joomlack Page Builder Improper Access Control Vulnerability","weaknesses":[{"source":"security@joomla.org","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomlack:page_builder_ck:*:*:*:*:*:joomla\\!:*:*","versionEndExcluding":"3.6.0","matchCriteriaId":"5181215D-DF24-47CA-B49B-23BCB55C1C60"}]}]}],"references":[{"url":"https://www.joomlack.fr/","source":"security@joomla.org","tags":["Product"]},{"url":"https://forum.joomlack.fr/index.php/page-builder-ck/21627-nouvelle-version-de-pbck-et-joomla-3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking","Patch"]},{"url":"https://mysites.guru/blog/pagebuilderck-unauthenticated-file-upload-rce/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-56290","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2026-56809","sourceIdentifier":"vultures@jpcert.or.jp","published":"2026-06-30T07:16:32.747","lastModified":"2026-07-09T07:16:24.690","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple laser printers and MFPs (multifunction printers) which implement Ricoh Web Image Monitor contain a reflected cross-site scripting vulnerability. An arbitrary script may be executed on the web browser of the user who accesses a crafted URL."}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"Ricoh Company, Ltd.","product":"Multiple laser printers and MFPs which implement Ricoh Web Image Monitor","versions":[{"version":"see the information provided by the vendor","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T12:52:30.652408Z","id":"CVE-2026-56809","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://jp.ricoh.com/security/products/vulnerabilities/vul?id=ricoh-2026-000005","source":"vultures@jpcert.or.jp"},{"url":"https://jvn.jp/en/jp/JVN48718197/","source":"vultures@jpcert.or.jp"},{"url":"https://www.ricoh.com/products/security/vulnerabilities/vul?id=ricoh-2026-000005","source":"vultures@jpcert.or.jp"}]}},{"cve":{"id":"CVE-2026-13149","sourceIdentifier":"22e2d327-25fe-45d7-9f0c-dcd23b7108df","published":"2026-06-30T10:16:34.560","lastModified":"2026-07-08T12:17:20.087","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"brace-expansion through 5.0.6 is vulnerable to denial of service. The expand() function exhibits exponential-time complexity in the number of consecutive non-expanding '{}' brace groups. An attacker who passes a crafted string to expand(), directly or transitively, can cause significant CPU consumption and event-loop blocking. The max option does not mitigate this, as it bounds the output size rather than the recursion work."}],"affected":[{"source":"22e2d327-25fe-45d7-9f0c-dcd23b7108df","affectedData":[{"vendor":"juliangruber","product":"brace-expansion","defaultStatus":"unaffected","collectionURL":"https://registry.npmjs.org","packageName":"brace-expansion","repo":"https://github.com/juliangruber/brace-expansion","versions":[{"version":"0","lessThanOrEqual":"5.0.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"22e2d327-25fe-45d7-9f0c-dcd23b7108df","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Amber","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NEGLIGIBLE","Automatable":"YES","Recovery":"USER","valueDensity":"DIFFUSE","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T12:43:12.568372Z","id":"CVE-2026-13149","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"22e2d327-25fe-45d7-9f0c-dcd23b7108df","type":"Secondary","description":[{"lang":"en","value":"CWE-400"},{"lang":"en","value":"CWE-407"}]}],"references":[{"url":"https://github.com/juliangruber/brace-expansion/commit/c7e33ec13ac1a684c116720843ce24e208611754","source":"22e2d327-25fe-45d7-9f0c-dcd23b7108df"},{"url":"https://www.npmjs.com/package/brace-expansion","source":"22e2d327-25fe-45d7-9f0c-dcd23b7108df"}]}},{"cve":{"id":"CVE-2026-4360","sourceIdentifier":"cna@python.org","published":"2026-06-30T15:16:57.193","lastModified":"2026-07-09T02:40:39.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Tarfile.extract() function, the filter parameter is not passed properly when extracting hardlinks. An affected system that extracts content from untrusted tar files could end up writing files with an unexpected uid/gid despite the user passing filter='data' to the extract() function."}],"affected":[{"source":"cna@python.org","affectedData":[{"vendor":"Python Software Foundation","product":"CPython","defaultStatus":"unaffected","modules":["tarfile"],"repo":"https://github.com/python/cpython","versions":[{"version":"0","lessThan":"3.15.0","versionType":"python","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@python.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.0,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T15:28:24.835246Z","id":"CVE-2026-4360","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@python.org","type":"Secondary","description":[{"lang":"en","value":"CWE-281"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","versionEndExcluding":"3.1.5","matchCriteriaId":"EBD426C8-9200-4C38-9D53-E75B9AAED87D"}]}]}],"references":[{"url":"https://github.com/python/cpython/commit/5e0ef3f1afe892e4f64eb83368db57ac4c40cba0","source":"cna@python.org","tags":["Patch"]},{"url":"https://github.com/python/cpython/commit/7b57e8d51446297b8c7c482d224bc5f1938e4301","source":"cna@python.org","tags":["Patch"]},{"url":"https://github.com/python/cpython/commit/7ccdbaba2c54250a70d7f25632152df7655a5e0a","source":"cna@python.org","tags":["Patch"]},{"url":"https://github.com/python/cpython/commit/d2b2f5eacab4dd48446b63340613b05dcbbf0b44","source":"cna@python.org","tags":["Patch"]},{"url":"https://github.com/python/cpython/commit/eee3ddf0ca10283cc7fea724aae9cd8665f8d15e","source":"cna@python.org","tags":["Patch"]},{"url":"https://github.com/python/cpython/issues/151987","source":"cna@python.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/python/cpython/pull/151988","source":"cna@python.org","tags":["Issue Tracking","Patch"]},{"url":"https://mail.python.org/archives/list/security-announce@python.org/thread/TWZW2PC2AZOV6FENIHFSRC63OM7MBGSB/","source":"cna@python.org","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48282","sourceIdentifier":"psirt@adobe.com","published":"2026-06-30T16:16:54.533","lastModified":"2026-07-08T14:58:28.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"ColdFusion","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2023.20","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-06-30T00:00:00+00:00","id":"CVE-2026-48282","options":[{"exploitation":"active"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"cisaExploitAdd":"2026-07-07","cisaActionDue":"2026-07-10","cisaRequiredAction":"Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.","cisaVulnerabilityName":"Adobe ColdFusion Path Traversal Vulnerability","weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*","matchCriteriaId":"CBC19168-4184-4B59-B9C8-E98844124EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*","matchCriteriaId":"A60DCD92-9A5B-411C-9554-642C91D77FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*","matchCriteriaId":"58CC65EF-60A3-4DFA-AA51-E5013F116CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*","matchCriteriaId":"2E3EBFB1-4488-4924-A2E2-B7E422D68345"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update17:*:*:*:*:*:*","matchCriteriaId":"A683F9B2-A0DC-4AA0-BE97-9E74FA200AB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update18:*:*:*:*:*:*","matchCriteriaId":"8689F35F-9A81-45D2-B782-DBA12306BA45"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update19:*:*:*:*:*:*","matchCriteriaId":"5FAA5985-4B25-46C5-8064-0713AB251704"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update20:*:*:*:*:*:*","matchCriteriaId":"9E3884AF-7A1A-4604-B653-6694B7BD1E86"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*","matchCriteriaId":"80D7FC6A-F264-4CB1-A18D-B091EBA47882"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*","matchCriteriaId":"E3DA0D20-93BA-4C76-A400-159853CD7277"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*","matchCriteriaId":"5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*","matchCriteriaId":"C85288B9-5D63-49EA-828A-8DB3BB2367F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update5:*:*:*:*:*:*","matchCriteriaId":"3882A011-5A01-48E7-B5E7-5A837B1CE245"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update6:*:*:*:*:*:*","matchCriteriaId":"AACCE621-3380-4144-BA1B-AA26FE96B902"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update7:*:*:*:*:*:*","matchCriteriaId":"EBC62370-3FA2-4AF7-A201-4155D09051F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update8:*:*:*:*:*:*","matchCriteriaId":"D7616F34-9422-4815-806F-4484F68ED2A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update9:*:*:*:*:*:*","matchCriteriaId":"FB078BC9-164F-46D0-99F8-086F93FF2046"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb26-68.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]},{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-48282","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["US Government Resource"]}]}},{"cve":{"id":"CVE-2026-14191","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T04:16:58.647","lastModified":"2026-07-09T06:16:18.380","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated against that file's own TotalCount field but never against the actual size of RecItems. A crafted set of two or more .rev files can therefore write an attacker-controlled 32-bit value (the header's RevCRC field) to RecItems[RecNum] at an attacker-controlled offset up to 65534 * sizeof(RecVolItem) bytes past the allocation, corrupting adjacent heap objects. Triggering requires the victim to run a recovery/test operation on an attacker-supplied .rev set (for example 'unrar t x.part1.rev', WinRAR 'Repair archive', or auto-recovery when extracting a volume set with a missing .rar part). This is the RAR5-path sibling of CVE-2023-40477 (which was fixed in the RAR3 path only in WinRAR 6.23). Fixed in WinRAR / RAR 7.23."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"RARLAB","product":"WinRAR","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"0","lessThan":"7.23","versionType":"custom","status":"affected"}]},{"vendor":"RARLAB","product":"RAR","defaultStatus":"unaffected","platforms":["Windows","Linux","macOS"],"versions":[{"version":"0","lessThan":"7.23","versionType":"custom","status":"affected"}]},{"vendor":"RARLAB","product":"UnRAR","defaultStatus":"unaffected","platforms":["Windows","Linux","macOS"],"versions":[{"version":"0","lessThanOrEqual":"7.21","versionType":"custom","status":"affected"}]},{"vendor":"RARLAB","product":"UnRAR.dll","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"0","lessThan":"7.23","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:07:23.906784Z","id":"CVE-2026-14191","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-129"},{"lang":"en","value":"CWE-787"}]}],"references":[{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40477","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"},{"url":"https://www.rarlab.com/download.htm","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"},{"url":"https://www.securin.io/zero-days/cve-2026-14191-winrar-unrar-rar5-recovery-volume-rev-out-of-bounds-heap-write-in-recvolumes5-readheader","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-44040","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:20.897","lastModified":"2026-07-09T06:16:20.777","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC through 1.8.2.2 uses a cryptographically weak pseudo-random number generator to produce VNC authentication challenge bytes. In rfb/vncauth.c:119-129, the vncRandomBytes() function seeds libc rand() with time(0) + getpid() + rand() and generates a 16-byte challenge. The combined seed space is approximately 31 bits (libc rand() internal state) and is entirely determined by publicly-observable values (wall-clock time and process ID). An attacker who can observe the authentication exchange can enumerate the seed space and predict the challenge within seconds, enabling forgery or offline brute-forcing of responses. Note: on Windows, the active code path may use vncEncryptBytes2.cpp which calls CryptGenRandom; reachability on shipped Windows binaries requires compile-graph verification and is under investigation."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["winvnc","vncviewer"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T12:44:56.012420Z","id":"CVE-2026-44040","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-338"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-44040-libc-rand-weak-rng-vnc-auth-challenge-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-44041","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:21.033","lastModified":"2026-07-09T06:16:21.010","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC through 1.8.2.2 contains an out-of-bounds read in the wide-string to multibyte conversion helper. In rfb/dh.cpp:204, the vncWc2Mb() function passes a caller-supplied WCHAR pointer to wcslen() before any bounds check. If the caller provides a wide-character buffer that is not properly NUL-terminated, wcslen() reads past the end of the buffer until it encounters a NUL wchar, resulting in an out-of-bounds read. Under typical Win32 API usage this requires an abnormal caller contract. Impact is limited to a potential information disclosure from adjacent memory regions or a process crash (denial of service) if the over-read crosses a page boundary."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["winvnc","vncviewer"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:10:10.152068Z","id":"CVE-2026-44041","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-44041-vncwc2mb-wcslen-before-bounds-check-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-44042","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:21.153","lastModified":"2026-07-09T06:16:21.157","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC repeater through 1.8.2.2 contains an off-by-one error in the Base64 decode helper used for HTTP Basic authentication. In repeater/webgui/webutils.c:817, the wi_uudecode() function checks whether the input length exceeds the output buffer with a strict greater-than comparison (>), while the correct check should be greater-than-or-equal (>=). When strlen(authdata) equals sizeof(decode), the decoded output length (approximately 3/4 of input) does not overflow the buffer in current practice because the outer HTTP request bounds constrain the Authorization header. However, the defective check leaves a latent off-by-one condition that could become exploitable if the buffering constraints change. The current risk is limited to a one-byte write at the boundary of a 1024-byte stack buffer under constrained conditions."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["repeater"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:08:54.695763Z","id":"CVE-2026-44042","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-193"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-44042-wi-uudecode-off-by-one-bounded-ultravnc-repeater","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-58518","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T05:16:22.970","lastModified":"2026-07-09T17:39:47.107","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-Site request forgery (CSRF) vulnerability in The Wikimedia Foundation Mediawiki - RedirectManager Extension allows Cross Site Request Forgery.\n\nThis issue affects Mediawiki - RedirectManager Extension: from * before 1.3.3."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"The Wikimedia Foundation","product":"Mediawiki - RedirectManager Extension","defaultStatus":"unaffected","versions":[{"version":"*","lessThan":"1.3.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T12:31:19.474118Z","id":"CVE-2026-58518","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.3","matchCriteriaId":"104EBCAB-5CA5-44A1-B4CA-9C3CCA0F65F4"}]}]}],"references":[{"url":"https://gerrit.wikimedia.org/r/c/mediawiki/extensions/RedirectManager/+/1275494","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Issue Tracking"]},{"url":"https://phabricator.wikimedia.org/T423826","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Third Party Advisory"]},{"url":"https://phabricator.wikimedia.org/T423826","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-7828","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:23.970","lastModified":"2026-07-09T06:16:21.487","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC repeater through 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, the win_log() function allocates list nodes via malloc(sizeof(struct LIST) + strlen(line)), where line is derived from HTTP request URIs. If strlen(line) is sufficiently large, the addition overflows to a value smaller than sizeof(struct LIST), causing a heap allocation smaller than required. The subsequent strcpy of the full string into the undersized allocation produces a heap buffer overflow. In the current implementation this overflow is bounded by the HTTP receive buffer size (WI_RXBUFSIZE = 153600 bytes, well below SIZE_MAX on 32-bit builds), limiting practical exploitability to a partial heap write. A remote unauthenticated attacker can trigger the theoretical overflow path by sending a maximally-sized URI in an HTTP request to the repeater HTTP port."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["repeater"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:14:15.623029Z","id":"CVE-2026-7828","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7828-integer-overflow-win-log-malloc-ultravnc-repeater","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7829","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.087","lastModified":"2026-07-09T06:16:21.617","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule parser. In repeater/webgui/settings.c:225-272, after strncpy_s copies a rule token into temp1[rule1] (25-byte destination) or temp2/temp3 (16-byte destination), the code unconditionally writes a NUL terminator at temp1[rule1][len] = 0 without clamping len to the destination size. When an authenticated administrator saves a rule with a token length equal to or greater than the destination size, the NUL byte is written one or more bytes past the end of the stack-allocated array, corrupting adjacent stack data. An attacker who has obtained admin credentials (including via CVE-2026-7839 default password) can trigger this to gain code execution on the repeater host."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["repeater"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:13:45.463427Z","id":"CVE-2026-7829","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7829-post-auth-oob-nul-write-repeater-rule-parser-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7830","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.210","lastModified":"2026-07-09T06:16:21.760","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme (rfbUltraVNC_MsLogonIIAuth). In rfb/dh.cpp the Diffie-Hellman key exchange is performed with parameters that fit in an unsigned 64-bit integer (DH_MAX_BITS controls the prime size). A 64-bit DH key can be broken by Pollard's rho algorithm in under one second on current hardware. Additionally, the private exponent is generated by the rng() function, which multiplies three libc rand() values seeded from time(NULL). With approximately 31 bits of internal state and a time-based seed, the private exponent is recoverable in under a minute by a passive observer. A network attacker who can observe the MS-Logon II handshake (via sniffing, recording, or man-in-the-middle) can derive the shared DH key and decrypt the encapsulated username and password, resulting in full credential disclosure. This affects legacy MS-Logon II connections; MS-Logon III (X25519 + AES-256-GCM) is unaffected."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["winvnc","ms-logon"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:13:10.627838Z","id":"CVE-2026-7830","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-326"},{"lang":"en","value":"CWE-338"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7830-31-bit-dh-weak-rng-ms-logon-credential-interception-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7831","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.380","lastModified":"2026-07-09T06:16:21.900","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.cpp, when the server-supplied nameLength equals exactly 2024 the code declares a 2024-byte stack buffer _dn[2024] and calls ReadString(_dn, 2024). ReadString writes the NUL terminator at buf[length], i.e., _dn[2024], one byte past the end of the stack buffer. A malicious VNC server can trigger this condition by advertising a desktop name of length 2024 in its ServerInit message. On release builds without stack canaries the single-byte NUL overwrite adjacent stack data. On builds with /GS stack protection the canary is corrupted and the process terminates, resulting in denial of service. User interaction (connecting the viewer to the malicious server) is required."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["vncviewer"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H","baseScore":7.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:12:22.055256Z","id":"CVE-2026-7831","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-193"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7831-off-by-one-stack-overflow-viewer-namelength-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7838","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.540","lastModified":"2026-07-09T06:16:22.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field (type CARD32) is passed as reasonLen+1 to CheckBufferSize(). Because both operands are unsigned 32-bit, a reasonLen of 0xFFFFFFFF overflows to 0, causing CheckBufferSize to allocate only 256 bytes. The subsequent ReadString(m_netbuf, reasonLen) call then performs ReadExact for the original 4 GiB length into that 256-byte heap buffer. This overflow is reachable via rfbConnFailed (auth-scheme negotiation) and rfbVncAuthFailed (post-handshake) message types without successful authentication. A malicious VNC server, or any man-in-the-middle on the RFB stream, can trigger this condition when the victim viewer connects, potentially resulting in remote code execution as the user running the viewer. The crash was confirmed with AddressSanitizer on a portable reproduction harness (heap-buffer-overflow WRITE at offset 256)."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["vncviewer"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T13:11:26.115793Z","id":"CVE-2026-7838","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-190"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7838-heap-overflow-viewer-reasonlen-integer-overflow-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7839","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.680","lastModified":"2026-07-09T06:16:22.213","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, when settings2.txt is absent on first run the repeater writes the literal string \"adminadmi2\" as the admin password via strcpy_s(saved_password, 64, \"adminadmi2\"). The HTTP Basic-auth handler wi_decode_auth() checks this password without rate-limiting or lockout. Any remote attacker who can reach the repeater HTTP port (default TCP 80) can authenticate as administrator using the well-known default credential on a fresh or unmodified installation, gaining full control of the repeater configuration including allow/deny rules and session visibility."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["repeater"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T12:32:28.823292Z","id":"CVE-2026-7839","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product","Release Notes"]},{"url":"https://www.securin.io/zero-days/cve-2026-7839-hardcoded-default-admin-password-adminadmi2-ultravnc-repeater","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-7840","sourceIdentifier":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","published":"2026-07-01T05:16:24.820","lastModified":"2026-07-09T06:16:22.340","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wi_senderr() and wi_replyhdr() in repeater/webgui/webutils.c write the caller-supplied HTTP request URI into a fixed 1000-byte global buffer (hdrbuf) via unchecked sprintf calls. The HTTP receive buffer accepts URIs up to approximately 150 KB (WI_RXBUFSIZE = 153600), so an unauthenticated attacker who can reach the repeater HTTP port (default TCP 80) can overflow hdrbuf by at least 500 bytes with a single HTTP request containing a URI of 1500 bytes or longer, corrupting adjacent .bss-segment globals. The overflow occurs before any authentication check, making it reachable without credentials. A remote, unauthenticated attacker can achieve arbitrary code execution on the host running the repeater."}],"affected":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","affectedData":[{"vendor":"uvnc","product":"UltraVNC","defaultStatus":"unaffected","modules":["repeater"],"versions":[{"version":"0","lessThanOrEqual":"1.8.2.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T12:33:40.320112Z","id":"CVE-2026-7840","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:uvnc:ultravnc:*:*:*:*:*:*:*:*","versionEndIncluding":"1.8.2.2","matchCriteriaId":"593F7EC1-0922-4652-817A-7D57A0F1210D"}]}]}],"references":[{"url":"https://github.com/ultravnc/UltraVNC","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://uvnc.com/","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c","tags":["Product"]},{"url":"https://www.securin.io/zero-days/cve-2026-7840-pre-auth-global-buffer-overflow-repeater-http-admin-ultravnc","source":"33c584b5-0579-4c06-b2a0-8d8329fcab9c"}]}},{"cve":{"id":"CVE-2026-5136","sourceIdentifier":"secalert@redhat.com","published":"2026-07-01T14:16:47.277","lastModified":"2026-07-09T02:39:36.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and then add themselves as a member. Successful exploitation of this vulnerability leads to full privilege escalation, granting the attacker administrator-level access."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.17 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.17::el9","cpe:/a:redhat:satellite_capsule:6.17::el9","cpe:/a:redhat:satellite_maintenance:6.17::el9","cpe:/a:redhat:satellite_utils:6.17::el9"],"versions":[{"version":"0:3.14.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"],"versions":[{"version":"0:3.16.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"],"versions":[{"version":"0:3.18.0.7-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/foreman","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T00:00:00+00:00","id":"CVE-2026-5136","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-266"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.10","matchCriteriaId":"878EADE5-65A0-45A8-A8A9-E01B59510745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.17.9","matchCriteriaId":"E4F23367-8065-4400-9346-2DDAC9718C1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.7","matchCriteriaId":"38DDD3BD-13AA-48BA-8404-B906C2BE3395"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.2","matchCriteriaId":"8698362F-3FF7-4B48-B799-722E2143DBFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"3.18.2","matchCriteriaId":"CC9CCF49-E31C-4087-B1E2-45FE2DAE1BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.1","matchCriteriaId":"A63B3B6B-B05A-49CC-8694-1D357171773F"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34366","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34367","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34368","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-5136","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452970","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58031","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T15:17:11.020","lastModified":"2026-07-09T17:21:35.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files resources/src/mediawiki.Special.Apisandbox/ApiSandboxLayout.Js.\n\n\n\nThis issue affects MediaWiki: from 1.46.0-rc.0 before 1.46.0."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["resources/src/mediawiki.special.apisandbox/ApiSandboxLayout.js"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"1.46.0-rc.0","lessThan":"1.46.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:45:37.930128Z","id":"CVE-2026-58031","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T426889","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58034","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T15:17:11.150","lastModified":"2026-07-09T17:20:38.083","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation CheckUser.\n\n This vulnerability is associated with program files modules/ext.CheckUser.TempAccounts/components/blockConnectedTempAccountsField.Vue.\n\n\n\nThis issue affects CheckUser: from 1.46.0-rc.0 before 1.46.0."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"CheckUser","defaultStatus":"unaffected","programFiles":["modules/ext.checkUser.tempAccounts/components/blockConnectedTempAccountsField.vue"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/CheckUser/+/refs/heads/master","versions":[{"version":"1.46.0-rc.0","lessThan":"1.46.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:45:57.866755Z","id":"CVE-2026-58034","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T428820","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58035","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T15:17:11.263","lastModified":"2026-07-09T16:02:02.773","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files resources/src/mediawiki.Special.Block/SpecialBlock.Vue."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["resources/src/mediawiki.special.block/SpecialBlock.vue"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"1.46.0-rc.0","lessThan":"1.46.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:54:34.232286Z","id":"CVE-2026-58035","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T428809","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-5135","sourceIdentifier":"secalert@redhat.com","published":"2026-07-01T15:17:11.740","lastModified":"2026-07-09T02:39:11.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Foreman. This broken access control vulnerability allows an authenticated user with host-edit permissions to retarget an existing lookup value override to a different host. This is achieved by modifying the match field through nested host attributes, effectively bypassing authorisation checks. The consequence is the potential for unauthorised modification of managed host configurations across different organisational and location boundaries."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.17 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.17::el9","cpe:/a:redhat:satellite_capsule:6.17::el9","cpe:/a:redhat:satellite_maintenance:6.17::el9","cpe:/a:redhat:satellite_utils:6.17::el9"],"versions":[{"version":"0:3.14.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"],"versions":[{"version":"0:3.16.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"],"versions":[{"version":"0:3.18.0.7-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/foreman","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:52:27.488776Z","id":"CVE-2026-5135","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.10","matchCriteriaId":"878EADE5-65A0-45A8-A8A9-E01B59510745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.17.9","matchCriteriaId":"E4F23367-8065-4400-9346-2DDAC9718C1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.7","matchCriteriaId":"38DDD3BD-13AA-48BA-8404-B906C2BE3395"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.2","matchCriteriaId":"8698362F-3FF7-4B48-B799-722E2143DBFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"3.18.2","matchCriteriaId":"CC9CCF49-E31C-4087-B1E2-45FE2DAE1BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.1","matchCriteriaId":"A63B3B6B-B05A-49CC-8694-1D357171773F"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34366","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34367","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34368","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-5135","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452230","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5138","sourceIdentifier":"secalert@redhat.com","published":"2026-07-01T15:17:11.860","lastModified":"2026-07-09T02:38:49.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Foreman. An authenticated user with host-edit permissions could exploit a cross-tenant information disclosure vulnerability. This flaw occurs because the taxonomy_scope controller method does not properly validate organization and location IDs from nested request parameters, bypassing existing authorization checks. This allows the user to leak sensitive infrastructure metadata, including subnet topology, IP ranges, gateways, DNS servers, and VLAN IDs, from organizations and locations they are not authorized to access."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.17 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.17::el9","cpe:/a:redhat:satellite_capsule:6.17::el9","cpe:/a:redhat:satellite_maintenance:6.17::el9","cpe:/a:redhat:satellite_utils:6.17::el9"],"versions":[{"version":"0:3.14.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"],"versions":[{"version":"0:3.16.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"],"versions":[{"version":"0:3.18.0.7-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/foreman","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T14:39:42.711601Z","id":"CVE-2026-5138","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.10","matchCriteriaId":"878EADE5-65A0-45A8-A8A9-E01B59510745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.17.9","matchCriteriaId":"E4F23367-8065-4400-9346-2DDAC9718C1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.7","matchCriteriaId":"38DDD3BD-13AA-48BA-8404-B906C2BE3395"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.2","matchCriteriaId":"8698362F-3FF7-4B48-B799-722E2143DBFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"3.18.2","matchCriteriaId":"CC9CCF49-E31C-4087-B1E2-45FE2DAE1BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.1","matchCriteriaId":"A63B3B6B-B05A-49CC-8694-1D357171773F"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34366","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34367","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34368","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-5138","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452971","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5142","sourceIdentifier":"secalert@redhat.com","published":"2026-07-01T15:17:11.977","lastModified":"2026-07-09T02:38:36.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in foreman. Authenticated users with 'view_keypairs' permission can bypass taxonomy scoping, allowing them to download private SSH (Secure Shell) keys from other organizations by directly querying key pair IDs. This vulnerability leads to cross-tenant data exposure in multi-tenant deployments, potentially compromising sensitive information."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el8sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.16 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.16::el8","cpe:/a:redhat:satellite:6.16::el9","cpe:/a:redhat:satellite_capsule:6.16::el8","cpe:/a:redhat:satellite_capsule:6.16::el9","cpe:/a:redhat:satellite_maintenance:6.16::el8","cpe:/a:redhat:satellite_maintenance:6.16::el9","cpe:/a:redhat:satellite_utils:6.16::el8","cpe:/a:redhat:satellite_utils:6.16::el9"],"versions":[{"version":"0:3.12.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.17 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.17::el9","cpe:/a:redhat:satellite_capsule:6.17::el9","cpe:/a:redhat:satellite_maintenance:6.17::el9","cpe:/a:redhat:satellite_utils:6.17::el9"],"versions":[{"version":"0:3.14.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.18 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.18::el9","cpe:/a:redhat:satellite_capsule:6.18::el9","cpe:/a:redhat:satellite_utils:6.18::el9"],"versions":[{"version":"0:3.16.0.17-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6.19 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"foreman","cpes":["cpe:/a:redhat:satellite:6.19::el9","cpe:/a:redhat:satellite_capsule:6.19::el9","cpe:/a:redhat:satellite_maintenance:6.19::el9","cpe:/a:redhat:satellite_utils:6.19::el9"],"versions":[{"version":"0:3.18.0.7-1.el9sat","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Satellite 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"satellite-capsule:el8/foreman","cpes":["cpe:/a:redhat:satellite:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:01:12.115967Z","id":"CVE-2026-5142","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.18","versionEndExcluding":"6.18.7","matchCriteriaId":"38DDD3BD-13AA-48BA-8404-B906C2BE3395"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.16","versionEndExcluding":"6.16.10","matchCriteriaId":"878EADE5-65A0-45A8-A8A9-E01B59510745"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.17","versionEndExcluding":"6.17.9","matchCriteriaId":"E4F23367-8065-4400-9346-2DDAC9718C1F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:satellite:*:*:*:*:*:*:*:*","versionStartIncluding":"6.19","versionEndExcluding":"6.19.2","matchCriteriaId":"8698362F-3FF7-4B48-B799-722E2143DBFD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionEndExcluding":"3.18.2","matchCriteriaId":"CC9CCF49-E31C-4087-B1E2-45FE2DAE1BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19.0","versionEndExcluding":"3.19.1","matchCriteriaId":"A63B3B6B-B05A-49CC-8694-1D357171773F"}]}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:34365","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34366","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34367","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/errata/RHSA-2026:34368","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://access.redhat.com/security/cve/CVE-2026-5142","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2452999","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13706","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:31.617","lastModified":"2026-07-09T16:02:41.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper input validation vulnerability in Wikimedia Foundation UrlShortener.\n\n This vulnerability is associated with program files includes/UrlShortenerUtils.Php."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"UrlShortener","defaultStatus":"unaffected","programFiles":["includes/UrlShortenerUtils.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/UrlShortener/+/refs/heads/master","versions":[{"version":"*","lessThanOrEqual":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:44:18.842649Z","id":"CVE-2026-13706","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T418533","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58024","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:49.583","lastModified":"2026-07-09T16:15:50.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Api/ApiUserrights.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Api/ApiUserrights.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:47:00.167018Z","id":"CVE-2026-58024","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T422085","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58025","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:49.703","lastModified":"2026-07-09T19:34:14.067","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Import/WikiImporter.php","includes/Import/WikiRevision.php","includes/Logging/LogEntryBase.php","https://phabricator.wikimedia.org/T422244"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:L/VI:H/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:51:46.171460Z","id":"CVE-2026-58025","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-94"},{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T422244","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58026","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:49.820","lastModified":"2026-07-09T19:34:47.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Parser/Parser.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Parser/Parser.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N","baseScore":5.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:50:06.590439Z","id":"CVE-2026-58026","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T299359","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58027","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:49.947","lastModified":"2026-07-09T19:35:02.897","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter.\n\n This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php.\n\n\n\nThis issue affects AbuseFilter: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"AbuseFilter","defaultStatus":"unaffected","programFiles":["includes/Api/QueryAbuseFilters.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/AbuseFilter/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:49:23.869052Z","id":"CVE-2026-58027","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T406954","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58028","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.077","lastModified":"2026-07-09T19:37:07.557","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth.\n\n This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php, includes/ResourceLoader/Module.Php, includes/Hooks/Handlers/PageDisplayHookHandler.Php, includes/LogFormatter/PermissionChangeLogFormatter.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9; CentralAuth: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Api/ApiFormatBase.php","includes/Api/ApiHelp.php","includes/ResourceLoader/Module.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]},{"vendor":"Wikimedia Foundation","product":"CentralAuth","defaultStatus":"unaffected","programFiles":["includes/Hooks/Handlers/PageDisplayHookHandler.php","includes/LogFormatter/PermissionChangeLogFormatter.php"],"versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:50:31.075019Z","id":"CVE-2026-58028","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T422306","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58029","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.197","lastModified":"2026-07-09T19:37:39.750","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php, includes/Specials/SpecialUnlinkAccounts.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Api/ApiChangeAuthenticationData.php","includes/Api/ApiLinkAccount.php","includes/Api/ApiRemoveAuthenticationData.php","includes/Specials/SpecialLinkAccounts.php","includes/Specials/SpecialUnlinkAccounts.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"1.46.0, 1.45.4, 1.44.6, 1.43.9","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:51:12.379031Z","id":"CVE-2026-58029","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T422676","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58030","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.310","lastModified":"2026-07-09T19:38:01.093","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi.\n\n This vulnerability is associated with program files includes/SyntaxHighlight.Php.\n\n\n\nThis issue affects SyntaxHighlight_GeSHi: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"SyntaxHighlight_GeSHi","defaultStatus":"unaffected","programFiles":["includes/SyntaxHighlight.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/SyntaxHighlight_GeSHi/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:48:48.602789Z","id":"CVE-2026-58030","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T427167","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58032","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.520","lastModified":"2026-07-09T19:42:23.293","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files resources/src/mediawiki.Api/index.Js.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["resources/src/mediawiki.api/index.js"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:48:28.806436Z","id":"CVE-2026-58032","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T426867","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58033","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.627","lastModified":"2026-07-09T19:42:39.933","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Actions/InfoAction.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Actions/InfoAction.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:48:05.703064Z","id":"CVE-2026-58033","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T427235","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58036","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:50.950","lastModified":"2026-07-09T19:46:01.787","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php, includes/User/UserGroupManager.Php."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Api/ApiQueryAllUsers.php","includes/Api/ApiQueryUsers.php","includes/Permissions/PermissionManager.php","includes/User/UserGroupManager.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"1.46.0-rc.0","lessThan":"1.46.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:47:22.376326Z","id":"CVE-2026-58036","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T425406","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58037","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:51.063","lastModified":"2026-07-09T19:46:19.747","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki.\n\n This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php, includes/Logging/PatrolLogFormatter.Php, includes/Logging/RenameuserLogFormatter.Php, includes/Logging/TagLogFormatter.Php, includes/Specials/SpecialVersion.Php.\n\n\n\nThis issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"MediaWiki","defaultStatus":"unaffected","programFiles":["includes/Language/Language.php","includes/Logging/BlockLogFormatter.php","includes/Logging/LogFormatter.php","includes/Logging/PatrolLogFormatter.php","includes/Logging/RenameuserLogFormatter.php","includes/Logging/TagLogFormatter.php","includes/Specials/SpecialVersion.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/core/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:46:35.403062Z","id":"CVE-2026-58037","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T422995","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-58038","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:51.173","lastModified":"2026-07-09T19:46:55.810","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation timeline.\n\n This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl.\n\n\n\nThis issue affects timeline: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"timeline","defaultStatus":"unaffected","programFiles":["includes/Timeline.php","scripts/EasyTimeline.pl"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/tiemline/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:47:43.541553Z","id":"CVE-2026-58038","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:1.46.0:rc0:*:*:*:*:*:*","matchCriteriaId":"D371958A-1F95-4C45-B556-B087A7274D4C"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T427611","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58126","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-01T16:16:51.283","lastModified":"2026-07-09T02:38:07.410","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chain the arbitrary file write primitive with DLL hijacking in PGImageExchangeQueueSvc.exe, which loads missing DLLs such as CRYPTSP.DLL from the application directory, to achieve remote code execution as NT Authority\\SYSTEM upon service restart."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Hyland","product":"PACSgear PACS Scan","defaultStatus":"affected","versions":[{"version":"5.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T16:05:51.219022Z","id":"CVE-2026-58126","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hyland:pacsgear:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.1","matchCriteriaId":"B9670099-1015-4BD1-8237-5825B5C762C1"}]}]}],"references":[{"url":"https://gist.github.com/VAMorales/6dc232729cdd517fa30d581fbcd98d8f","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.hyland.com/en/solutions/products/pacsgear","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.vulncheck.com/advisories/pacsgear-pacs-scan-unauthenticated-rce-via-net-remoting-tcp-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-58127","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-01T16:16:51.417","lastModified":"2026-07-09T02:37:28.310","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebClient class methods, an unauthenticated remote attacker can read and write arbitrary files on the host filesystem. The ObjectURIs are identical across all installations by default. Chaining the arbitrary file write primitive with DLL hijacking opportunities in the MediaWriter service (which runs as NT Authority\\\\SYSTEM and loads missing DLLs such as CRYPTBASE.DLL from the application directory) enables unauthenticated remote code execution as SYSTEM upon service restart."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Hyland","product":"PACSgear MediaWriter","defaultStatus":"affected","versions":[{"version":"5.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T16:15:03.705407Z","id":"CVE-2026-58127","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:hyland:pacsgear:*:*:*:*:*:*:*:*","versionEndIncluding":"5.2.1","matchCriteriaId":"B9670099-1015-4BD1-8237-5825B5C762C1"}]}]}],"references":[{"url":"https://gist.github.com/VAMorales/dc679ecab30b7045fa07bf3249a034d8","source":"disclosure@vulncheck.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.hyland.com/en/solutions/products/pacsgear","source":"disclosure@vulncheck.com","tags":["Product"]},{"url":"https://www.vulncheck.com/advisories/pacsgear-mediawriter-unauthenticated-rce-via-net-remoting-tcp-service","source":"disclosure@vulncheck.com","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-8857","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T16:16:53.847","lastModified":"2026-07-09T17:20:24.080","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in Wikimedia Foundation timeline.\n\n This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php.\n\n\n\nThis issue affects timeline: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"Wikimedia Foundation","product":"timeline","defaultStatus":"unaffected","programFiles":["scripts/EasyTimeline.pl","includes/Timeline.php"],"repo":"https://gerrit.wikimedia.org/g/mediawiki/extensions/timeline/+/refs/heads/master","versions":[{"version":"*","lessThan":"1.46.0, 1.45.4, 1.44.6, 1.43.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":0.0,"baseSeverity":"NONE","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T15:49:46.432787Z","id":"CVE-2026-8857","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"}]}]}],"references":[{"url":"https://phabricator.wikimedia.org/T426631","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-20213","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:29.460","lastModified":"2026-07-09T17:56:55.537","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:18:10.967118Z","id":"CVE-2026-20213","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.5","matchCriteriaId":"CD23E971-4735-4C28-BFE1-AB807630F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20214","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:29.637","lastModified":"2026-07-09T17:57:33.330","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:18:19.481926Z","id":"CVE-2026-20214","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.5","matchCriteriaId":"CD23E971-4735-4C28-BFE1-AB807630F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20215","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:29.807","lastModified":"2026-07-09T17:57:16.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z&nbsp;content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:17:41.483279Z","id":"CVE-2026-20215","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.5","matchCriteriaId":"CD23E971-4735-4C28-BFE1-AB807630F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20216","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:29.973","lastModified":"2026-07-09T18:09:19.380","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.\r\n\r\nThis vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:18:03.116587Z","id":"CVE-2026-20216","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.5","matchCriteriaId":"CD23E971-4735-4C28-BFE1-AB807630F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20217","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:30.130","lastModified":"2026-07-09T18:07:46.497","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:17:51.378262Z","id":"CVE-2026-20217","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.5","matchCriteriaId":"CD23E971-4735-4C28-BFE1-AB807630F2EE"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20243","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:30.423","lastModified":"2026-07-09T18:03:17.357","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in ALZ files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains ALZ content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:19:13.065202Z","id":"CVE-2026-20243","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.4.0","versionEndExcluding":"1.4.5","matchCriteriaId":"162DF360-EF2A-499D-BDC9-F680594A6318"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-20244","sourceIdentifier":"psirt@cisco.com","published":"2026-07-01T17:16:30.593","lastModified":"2026-07-09T18:00:43.937","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.\r\n\r\nThis vulnerability is due to improper boundary checks for content in DMG files during scanning, which may result in an integer overflow on 32-bit platforms only. An attacker could exploit this vulnerability by submitting a crafted file that contains DMG content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software."}],"affected":[{"source":"psirt@cisco.com","affectedData":[{"vendor":"Cisco","product":"Cisco Secure Endpoint","defaultStatus":"unknown","versions":[{"version":"7.0.5","status":"affected"},{"version":"6.2.19","status":"affected"},{"version":"7.3.3","status":"affected"},{"version":"7.2.13","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.3.1","status":"affected"},{"version":"6.2.5","status":"affected"},{"version":"7.3.5","status":"affected"},{"version":"6.2.1","status":"affected"},{"version":"7.2.7","status":"affected"},{"version":"7.1.1","status":"affected"},{"version":"6.3.5","status":"affected"},{"version":"6.2.9","status":"affected"},{"version":"7.3.1","status":"affected"},{"version":"6.1.7","status":"affected"},{"version":"7.2.11","status":"affected"},{"version":"7.2.3","status":"affected"},{"version":"7.1.5","status":"affected"},{"version":"6.3.3","status":"affected"},{"version":"7.3.9","status":"affected"},{"version":"6.2.3","status":"affected"},{"version":"6.1.9","status":"affected"},{"version":"6.0.9","status":"affected"},{"version":"7.2.5","status":"affected"},{"version":"6.0.7","status":"affected"},{"version":"6.3.7","status":"affected"},{"version":"1.12.3","status":"affected"},{"version":"1.8.0","status":"affected"},{"version":"1.11.1","status":"affected"},{"version":"1.12.4","status":"affected"},{"version":"1.10.0","status":"affected"},{"version":"1.12.0","status":"affected"},{"version":"1.8.1","status":"affected"},{"version":"1.10.1","status":"affected"},{"version":"1.12.1","status":"affected"},{"version":"1.12.6","status":"affected"},{"version":"1.14.0","status":"affected"},{"version":"1.10.2","status":"affected"},{"version":"1.12.7","status":"affected"},{"version":"1.12.2","status":"affected"},{"version":"1.6.0","status":"affected"},{"version":"1.9.0","status":"affected"},{"version":"1.11.0","status":"affected"},{"version":"1.7.0","status":"affected"},{"version":"1.13.0","status":"affected"},{"version":"1.8.4","status":"affected"},{"version":"1.13.1","status":"affected"},{"version":"1.9.1","status":"affected"},{"version":"1.12.5","status":"affected"},{"version":"1.13.2","status":"affected"},{"version":"8.1.7.21512","status":"affected"},{"version":"8.1.7","status":"affected"},{"version":"8.1.5","status":"affected"},{"version":"8.1.3.21242","status":"affected"},{"version":"8.1.3","status":"affected"},{"version":"8.1.5.21322","status":"affected"},{"version":"8.1.7.21417","status":"affected"},{"version":"1.14.1","status":"affected"},{"version":"1.15.1","status":"affected"},{"version":"1.15.2","status":"affected"},{"version":"1.15.3","status":"affected"},{"version":"1.15.4","status":"affected"},{"version":"1.15.5","status":"affected"},{"version":"1.15.6","status":"affected"},{"version":"1.16.0","status":"affected"},{"version":"1.16.1","status":"affected"},{"version":"1.16.2","status":"affected"},{"version":"1.16.3","status":"affected"},{"version":"1.18.0","status":"affected"},{"version":"1.18.1","status":"affected"},{"version":"1.20.0","status":"affected"},{"version":"1.21.0","status":"affected"},{"version":"1.21.1","status":"affected"},{"version":"1.21.2","status":"affected"},{"version":"1.21.3","status":"affected"},{"version":"1.22.0","status":"affected"},{"version":"1.22.1","status":"affected"},{"version":"1.22.2","status":"affected"},{"version":"1.22.3","status":"affected"},{"version":"1.22.4","status":"affected"},{"version":"1.24.0","status":"affected"},{"version":"1.24.1","status":"affected"},{"version":"1.24.2","status":"affected"},{"version":"1.24.3","status":"affected"},{"version":"1.24.4","status":"affected"},{"version":"1.26.0","status":"affected"},{"version":"1.24.5","status":"affected"},{"version":"1.26.1","status":"affected"},{"version":"1.27.0","status":"affected"},{"version":"1.15.0","status":"affected"},{"version":"1.17.0","status":"affected"},{"version":"1.17.1","status":"affected"},{"version":"1.17.2","status":"affected"},{"version":"1.19.0","status":"affected"},{"version":"1.20.1","status":"affected"},{"version":"1.20.2","status":"affected"},{"version":"1.20.3","status":"affected"},{"version":"1.20.4","status":"affected"},{"version":"1.20.5","status":"affected"},{"version":"1.20.6","status":"affected"},{"version":"1.23.0","status":"affected"},{"version":"1.23.1","status":"affected"},{"version":"1.20.7","status":"affected"},{"version":"1.20.8","status":"affected"},{"version":"1.25.0","status":"affected"},{"version":"1.25.1","status":"affected"},{"version":"1.25.2","status":"affected"},{"version":"1.27.1","status":"affected"},{"version":"1.27.2","status":"affected"},{"version":"7.3.13","status":"affected"},{"version":"7.3.15","status":"affected"},{"version":"7.4.1","status":"affected"},{"version":"7.4.1.20425","status":"affected"},{"version":"7.4.1.20439","status":"affected"},{"version":"7.4.3","status":"affected"},{"version":"7.4.3.20679","status":"affected"},{"version":"7.4.5","status":"affected"},{"version":"7.5.1.20813","status":"affected"},{"version":"7.5.1.20833","status":"affected"},{"version":"7.5.3","status":"affected"},{"version":"7.5.5","status":"affected"},{"version":"8.0.1.21160","status":"affected"},{"version":"8.0.1.21164","status":"affected"},{"version":"7.5.7","status":"affected"},{"version":"7.5.9","status":"affected"},{"version":"7.5.11","status":"affected"},{"version":"8.1.7.21585","status":"affected"},{"version":"7.5.13.21586","status":"affected"},{"version":"7.5.13.21598","status":"affected"},{"version":"8.2.1.21612","status":"affected"},{"version":"8.2.1.21650","status":"affected"},{"version":"7.5.15.21611","status":"affected"},{"version":"7.5.17.21680","status":"affected"},{"version":"8.2.3.30119","status":"affected"},{"version":"8.2.4.30130","status":"affected"},{"version":"8.4.0","status":"affected"},{"version":"7.5.19","status":"affected"},{"version":"8.4.1.30298","status":"affected"},{"version":"8.4.2.30317","status":"affected"},{"version":"8.4.1.30307","status":"affected"},{"version":"7.5.20","status":"affected"},{"version":"8.4.3","status":"affected"},{"version":"8.4.4.30419","status":"affected"},{"version":"8.4.4.30467","status":"affected"},{"version":"7.5.21.21732","status":"affected"},{"version":"8.4.5.30483","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:17:32.499689Z","id":"CVE-2026-20244","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:macos:*:*","versionEndExcluding":"1.27.2","matchCriteriaId":"E534D1FF-B590-40F3-9874-AC2BDA807087"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:linux:*:*","versionEndExcluding":"1.29.0","matchCriteriaId":"CB2B4CBA-534A-4111-8920-8580B12C4F46"},{"vulnerable":true,"criteria":"cpe:2.3:a:cisco:secure_endpoint:*:*:*:*:*:windows:*:*","versionEndExcluding":"8.6.2","matchCriteriaId":"4EB7F99A-01AB-44EE-B682-5E2C9E7D2A4B"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"0.98.1","versionEndExcluding":"1.4.5","matchCriteriaId":"AB7CDD8C-95F8-4F1B-B381-AF5F4CCBCF00"},{"vulnerable":true,"criteria":"cpe:2.3:a:clamav:clamav:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"5CC3C470-BBC6-449E-80F1-F9E762442D3C"}]}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-88cFYyxR","source":"psirt@cisco.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58520","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T18:16:35.983","lastModified":"2026-07-09T18:45:14.697","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"URL redirection to untrusted site ('open redirect') vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing.\n\nThis issue affects Mediawiki - UrlShortener Extension: from * before 1.43.9, 1.44.6, 1.45.4."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"The Wikimedia Foundation","product":"Mediawiki - UrlShortener Extension","defaultStatus":"unaffected","versions":[{"version":"*","lessThan":"1.43.9, 1.44.6, 1.45.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T17:55:53.098995Z","id":"CVE-2026-58520","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"}]}]}],"references":[{"url":"https://gerrit.wikimedia.org/r/q/I7a59cc4c351b5aa47ed46f7a14a1105fd1ecc5b5","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Issue Tracking"]},{"url":"https://phabricator.wikimedia.org/T418431","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-14358","sourceIdentifier":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","published":"2026-07-01T19:16:50.073","lastModified":"2026-07-09T18:44:46.393","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in The Wikimedia Foundation Mediawiki - Charts Extension allows Cross-Site Scripting (XSS).\n\nThis issue affects Mediawiki - Charts Extension: from * before 1.43.9,1.44.6,1.45.4."}],"affected":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","affectedData":[{"vendor":"The Wikimedia Foundation","product":"Mediawiki - Charts Extension","defaultStatus":"unaffected","versions":[{"version":"*","lessThan":"1.43.9,1.44.6,1.45.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-01T19:24:03.882806Z","id":"CVE-2026-14358","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.43.0","versionEndExcluding":"1.43.9","matchCriteriaId":"5BC82408-61E8-4F28-8AEC-438E159DC867"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.44.0","versionEndExcluding":"1.44.6","matchCriteriaId":"8F0FD7F7-0D82-4E68-91D8-0ADAE54CB8C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:mediawiki:mediawiki:*:*:*:*:*:*:*:*","versionStartIncluding":"1.45.0","versionEndExcluding":"1.45.4","matchCriteriaId":"439E39DA-8BB7-4AF7-9F42-E334A9B4AD3E"}]}]}],"references":[{"url":"https://gerrit.wikimedia.org/r/q/Ibdaa7c852ae83f562e84dddc9c96ad64e2152210","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Issue Tracking"]},{"url":"https://phabricator.wikimedia.org/T430548","source":"c4f26cc8-17ff-4c99-b5e2-38fc1793eacc","tags":["Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-14265","sourceIdentifier":"ff89ba41-3aa1-4d27-914a-91399e9639e5","published":"2026-07-01T20:17:08.087","lastModified":"2026-07-09T18:05:27.387","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of untrusted data in the RemoteQueryCachePlugin in Amazon Web Services AWS Advanced JDBC Wrapper 3.3.0 through 4.0.0 might allow an actor with write access to the shared cache infrastructure to execute arbitrary code on application servers that read cached query results via a crafted serialized Java object. The RemoteQueryCachePlugin uses ObjectInputStream without class filtering when deserializing cached query results from Redis or Valkey, enabling gadget chain execution when cache entries are poisoned.\n\n\n\nWe recommend upgrading to AWS Advanced JDBC Wrapper version 4.0.1 or later."}],"affected":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","affectedData":[{"vendor":"AWS","product":"AWS Advanced JDBC Wrapper","defaultStatus":"unaffected","versions":[{"version":"3.3.0","lessThanOrEqual":"4.0.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:27:22.888791Z","id":"CVE-2026-14265","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:amazon:advanced_jdbc_wrapper:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndExcluding":"4.0.1","matchCriteriaId":"2E5EB7F9-72C1-4F5F-B64B-16A5C59F2181"}]}]}],"references":[{"url":"https://aws.amazon.com/security/security-bulletins/2026-051-aws/","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","tags":["Release Notes","Vendor Advisory","Mitigation"]},{"url":"https://github.com/aws/aws-advanced-jdbc-wrapper/releases/tag/4.0.1","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","tags":["Release Notes"]},{"url":"https://github.com/aws/aws-advanced-jdbc-wrapper/security/advisories/GHSA-c5q4-97jw-jggh","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-50746","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:02.723","lastModified":"2026-07-09T13:22:07.417","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Connect Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.4.20","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:49:51.709672Z","id":"CVE-2026-50746","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_connect_application:*:*:*:*:*:*:*:*","versionEndExcluding":"3.4.20","matchCriteriaId":"B21BB8E7-04C3-494B-A6CB-55A25F422557"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50747","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:02.877","lastModified":"2026-07-09T13:21:57.180","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi Talk Application to escalate privileges on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Talk Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:33.941741Z","id":"CVE-2026-50747","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_talk_application:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2.2","matchCriteriaId":"5EFA9E4F-0AF4-43E6-AE50-417C21ABF4F1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50748","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:02.990","lastModified":"2026-07-09T13:21:36.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi Access Application to execute a Command Injection on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Access Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"4.2.29","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T16:10:20.458763Z","id":"CVE-2026-50748","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_access_application:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.29","matchCriteriaId":"CBD07B94-9FDB-4A70-B2B3-4733E28089E1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54400","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:03.623","lastModified":"2026-07-09T13:21:25.470","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Access Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"4.2.29","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T16:10:53.382801Z","id":"CVE-2026-54400","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_access_application:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.29","matchCriteriaId":"CBD07B94-9FDB-4A70-B2B3-4733E28089E1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54401","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:03.730","lastModified":"2026-07-10T02:50:13.673","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit a Server-Side Request Forgery (SSRF) to escalate privileges within such UniFi OS devices or instances."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi OS Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Attached Storage","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:48:48.891370Z","id":"CVE-2026-54401","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"965B08F6-66A2-4C38-922D-CA772483941D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E3AEA407-AC71-4334-B5D6-DE907C2D3C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*","matchCriteriaId":"33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"2F4C93E7-2746-4D54-9AFD-3CA8B8DB1517"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*","matchCriteriaId":"8C87C188-7982-4DFF-98F1-58511360F3E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"56A6ECCB-C731-4A7E-8E86-A1DF71A63D02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*","matchCriteriaId":"5CD0201D-D5C9-4CE7-A302-467F602D73D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E9FB02C8-CCB3-433B-89F1-025295A97333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4ED829-08E6-4330-B105-DC01A3159C90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AA734284-6D1E-4502-AECF-063233795E82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*","matchCriteriaId":"DDD7812E-3548-4B2C-9416-DEE0985AB07C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E2DD333-5BA0-444D-A6E5-400A4EBCDB49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"2C468BFA-A87B-4A3F-B12C-B3BCE225167C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"45BE2B93-8EBB-4DAC-942A-49F81D9E18E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*","matchCriteriaId":"5FC98765-1006-49C1-9464-92428738170A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"ECEE2017-FFDB-40A3-944E-A3631FEE97DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*","matchCriteriaId":"A68133D0-7571-4E6C-A5F5-AAD2DFE91B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"CAD7A583-F050-4780-B15E-C5D892FBAC4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"62027A00-7DEA-4111-B99F-8BB135DB99F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*","matchCriteriaId":"6A57444B-B60E-4AE0-A198-C85546D94126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"FB961E8B-008E-4875-84EA-C9B9DFFD3D4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*","matchCriteriaId":"63EC6593-E65D-4287-BB47-0EC53BCA7BAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_firewall_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.18","matchCriteriaId":"53FAB237-6408-416F-847F-DF28C09739B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_firewall_core:-:*:*:*:*:*:*:*","matchCriteriaId":"4AC5F542-03AE-4C66-9B37-8AE4A74DEBE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"D1446B7B-E5D2-44E4-B4C5-742E882D114C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*","matchCriteriaId":"EA957B87-E4D2-4B7C-AC27-200BFC44477E"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54402","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:03.837","lastModified":"2026-07-10T02:49:32.057","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit an Improper Input Validation vulnerability found in UniFi OS to execute a Command Injection on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi OS Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Attached Storage","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:31.917927Z","id":"CVE-2026-54402","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-77"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"965B08F6-66A2-4C38-922D-CA772483941D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E3AEA407-AC71-4334-B5D6-DE907C2D3C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*","matchCriteriaId":"33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"2F4C93E7-2746-4D54-9AFD-3CA8B8DB1517"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*","matchCriteriaId":"8C87C188-7982-4DFF-98F1-58511360F3E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"56A6ECCB-C731-4A7E-8E86-A1DF71A63D02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*","matchCriteriaId":"5CD0201D-D5C9-4CE7-A302-467F602D73D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E9FB02C8-CCB3-433B-89F1-025295A97333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4ED829-08E6-4330-B105-DC01A3159C90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AA734284-6D1E-4502-AECF-063233795E82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*","matchCriteriaId":"DDD7812E-3548-4B2C-9416-DEE0985AB07C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E2DD333-5BA0-444D-A6E5-400A4EBCDB49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"2C468BFA-A87B-4A3F-B12C-B3BCE225167C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"45BE2B93-8EBB-4DAC-942A-49F81D9E18E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*","matchCriteriaId":"5FC98765-1006-49C1-9464-92428738170A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"ECEE2017-FFDB-40A3-944E-A3631FEE97DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*","matchCriteriaId":"A68133D0-7571-4E6C-A5F5-AAD2DFE91B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"CAD7A583-F050-4780-B15E-C5D892FBAC4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"62027A00-7DEA-4111-B99F-8BB135DB99F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*","matchCriteriaId":"6A57444B-B60E-4AE0-A198-C85546D94126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"FB961E8B-008E-4875-84EA-C9B9DFFD3D4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*","matchCriteriaId":"63EC6593-E65D-4287-BB47-0EC53BCA7BAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_firewall_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.18","matchCriteriaId":"53FAB237-6408-416F-847F-DF28C09739B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_firewall_core:-:*:*:*:*:*:*:*","matchCriteriaId":"4AC5F542-03AE-4C66-9B37-8AE4A74DEBE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"D1446B7B-E5D2-44E4-B4C5-742E882D114C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*","matchCriteriaId":"EA957B87-E4D2-4B7C-AC27-200BFC44477E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54403","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:03.947","lastModified":"2026-07-10T02:46:57.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi OS Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Attached Storage","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T16:09:36.129029Z","id":"CVE-2026-54403","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"965B08F6-66A2-4C38-922D-CA772483941D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E3AEA407-AC71-4334-B5D6-DE907C2D3C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*","matchCriteriaId":"33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"2F4C93E7-2746-4D54-9AFD-3CA8B8DB1517"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*","matchCriteriaId":"8C87C188-7982-4DFF-98F1-58511360F3E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"56A6ECCB-C731-4A7E-8E86-A1DF71A63D02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*","matchCriteriaId":"5CD0201D-D5C9-4CE7-A302-467F602D73D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E9FB02C8-CCB3-433B-89F1-025295A97333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4ED829-08E6-4330-B105-DC01A3159C90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AA734284-6D1E-4502-AECF-063233795E82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*","matchCriteriaId":"DDD7812E-3548-4B2C-9416-DEE0985AB07C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E2DD333-5BA0-444D-A6E5-400A4EBCDB49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"2C468BFA-A87B-4A3F-B12C-B3BCE225167C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"45BE2B93-8EBB-4DAC-942A-49F81D9E18E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*","matchCriteriaId":"5FC98765-1006-49C1-9464-92428738170A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"ECEE2017-FFDB-40A3-944E-A3631FEE97DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*","matchCriteriaId":"A68133D0-7571-4E6C-A5F5-AAD2DFE91B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"CAD7A583-F050-4780-B15E-C5D892FBAC4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"62027A00-7DEA-4111-B99F-8BB135DB99F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*","matchCriteriaId":"6A57444B-B60E-4AE0-A198-C85546D94126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"FB961E8B-008E-4875-84EA-C9B9DFFD3D4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*","matchCriteriaId":"63EC6593-E65D-4287-BB47-0EC53BCA7BAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_firewall_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.18","matchCriteriaId":"53FAB237-6408-416F-847F-DF28C09739B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_firewall_core:-:*:*:*:*:*:*:*","matchCriteriaId":"4AC5F542-03AE-4C66-9B37-8AE4A74DEBE1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"D1446B7B-E5D2-44E4-B4C5-742E882D114C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*","matchCriteriaId":"EA957B87-E4D2-4B7C-AC27-200BFC44477E"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54404","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:04.060","lastModified":"2026-07-10T02:48:50.627","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit a series of authenticated SQL Injection vulnerabilities found in UniFi OS to escalate privileges within such UniFi OS devices or instances."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi OS Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Attached Storage","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T00:00:00+00:00","id":"CVE-2026-54404","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"2F4C93E7-2746-4D54-9AFD-3CA8B8DB1517"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*","matchCriteriaId":"8C87C188-7982-4DFF-98F1-58511360F3E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"56A6ECCB-C731-4A7E-8E86-A1DF71A63D02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*","matchCriteriaId":"5CD0201D-D5C9-4CE7-A302-467F602D73D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E9FB02C8-CCB3-433B-89F1-025295A97333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4ED829-08E6-4330-B105-DC01A3159C90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AA734284-6D1E-4502-AECF-063233795E82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*","matchCriteriaId":"DDD7812E-3548-4B2C-9416-DEE0985AB07C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E2DD333-5BA0-444D-A6E5-400A4EBCDB49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"2C468BFA-A87B-4A3F-B12C-B3BCE225167C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"45BE2B93-8EBB-4DAC-942A-49F81D9E18E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*","matchCriteriaId":"5FC98765-1006-49C1-9464-92428738170A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"ECEE2017-FFDB-40A3-944E-A3631FEE97DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*","matchCriteriaId":"A68133D0-7571-4E6C-A5F5-AAD2DFE91B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"CAD7A583-F050-4780-B15E-C5D892FBAC4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"62027A00-7DEA-4111-B99F-8BB135DB99F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*","matchCriteriaId":"6A57444B-B60E-4AE0-A198-C85546D94126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"FB961E8B-008E-4875-84EA-C9B9DFFD3D4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*","matchCriteriaId":"63EC6593-E65D-4287-BB47-0EC53BCA7BAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_firewall_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.18","matchCriteriaId":"53FAB237-6408-416F-847F-DF28C09739B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_firewall_core:-:*:*:*:*:*:*:*","matchCriteriaId":"4AC5F542-03AE-4C66-9B37-8AE4A74DEBE1"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"965B08F6-66A2-4C38-922D-CA772483941D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E3AEA407-AC71-4334-B5D6-DE907C2D3C9C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine:-:*:*:*:*:*:*:*","matchCriteriaId":"33E04DDA-88A0-47C1-8AE2-2F59B1A08BAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"D1446B7B-E5D2-44E4-B4C5-742E882D114C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*","matchCriteriaId":"EA957B87-E4D2-4B7C-AC27-200BFC44477E"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55110","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:04.870","lastModified":"2026-07-09T18:33:16.890","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing (CORS) misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi OS Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Attached Storage","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:35.927153Z","id":"CVE-2026-55110","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-942"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_os_server:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"965B08F6-66A2-4C38-922D-CA772483941D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_fortress_gateway_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"2F4C93E7-2746-4D54-9AFD-3CA8B8DB1517"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_fortress_gateway:-:*:*:*:*:*:*:*","matchCriteriaId":"8C87C188-7982-4DFF-98F1-58511360F3E3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_express_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"56A6ECCB-C731-4A7E-8E86-A1DF71A63D02"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_express_7:-:*:*:*:*:*:*:*","matchCriteriaId":"5CD0201D-D5C9-4CE7-A302-467F602D73D2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_key_plus_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"E9FB02C8-CCB3-433B-89F1-025295A97333"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_key_plus:-:*:*:*:*:*:*:*","matchCriteriaId":"4C4ED829-08E6-4330-B105-DC01A3159C90"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_enterprise_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AA734284-6D1E-4502-AECF-063233795E82"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey_enterprise:-:*:*:*:*:*:*:*","matchCriteriaId":"DDD7812E-3548-4B2C-9416-DEE0985AB07C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_ultra_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E2DD333-5BA0-444D-A6E5-400A4EBCDB49"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_ultra:-:*:*:*:*:*:*:*","matchCriteriaId":"2C468BFA-A87B-4A3F-B12C-B3BCE225167C"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"45BE2B93-8EBB-4DAC-942A-49F81D9E18E0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_2:-:*:*:*:*:*:*:*","matchCriteriaId":"5FC98765-1006-49C1-9464-92428738170A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"ECEE2017-FFDB-40A3-944E-A3631FEE97DB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_4:-:*:*:*:*:*:*:*","matchCriteriaId":"A68133D0-7571-4E6C-A5F5-AAD2DFE91B80"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"CAD7A583-F050-4780-B15E-C5D892FBAC4F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"DF0AD026-E7CD-4783-8B5B-BF50CFEF8F37"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_4_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"62027A00-7DEA-4111-B99F-8BB135DB99F9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_4:-:*:*:*:*:*:*:*","matchCriteriaId":"6A57444B-B60E-4AE0-A198-C85546D94126"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unas_pro_8_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.16","matchCriteriaId":"FB961E8B-008E-4875-84EA-C9B9DFFD3D4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unas_pro_8:-:*:*:*:*:*:*:*","matchCriteriaId":"63EC6593-E65D-4287-BB47-0EC53BCA7BAB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_firewall_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.18","matchCriteriaId":"53FAB237-6408-416F-847F-DF28C09739B9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_firewall_core:-:*:*:*:*:*:*:*","matchCriteriaId":"4AC5F542-03AE-4C66-9B37-8AE4A74DEBE1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55111","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:04.987","lastModified":"2026-07-09T13:20:47.137","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Protect Floodlight devices to access files on the UniFi Protect Floodlight."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Protect Floodlight","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"1.13.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:49:26.544868Z","id":"CVE-2026-55111","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:protect_floodlight_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.13.6","matchCriteriaId":"0BC90BFD-EF7B-4173-89AD-6486BBC2331C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:protect_floodlight:-:*:*:*:*:*:*:*","matchCriteriaId":"7BC6C811-DB70-4D54-B9DB-10C56B0C5854"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55112","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.103","lastModified":"2026-07-10T02:46:09.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Keys","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Network Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Video Recorders","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:29.812778Z","id":"CVE-2026-55112","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"629B14D2-94A8-4C0F-9844-DCCC75B76904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"B493983E-8632-4492-9B0A-E8E11E0E0BB2"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_special_edition_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"04FEA48A-5115-4857-9EBE-C76C26B92FFA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_special_edition:-:*:*:*:*:*:*:*","matchCriteriaId":"DEF52155-86F1-458A-8B7E-355B67C5C819"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_pro_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"FC6ED125-277D-45E8-81E9-2F33ED713258"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_pro_max:-:*:*:*:*:*:*:*","matchCriteriaId":"60808A48-C41A-448F-97C4-B1CD8DCCB4DA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_machine_beast_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"C404F220-CC40-4CE2-A0CF-13D9F53FA5FD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_machine_beast:-:*:*:*:*:*:*:*","matchCriteriaId":"82A0A6D7-4361-49AD-87E3-3FB32A958C4E"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"12856016-3F9D-43EA-98E8-CA7C1134CD5D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router:-:*:*:*:*:*:*:*","matchCriteriaId":"B1FF6A5E-A223-4F57-9FFD-F2AE473B3627"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_wall_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"45BB62B2-C27D-4D58-8528-C4F28C8936DE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_wall:-:*:*:*:*:*:*:*","matchCriteriaId":"A9B6514E-2878-4AEE-BF1E-08B804C069FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_7_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"1E604718-E38D-4AB8-B76E-3C9B2339F7A9"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_7:-:*:*:*:*:*:*:*","matchCriteriaId":"A41E5541-FC13-430C-BDCA-CC677B372D7F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloudkey_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"ECE501C5-1BFC-4DF1-A56D-4A5B2BF2F58C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloudkey:-:*:*:*:*:*:*:*","matchCriteriaId":"A484BC77-24D3-423F-AC16-3341C3396BA1"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"3AFF8A43-D4FF-4193-9DAB-23463E6E731C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"A5D7AF0C-CF50-485D-8471-9AB1AA6471CA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9C8006E8-54C0-4F4C-9346-92367ED3A57C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"87FB08DA-35EA-4C27-AA5F-2B7AE25D58FA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_instant_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"879FD15D-4886-4DF9-A959-C37059FFF4FF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_instant:-:*:*:*:*:*:*:*","matchCriteriaId":"FC8EB74F-F32A-4A5E-B613-58F2F7BC24CB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"86106709-F803-4ED1-A738-85E5A9D1114A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder:-:*:*:*:*:*:*:*","matchCriteriaId":"348BBC75-CA5B-4B38-A2CF-28313B7168F5"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:enterprise_network_video_recorder_core_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"75B77A46-2B11-42E7-A624-2CFD9BD66576"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:enterprise_network_video_recorder_core:-:*:*:*:*:*:*:*","matchCriteriaId":"BD22580F-1E63-48F0-BE9C-1EA9328DD539"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"AE4972F7-C1BD-48C2-ABC3-E1E806CDD4D2"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2:-:*:*:*:*:*:*:*","matchCriteriaId":"E1FF59AE-F5F6-4539-97EC-5157F67FD055"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_network_video_recorder_g2_pro_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"A0E87293-981C-402A-B3A4-2342A72F48A3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_network_video_recorder_g2_pro:-:*:*:*:*:*:*:*","matchCriteriaId":"29A3E3E6-68EF-43E6-9AB3-AD52FCADE57F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"8E7D32DF-0FE0-40F1-BC46-53A38A1275F0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_max:-:*:*:*:*:*:*:*","matchCriteriaId":"022225AB-7AF9-4F7A-97A2-CD8700DEA087"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_industrial_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"B75FEA76-3EEC-41AF-973B-5E7E06DBC3FB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_industrial:-:*:*:*:*:*:*:*","matchCriteriaId":"ABDECBF6-CB92-4AF6-A3AB-D4AA4635B688"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_cloud_gateway_fiber_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"9BC859E7-4839-41E1-B891-01D6C768737E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_cloud_gateway_fiber:-:*:*:*:*:*:*:*","matchCriteriaId":"01C00466-E414-4DF7-8752-93D3D77C5104"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ui:unifi_dream_router_5g_max_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.15","matchCriteriaId":"D1446B7B-E5D2-44E4-B4C5-742E882D114C"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ui:unifi_dream_router_5g_max:-:*:*:*:*:*:*:*","matchCriteriaId":"EA957B87-E4D2-4B7C-AC27-200BFC44477E"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55113","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.303","lastModified":"2026-07-09T13:19:57.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit a Server-Side Request Forgery (SSRF) vulnerability found in UniFi Talk Application to execute a Denial of Service (DoS) attack and bypass authentication in certain UniFi Talk API endpoints."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Talk Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:48:45.778988Z","id":"CVE-2026-55113","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_talk_application:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2.2","matchCriteriaId":"5EFA9E4F-0AF4-43E6-AE50-417C21ABF4F1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55116","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.633","lastModified":"2026-07-09T18:14:16.047","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"Dream Machines","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Fortress Gateway","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Wall","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Dream Routers","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Express 7","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Cloud Gateways","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]},{"vendor":"Ubiquiti Inc","product":"Enterprise Firewall Core","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.1.19","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:23.595428Z","id":"CVE-2026-55116","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_connect:*:*:*:*:*:*:*:*","versionEndExcluding":"3.4.20","matchCriteriaId":"5978F732-8520-43EB-A9A1-08145B5A4A7B"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55117","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.740","lastModified":"2026-07-09T13:19:42.740","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi Access Application to access files on the host device."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Access Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"4.2.29","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:49:24.568680Z","id":"CVE-2026-55117","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_access_application:*:*:*:*:*:*:*:*","versionEndExcluding":"4.2.29","matchCriteriaId":"CBD07B94-9FDB-4A70-B2B3-4733E28089E1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55119","sourceIdentifier":"support@hackerone.com","published":"2026-07-02T15:17:05.957","lastModified":"2026-07-09T13:19:26.580","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious actor with access to the network and low privileges could exploit an Improper Access Control vulnerability found in UniFi Talk Application to escalate privileges within the UniFi Talk Application."}],"affected":[{"source":"support@hackerone.com","affectedData":[{"vendor":"Ubiquiti Inc","product":"UniFi Talk Application","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.2.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"support@hackerone.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-02T15:41:17.326960Z","id":"CVE-2026-55119","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"support@hackerone.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ui:unifi_talk_application:*:*:*:*:*:*:*:*","versionEndExcluding":"5.2.2","matchCriteriaId":"5EFA9E4F-0AF4-43E6-AE50-417C21ABF4F1"}]}]}],"references":[{"url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc","source":"support@hackerone.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58467","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-02T20:17:06.733","lastModified":"2026-07-08T14:17:19.517","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cockpit CMS through 2.14.0 contains a path traversal and local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files or execute PHP files by including unvalidated PATH_INFO derived from REQUEST_URI in filesystem path construction without containment checks. Attackers can inject dot-dot sequences into the URL to traverse outside the designated spaces directory, and when the resolved path ends with a .php extension, the application passes it to include(), enabling local file inclusion on deployments using the PHP built-in server or certain non-default Nginx configurations."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"cockpit-hq","product":"cockpit","defaultStatus":"affected","repo":"https://github.com/cockpit-hq/cockpit","versions":[{"version":"0","lessThanOrEqual":"2.14.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:21:37.199759Z","id":"CVE-2026-58467","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/geo-chen/oss/blob/main/cockpit.md","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/cockpit-cms-path-traversal-local-file-inclusion-via-index-php","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-38968","sourceIdentifier":"cve@mitre.org","published":"2026-07-02T21:16:55.170","lastModified":"2026-07-08T18:39:19.380","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding session cookies under attacker-controlled timing."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:15:18.846487Z","id":"CVE-2026-38968","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-341"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ntop:ntopng:*:*:*:*:*:*:*:*","versionEndIncluding":"6.6","matchCriteriaId":"0A7E691E-54AD-43A4-B3DC-C3FB234B1FB9"}]}]}],"references":[{"url":"https://github.com/ntop/ntopng/commit/14e22497233dc7d31d19dccb74b13bb073d16c2c","source":"cve@mitre.org","tags":["Patch"]},{"url":"https://github.com/ntop/ntopng/commit/179a346ceb6239fd36128ccca3efa8f9ea61eeb5","source":"cve@mitre.org","tags":["Patch"]}]}},{"cve":{"id":"CVE-2026-38971","sourceIdentifier":"cve@mitre.org","published":"2026-07-02T21:16:56.253","lastModified":"2026-07-09T15:16:33.110","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:08:31.428174Z","id":"CVE-2026-38971","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ardupilot:arduplane:*:*:*:*:*:*:*:*","versionEndIncluding":"4.6.3","matchCriteriaId":"F15C2E46-37B6-44F0-B775-1B57CD7B3D3F"}]}]}],"references":[{"url":"https://gist.github.com/quart27219/6bfcc615f89fb493d02aad480704593b","source":"cve@mitre.org"},{"url":"https://github.com/ArduPilot/ardupilot","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/ArduPilot/ardupilot/issues/32524","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/ArduPilot/ardupilot/pull/32587","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/ArduPilot/ardupilot/issues/32524","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-38972","sourceIdentifier":"cve@mitre.org","published":"2026-07-02T21:16:56.353","lastModified":"2026-07-08T18:49:50.400","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Notepad3 through 6.25.822.1 contains a DLL search-order hijacking vulnerability in the About-dialog code path in src/Notepad3.c. The application calls LoadLibrary(L\"MSFTEDIT.DLL\") with a bare DLL name, which allows a local attacker to place a malicious MSFTEDIT.DLL in the application directory or another preferred DLL search location and achieve arbitrary code execution in the context of the user when the About dialog is opened."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T14:42:46.409319Z","id":"CVE-2026-38972","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rizonesoft:notepad3:*:*:*:*:*:*:*:*","versionEndIncluding":"6.25.822.1","matchCriteriaId":"35948CE1-8CB5-4879-A6FC-482FD123643E"}]}]}],"references":[{"url":"https://github.com/rizonesoft/Notepad3","source":"cve@mitre.org","tags":["Product"]},{"url":"https://github.com/rizonesoft/Notepad3/issues/5605","source":"cve@mitre.org","tags":["Exploit","Issue Tracking"]},{"url":"https://github.com/rizonesoft/Notepad3/pull/5606","source":"cve@mitre.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/rizonesoft/Notepad3/issues/5605","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking"]}]}},{"cve":{"id":"CVE-2026-12413","sourceIdentifier":"d42dc95b-23f1-4e06-9076-20753a0fb0df","published":"2026-07-02T22:16:42.517","lastModified":"2026-07-08T18:52:42.920","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An invalidly formatted IKEv2 fragment causes the Libreswan pluto daemon to crash and restart. Continued exploitation would cause a denial of service. The function reassemble_v2_incoming_fragments() would ignore unknown outer payloads but still store these in a fixed size array msg_digest.digest[PAYLIMIT]. An off-by-one error in the assertion PASSERT(logger, md->digest_roof < elemsof(md->digest)) causes the daemon to abort. No remote code execution is possible. Any configuration that allows IKEv2 connections that do not set fragmentation=no are vulnerable. IKEv1 is not affected."}],"affected":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","affectedData":[{"vendor":"The Libreswan Project","product":"libreswan","defaultStatus":"unaffected","versions":[{"version":"4.6","lessThanOrEqual":"5.3","versionType":"semver","status":"affected"},{"version":"5.3.1","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:12:21.499364Z","id":"CVE-2026-12413","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","description":[{"lang":"en","value":"CWE-193"},{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6","versionEndExcluding":"5.3.1","matchCriteriaId":"535F926A-021B-40BB-929F-618252622EAB"}]}]}],"references":[{"url":"https://libreswan.org/security/CVE-2026-12413/","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://libreswan.org/security/CVE-2026-12413/CVE-2026-12413.txt","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-50721","sourceIdentifier":"d42dc95b-23f1-4e06-9076-20753a0fb0df","published":"2026-07-02T22:16:43.367","lastModified":"2026-07-09T15:46:40.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Libreswan, via the function RSA_authenticate_hash_signature_raw_rsa(), did not correctly verify the length of the authentication hash when the SIG payload of an IKEv1 packet was encoded using PKCS #1 RSA Encryption as per RFC 2313. A remote attacker can use a variation on the Bleichenbacher attack to forge the SIG payload when small public exponents are being used (e.g., e=3), which could lead to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the SIG payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of remote IKE peers are not affected."}],"affected":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","affectedData":[{"vendor":"The Libreswan Project","product":"libreswan","defaultStatus":"unaffected","collectionURL":"https://github.com/libreswan/libreswan","packageName":"libreswan","programRoutines":[{"name":"RSA_authenticate_hash_signature_raw_rsa"}],"repo":"https://github.com/libreswan/libreswan","versions":[{"version":"0","lessThanOrEqual":"5.3","versionType":"semver","status":"affected"},{"version":"5.3.1","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:12:17.199605Z","id":"CVE-2026-50721","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","description":[{"lang":"en","value":"CWE-347"},{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*","versionEndExcluding":"5.3.1","matchCriteriaId":"0D5C4D8F-3003-4ACA-A065-E03AEE680115"}]}]}],"references":[{"url":"https://libreswan.org/security/CVE-2026-50721/","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://www.rfc-editor.org/rfc/rfc2313","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Technical Description"]}]}},{"cve":{"id":"CVE-2026-50722","sourceIdentifier":"d42dc95b-23f1-4e06-9076-20753a0fb0df","published":"2026-07-02T22:16:43.550","lastModified":"2026-07-09T15:47:00.690","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote attacker can use a variation on the Bleichenbacher attack to forge the AUTH payload when small public exponents are used (e.g., e=3), leading to impersonation. Additionally, a remote attacker, by encoding a shorter than expected hash in the AUTH payload, could trigger an assertion leading to denial-of-service. The daemon aborts and restarts; continued exploitation causes sustained denial of service. Remote code execution is not possible. X.509 certificate verifications of the remote IKE peer are not affected."}],"affected":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","affectedData":[{"vendor":"The Libreswan Project","product":"libreswan","defaultStatus":"unaffected","collectionURL":"https://github.com/libreswan/libreswan","packageName":"libreswan","programRoutines":[{"name":"RSA_authenticate_hash_signature_pkcs1_1_5_rsa"}],"repo":"https://github.com/libreswan/libreswan","versions":[{"version":"0","lessThanOrEqual":"5.3","versionType":"semver","status":"affected"},{"version":"5.3.1","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:12:19.317302Z","id":"CVE-2026-50722","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","type":"Secondary","description":[{"lang":"en","value":"CWE-347"},{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libreswan:libreswan:*:*:*:*:*:*:*:*","versionEndExcluding":"5.3.1","matchCriteriaId":"0D5C4D8F-3003-4ACA-A065-E03AEE680115"}]}]}],"references":[{"url":"https://libreswan.org/security/CVE-2026-50721/CVE-2026-50721.txt","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory","Mailing List"]},{"url":"https://libreswan.org/security/CVE-2026-50722/","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://libreswan.org/security/CVE-2026-50722/CVE-2026-50722.txt","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Vendor Advisory"]},{"url":"https://www.rfc-editor.org/rfc/rfc8017","source":"d42dc95b-23f1-4e06-9076-20753a0fb0df","tags":["Technical Description"]}]}},{"cve":{"id":"CVE-2026-57100","sourceIdentifier":"secure@microsoft.com","published":"2026-07-02T23:16:51.267","lastModified":"2026-07-08T18:34:25.597","vulnStatus":"Analyzed","cveTags":[{"sourceIdentifier":"secure@microsoft.com","tags":["exclusively-hosted-service"]}],"descriptions":[{"lang":"en","value":"Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Entra Provisioning Service","versions":[{"version":"-","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-57100","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:entra_provisioning_service:-:*:*:*:*:*:*:*","matchCriteriaId":"4DA622DA-A98B-42D4-B57C-EB8175EE4264"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-57100","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13373","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.137","lastModified":"2026-07-09T20:20:04.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Tigerpaw Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13936.\n\n\nThis issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.4","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:47:22.407403Z","id":"CVE-2026-13373","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.4","versionEndExcluding":"12.12.1","matchCriteriaId":"87AC2077-3EE0-4EB3-A54C-E727AD3C1028"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00015","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13374","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.257","lastModified":"2026-07-09T20:17:08.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13937.\n\n\nThis issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.4","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:04:56.808281Z","id":"CVE-2026-13374","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.4","versionEndExcluding":"12.12.1","matchCriteriaId":"87AC2077-3EE0-4EB3-A54C-E727AD3C1028"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00016","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13375","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.373","lastModified":"2026-07-09T20:15:02.137","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (Autotask Technology Integration module) allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-13938.\n\n\nThis issue affects Fireware OS 12.4 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.4","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:04:53.932396Z","id":"CVE-2026-13375","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.4","versionEndExcluding":"12.12.1","matchCriteriaId":"87AC2077-3EE0-4EB3-A54C-E727AD3C1028"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00017","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13376","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.497","lastModified":"2026-07-09T20:06:02.590","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-1071.\n\nThis issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.0","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:03:14.874446Z","id":"CVE-2026-13376","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.12.1","matchCriteriaId":"9FEF8DD4-1432-4109-967A-B03188988266"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00018","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13377","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.643","lastModified":"2026-07-09T20:15:46.513","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947.\n\nThis issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.0","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:02:49.331664Z","id":"CVE-2026-13377","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0","versionEndExcluding":"12.12.1","matchCriteriaId":"9FEF8DD4-1432-4109-967A-B03188988266"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00019","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13383","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.773","lastModified":"2026-07-09T19:55:25.130","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Out-of-bounds Write vulnerability in WatchGuard Fireware OS ikestubd process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.1","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-13383","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1","versionEndExcluding":"12.12.1","matchCriteriaId":"8C0FF4AB-93B9-4635-BA4B-F0E06594BD4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00020","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13384","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:51.893","lastModified":"2026-07-09T19:50:14.723","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An Out-of-bounds Write vulnerability in WatchGuard Fireware OS wgagent process could allow an authenticated privileged user to execute arbitrary code via a specially crafted requests to the Management Web UI.This vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.1","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"12.5","lessThanOrEqual":"12.5.18","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-13384","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1","versionEndExcluding":"12.12.1","matchCriteriaId":"8C0FF4AB-93B9-4635-BA4B-F0E06594BD4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.5","versionEndIncluding":"12.5.18","matchCriteriaId":"1DB41269-782A-463C-B257-335542B73093"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t15:-:*:*:*:*:*:*:*","matchCriteriaId":"626220F8-7F0C-4DD8-8001-12EA0A777A0D"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t35:-:*:*:*:*:*:*:*","matchCriteriaId":"E561A57F-91A5-4B3C-9F7D-62E9AB5163A7"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00021","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13728","sourceIdentifier":"5d1c2695-1a31-4499-88ae-e847036fd7e3","published":"2026-07-03T00:16:52.147","lastModified":"2026-07-09T19:45:20.070","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In exception circumstances, WatchGuard Fireware OS on a FireCluster may use a hard-coded encryption key to encrypt saved credentials for Access Portal resources.\n\nThis vulnerability affects Fireware OS 12.1 up to and including 12.12 and 2025.1 up to and including 2026.2. This vulnerability does not affect devices that do not support the Access Portal feature or standalone Fireboxes not deployed in a FireCluster."}],"affected":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","affectedData":[{"vendor":"WatchGuard","product":"Fireware OS","defaultStatus":"unaffected","versions":[{"version":"12.1","lessThanOrEqual":"12.12","versionType":"semver","status":"affected"},{"version":"2025.1","lessThanOrEqual":"2026.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.7,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T14:55:52.147710Z","id":"CVE-2026-13728","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","type":"Secondary","description":[{"lang":"en","value":"CWE-798"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"12.1","versionEndExcluding":"12.12.1","matchCriteriaId":"8C0FF4AB-93B9-4635-BA4B-F0E06594BD4E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m270:-:*:*:*:*:*:*:*","matchCriteriaId":"E472917E-D6E1-4C2D-B37D-E76FCC7307CA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m290:-:*:*:*:*:*:*:*","matchCriteriaId":"9A8C7779-4466-4A9E-B191-929E7746DFF7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m370:-:*:*:*:*:*:*:*","matchCriteriaId":"6CE9A123-B769-4E56-845E-DC3DA6166C78"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m390:-:*:*:*:*:*:*:*","matchCriteriaId":"180FAE8C-2E73-4C09-AA11-0C82A7715FA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m440:-:*:*:*:*:*:*:*","matchCriteriaId":"309DBEF2-1D92-4641-827F-D99758B5FFA3"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4600:-:*:*:*:*:*:*:*","matchCriteriaId":"D1E8CFC5-51FE-4D75-845F-D70C30AF11B0"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m470:-:*:*:*:*:*:*:*","matchCriteriaId":"BBFBA966-E052-4350-9544-3B5D484DBB6B"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m4800:-:*:*:*:*:*:*:*","matchCriteriaId":"EF1E586D-0E88-447A-95E8-5203EF869ADB"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5600:-:*:*:*:*:*:*:*","matchCriteriaId":"1BC087C4-CB10-46D4-A746-0C462354410C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m570:-:*:*:*:*:*:*:*","matchCriteriaId":"59389EA2-3067-4AF8-AEC5-FE79E269C170"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m5800:-:*:*:*:*:*:*:*","matchCriteriaId":"445FA7CD-D0AE-4176-9AE5-293B918DE654"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m590:-:*:*:*:*:*:*:*","matchCriteriaId":"1B4A7366-0304-431E-B3E4-719BA575CEAC"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m670:-:*:*:*:*:*:*:*","matchCriteriaId":"E8512B4A-5269-4067-B9C6-475A4E8AD313"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m690:-:*:*:*:*:*:*:*","matchCriteriaId":"179C6166-87E1-44F8-B727-CDDE40C673D9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_nv5:-:*:*:*:*:*:*:*","matchCriteriaId":"584107CC-6136-4AA1-AE68-73B93BDDB5B6"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t20:-:*:*:*:*:*:*:*","matchCriteriaId":"9295217E-C1A0-4A69-A0F0-C44814BB376C"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t25:-:*:*:*:*:*:*:*","matchCriteriaId":"7DC49246-2166-4681-8D67-4C0940884872"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t40:-:*:*:*:*:*:*:*","matchCriteriaId":"CC853916-8BDC-4F7C-BA53-D6AB490A9444"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t45:-:*:*:*:*:*:*:*","matchCriteriaId":"DCB1A254-DA3C-4032-B2C6-C9EBCE8EC15E"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t55:-:*:*:*:*:*:*:*","matchCriteriaId":"D3562304-0317-4A3C-B622-D5CE01CC97F9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t70:-:*:*:*:*:*:*:*","matchCriteriaId":"327BA50A-366A-4367-93B8-328EC0136FA7"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t80:-:*:*:*:*:*:*:*","matchCriteriaId":"D92ABD52-20F6-4AB1-801F-9E7B7B1B78A1"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t85:-:*:*:*:*:*:*:*","matchCriteriaId":"3552F3BB-8021-4E87-987D-870699A7E619"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxcloud:-:*:*:*:*:*:*:*","matchCriteriaId":"158560A0-D694-41AF-A5F8-0F6FB3EFB8FA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:fireboxv:-:*:*:*:*:*:*:*","matchCriteriaId":"4ECAE1D7-9868-4730-B645-44CB1B6FDE96"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1","versionEndExcluding":"2026.2.1","matchCriteriaId":"51B8E788-8FAF-4681-9750-488B2691F473"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m295:-:*:*:*:*:*:*:*","matchCriteriaId":"615FF2CF-69DA-4890-9236-52D8D6FA0E71"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m395:-:*:*:*:*:*:*:*","matchCriteriaId":"A3439409-2FD6-447B-91CF-17D1C09E2A79"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m495:-:*:*:*:*:*:*:*","matchCriteriaId":"C0C0412F-AB02-4D13-B159-D0FCD2ECA3ED"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m595:-:*:*:*:*:*:*:*","matchCriteriaId":"575CC5EE-0278-489B-AA95-5EC5058D6FB9"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_m695:-:*:*:*:*:*:*:*","matchCriteriaId":"5597F672-3C72-4BCF-AD3F-F16B6913EC2F"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t115-w:-:*:*:*:*:*:*:*","matchCriteriaId":"E8AAE66B-DD19-4C90-8DFC-F77BA1541642"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125:-:*:*:*:*:*:*:*","matchCriteriaId":"7FC18430-C6B4-4395-BFF1-83BB005875BA"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t125-w:-:*:*:*:*:*:*:*","matchCriteriaId":"1A7C1C91-8B6E-4FB0-841E-7F88B06B1435"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145:-:*:*:*:*:*:*:*","matchCriteriaId":"8FE309D6-BD5E-4D18-91C3-A492C3576115"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t145-w:-:*:*:*:*:*:*:*","matchCriteriaId":"75959D39-0960-4836-96C7-DB8048DDE4B8"},{"vulnerable":false,"criteria":"cpe:2.3:h:watchguard:firebox_t185:-:*:*:*:*:*:*:*","matchCriteriaId":"D0087049-27C6-4B18-A645-72A8F63D7C6D"}]}]}],"references":[{"url":"https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00025","source":"5d1c2695-1a31-4499-88ae-e847036fd7e3","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14544","sourceIdentifier":"secalert@redhat.com","published":"2026-07-03T08:16:24.433","lastModified":"2026-07-10T05:16:28.067","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"hplip","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"hplip","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"hplip","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"hplip","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"hplip","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-14544","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14544","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2496772","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-47897","sourceIdentifier":"security@apache.org","published":"2026-07-03T08:16:24.817","lastModified":"2026-07-08T18:29:03.233","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator library).\n\nThis issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 before 4.8.0-beta00018.\n\nUsers are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Lucene.Net","defaultStatus":"unaffected","collectionURL":"https://www.nuget.org","packageName":"Lucene.Net.Replicator","versions":[{"version":"4.8.0-beta00005","lessThan":"4.8.0-beta00018","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:L/U:X","baseScore":8.9,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:31:12.886478Z","id":"CVE-2026-47897","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00005:*:*:*:*:*:*","matchCriteriaId":"79E25A9C-01FC-44B3-9A5E-F5E1D3CFADD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00006:*:*:*:*:*:*","matchCriteriaId":"7553B675-B9BE-4969-81F4-0757F91478CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00007:*:*:*:*:*:*","matchCriteriaId":"1405236D-970D-4879-A98C-87693C758494"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00008:*:*:*:*:*:*","matchCriteriaId":"07188547-C926-4937-87E9-23546E2EABFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00009:*:*:*:*:*:*","matchCriteriaId":"74865A6E-42F5-4C8E-9159-63240AE55BAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00010:*:*:*:*:*:*","matchCriteriaId":"EC844BB8-F736-4DFD-9410-E45558F112B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00011:*:*:*:*:*:*","matchCriteriaId":"C4FB017B-3FE4-4272-AB5C-292F4833BD81"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00012:*:*:*:*:*:*","matchCriteriaId":"5882F11D-D145-46D3-8740-D4336E34F323"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00013:*:*:*:*:*:*","matchCriteriaId":"24AD241C-97F8-4F93-811C-99E707E2B0E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00014:*:*:*:*:*:*","matchCriteriaId":"2E363C64-EE85-4302-8D26-71B11D8B9B5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00015:*:*:*:*:*:*","matchCriteriaId":"FB9EB424-2545-4B57-8284-68AD0E57A92A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00016:*:*:*:*:*:*","matchCriteriaId":"B8B783C0-35FD-433D-A597-3B2B3B5E190A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00017:*:*:*:*:*:*","matchCriteriaId":"F46E0873-4467-44E8-A8EF-FB805DDF512B"}]}]}],"references":[{"url":"https://lists.apache.org/thread/on1j3zmvgtf8n9fw78z3lyf6dn94p5zc","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/03/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-47898","sourceIdentifier":"security@apache.org","published":"2026-07-03T08:16:24.977","lastModified":"2026-07-08T18:25:07.617","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis.Common library).\n\nThis issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00005 before 4.8.0-beta00018.\n\nUsers are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Lucene.Net","defaultStatus":"unaffected","collectionURL":"https://www.nuget.org","packageName":"Lucene.Net.Analysis.Common","versions":[{"version":"4.8.0-beta00005","lessThan":"4.8.0-beta00018","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:32:16.370064Z","id":"CVE-2026-47898","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00005:*:*:*:*:*:*","matchCriteriaId":"79E25A9C-01FC-44B3-9A5E-F5E1D3CFADD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00006:*:*:*:*:*:*","matchCriteriaId":"7553B675-B9BE-4969-81F4-0757F91478CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00007:*:*:*:*:*:*","matchCriteriaId":"1405236D-970D-4879-A98C-87693C758494"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00008:*:*:*:*:*:*","matchCriteriaId":"07188547-C926-4937-87E9-23546E2EABFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00009:*:*:*:*:*:*","matchCriteriaId":"74865A6E-42F5-4C8E-9159-63240AE55BAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00010:*:*:*:*:*:*","matchCriteriaId":"EC844BB8-F736-4DFD-9410-E45558F112B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00011:*:*:*:*:*:*","matchCriteriaId":"C4FB017B-3FE4-4272-AB5C-292F4833BD81"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00012:*:*:*:*:*:*","matchCriteriaId":"5882F11D-D145-46D3-8740-D4336E34F323"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00013:*:*:*:*:*:*","matchCriteriaId":"24AD241C-97F8-4F93-811C-99E707E2B0E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00014:*:*:*:*:*:*","matchCriteriaId":"2E363C64-EE85-4302-8D26-71B11D8B9B5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00015:*:*:*:*:*:*","matchCriteriaId":"FB9EB424-2545-4B57-8284-68AD0E57A92A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00016:*:*:*:*:*:*","matchCriteriaId":"B8B783C0-35FD-433D-A597-3B2B3B5E190A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00017:*:*:*:*:*:*","matchCriteriaId":"F46E0873-4467-44E8-A8EF-FB805DDF512B"}]}]}],"references":[{"url":"https://lists.apache.org/thread/7yn9k6sbbsk18yco5y2hszpcf8dst489","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/03/3","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-47896","sourceIdentifier":"security@apache.org","published":"2026-07-03T09:16:37.397","lastModified":"2026-07-08T15:04:21.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator library).\n\nThis issue affects Apache Lucene.Net.Replicator: from 4.8.0-beta00005 through 4.8.0-beta00017.\n\nUsers are recommended to upgrade to version 4.8.0-beta00018, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Lucene.Net","defaultStatus":"unaffected","collectionURL":"https://www.nuget.org","packageName":"Lucene.Net.Replicator","versions":[{"version":"4.8.0-beta00005","lessThan":"4.8.0-beta00018","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@apache.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:L/U:X","baseScore":8.9,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"LOW","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T17:30:40.261299Z","id":"CVE-2026-47896","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00005:*:*:*:*:*:*","matchCriteriaId":"79E25A9C-01FC-44B3-9A5E-F5E1D3CFADD7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00006:*:*:*:*:*:*","matchCriteriaId":"7553B675-B9BE-4969-81F4-0757F91478CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00007:*:*:*:*:*:*","matchCriteriaId":"1405236D-970D-4879-A98C-87693C758494"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00008:*:*:*:*:*:*","matchCriteriaId":"07188547-C926-4937-87E9-23546E2EABFB"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00009:*:*:*:*:*:*","matchCriteriaId":"74865A6E-42F5-4C8E-9159-63240AE55BAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00010:*:*:*:*:*:*","matchCriteriaId":"EC844BB8-F736-4DFD-9410-E45558F112B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00011:*:*:*:*:*:*","matchCriteriaId":"C4FB017B-3FE4-4272-AB5C-292F4833BD81"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00012:*:*:*:*:*:*","matchCriteriaId":"5882F11D-D145-46D3-8740-D4336E34F323"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00013:*:*:*:*:*:*","matchCriteriaId":"24AD241C-97F8-4F93-811C-99E707E2B0E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00014:*:*:*:*:*:*","matchCriteriaId":"2E363C64-EE85-4302-8D26-71B11D8B9B5C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00015:*:*:*:*:*:*","matchCriteriaId":"FB9EB424-2545-4B57-8284-68AD0E57A92A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00016:*:*:*:*:*:*","matchCriteriaId":"B8B783C0-35FD-433D-A597-3B2B3B5E190A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:lucene.net:4.8.0:beta00017:*:*:*:*:*:*","matchCriteriaId":"F46E0873-4467-44E8-A8EF-FB805DDF512B"}]}]}],"references":[{"url":"https://lists.apache.org/thread/7y9gbt17p55fh1zltks4pnh719wq9sqt","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/03/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-26355","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:02.320","lastModified":"2026-07-08T19:34:55.017","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-26355","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.1.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"C7291573-9C79-45AA-9675-18274FA52BAA"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.6.1.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"54CE0223-C1DD-448E-86DE-CF95EF6FBA48"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41123","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:10.720","lastModified":"2026-07-08T19:34:50.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper access control vulnerability in the RBAC. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to information tampering."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.7.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:26:02.368915Z","id":"CVE-2026-41123","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-41124","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:10.837","lastModified":"2026-07-08T19:34:04.767","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper limitation of a pathname to a restricted directory ('path traversal') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Information exposure."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:34:01.090466Z","id":"CVE-2026-41124","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44268","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:15.750","lastModified":"2026-07-08T19:33:14.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect permission Assignment for critical resource vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.7.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T14:21:24.648770Z","id":"CVE-2026-44268","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.6.1.10","matchCriteriaId":"1717B5B3-E190-4BE6-AAFC-CE0924D8497E"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44269","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:15.870","lastModified":"2026-07-08T19:33:08.057","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.7.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:04:46.583622Z","id":"CVE-2026-44269","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.6.1.10","matchCriteriaId":"1717B5B3-E190-4BE6-AAFC-CE0924D8497E"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46467","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:22.990","lastModified":"2026-07-08T19:33:06.270","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an insertion of sensitive information into log file vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T02:13:54.066332Z","id":"CVE-2026-46467","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-532"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46468","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:23.110","lastModified":"2026-07-08T19:33:04.140","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:33:00.657796Z","id":"CVE-2026-46468","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46730","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:23.390","lastModified":"2026-07-08T19:32:43.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an incorrect authorization vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":0.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:14.044409Z","id":"CVE-2026-46730","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54483","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:29.507","lastModified":"2026-07-08T19:32:39.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.7.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:16.299487Z","id":"CVE-2026-54483","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.6.1.10","matchCriteriaId":"1717B5B3-E190-4BE6-AAFC-CE0924D8497E"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56085","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T13:17:30.240","lastModified":"2026-07-08T19:32:34.597","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of uninitialized resource vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information exposure."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:28:54.811003Z","id":"CVE-2026-56085","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-908"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46463","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T14:16:29.660","lastModified":"2026-07-08T19:32:28.133","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:28:04.886427Z","id":"CVE-2026-46463","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46464","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T14:16:30.360","lastModified":"2026-07-08T19:32:24.010","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper link resolution before file access ('Link following') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information disclosure."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T02:14:56.590648Z","id":"CVE-2026-46464","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46465","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T14:16:30.473","lastModified":"2026-07-08T19:32:19.660","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of externally-controlled format string vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Information disclosure and denial of service."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:29:00.503730Z","id":"CVE-2026-46465","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-134"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46466","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T14:16:30.593","lastModified":"2026-07-08T19:32:15.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an use of less trusted source vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to information tampering."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T14:18:31.419001Z","id":"CVE-2026-46466","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-348"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49813","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T15:16:32.487","lastModified":"2026-07-08T19:32:10.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to arbitrary command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:07.469282Z","id":"CVE-2026-49813","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49814","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T15:16:32.610","lastModified":"2026-07-08T19:32:07.010","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-49814","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49815","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T15:16:32.720","lastModified":"2026-07-08T19:32:01.087","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to execution of arbitrary OS commands."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-49815","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53478","sourceIdentifier":"security_alert@emc.com","published":"2026-07-03T15:16:32.840","lastModified":"2026-07-08T19:31:54.393","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to command execution."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThanOrEqual":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThanOrEqual":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThanOrEqual":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T00:00:00+00:00","id":"CVE-2026-53478","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndIncluding":"7.13.1.70","matchCriteriaId":"D81B827B-47D1-4856-ABEE-7FDB8599AD42"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.0.0.0","versionEndIncluding":"8.3.1.30","matchCriteriaId":"3A1E837C-2175-494D-8C20-EB25AE30F07F"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndIncluding":"8.7.0.0","matchCriteriaId":"FFF0094F-0C71-461F-9760-E9E0AB269FE1"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12481","sourceIdentifier":"security@huntr.dev","published":"2026-07-03T21:16:54.737","lastModified":"2026-07-08T15:01:47.190","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserialization()` function fails to enforce the safe-mode guard when `safe_mode` is set to `None`, which is the default value when `from_config()` is called outside of a `SafeModeScope` context. This logic error conflates `None` (unset/default-deny) with `False` (explicitly disabled), bypassing the guard and allowing attacker-controlled `marshal` bytecode to be deserialized. Affected call sites include `keras.layers.deserialize(config)`, `keras.models.clone_model(model)`, and any direct invocation of `Lambda.from_config(config)` without an enclosing `SafeModeScope(True)`. This vulnerability can be exploited to achieve arbitrary OS-level code execution in the context of the server or user process."}],"affected":[{"source":"security@huntr.dev","affectedData":[{"vendor":"keras-team","product":"keras-team/keras","versions":[{"version":"unspecified","lessThanOrEqual":"latest","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:15:34.297007Z","id":"CVE-2026-12481","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:keras:keras:3.14.0:*:*:*:*:*:*:*","matchCriteriaId":"5AB5B43D-0D41-4CBB-97B5-F5FE10D56689"}]}]}],"references":[{"url":"https://huntr.com/bounties/59ceaed1-c8a3-4135-8f94-169ade02823d","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]},{"url":"https://huntr.com/bounties/59ceaed1-c8a3-4135-8f94-169ade02823d","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-14355","sourceIdentifier":"security@php.net","published":"2026-07-03T21:16:55.783","lastModified":"2026-07-08T20:11:16.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 8.4.* before 8.4.23, 8.5.* before 8.5.8, the AES-WRAP-PAD algorithm implementation in OpenSSL extension contains a buffer allocation flaw. The output buffer for the AES key-wrap-with-padding operation is sized from the plaintext length without accounting for RFC 5649 expansion. This may cause OpenSSL to write beyond allocated memory, corrupting heap metadata and triggering application abort."}],"affected":[{"source":"security@php.net","affectedData":[{"vendor":"php","product":"php","defaultStatus":"affected","collectionURL":"https://www.php.net/","packageName":"openssl","modules":["ext/openssl"],"versions":[{"version":"8.2.0","lessThan":"8.2.32","versionType":"semver","status":"affected"},{"version":"8.3.0","lessThan":"8.3.32","versionType":"semver","status":"affected"},{"version":"8.4.0","lessThan":"8.4.23","versionType":"semver","status":"affected"},{"version":"8.5.0","lessThan":"8.5.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@php.net","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:57:51.767008Z","id":"CVE-2026-14355","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@php.net","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.2.0","versionEndExcluding":"8.2.32","matchCriteriaId":"84838FE7-7252-4A91-B533-6DF96F7638E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.3.0","versionEndExcluding":"8.3.32","matchCriteriaId":"BDE92322-4655-4D52-8130-0CEB76EE18B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0","versionEndExcluding":"8.4.23","matchCriteriaId":"7069BD62-FE98-468E-8BBE-6EE4AAA1770E"},{"vulnerable":true,"criteria":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","versionStartIncluding":"8.5.0","versionEndExcluding":"8.5.8","matchCriteriaId":"594B2AC2-D4EE-47A0-A522-F64240A10583"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","matchCriteriaId":"46D69DCC-AE4D-4EA5-861C-D60951444C6C"}]}]}],"references":[{"url":"https://github.com/php/php-src/security/advisories/GHSA-7jrw-539f-x6vr","source":"security@php.net","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2026/07/msg00010.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-26307","sourceIdentifier":"88ee5874-cf24-4952-aea0-31affedb7ff2","published":"2026-07-03T21:16:58.620","lastModified":"2026-07-09T16:16:39.367","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Gitea versions before 1.25.5 do not enforce a timeout on git grep searches, allowing expensive searches to consume server resources."}],"affected":[{"source":"88ee5874-cf24-4952-aea0-31affedb7ff2","affectedData":[{"vendor":"Gitea","product":"Gitea Open Source Git Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"1.25.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:16:00.503287Z","id":"CVE-2026-26307","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"88ee5874-cf24-4952-aea0-31affedb7ff2","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://blog.gitea.com/release-of-1.25.5/","source":"88ee5874-cf24-4952-aea0-31affedb7ff2"},{"url":"https://github.com/go-gitea/gitea/pull/36809","source":"88ee5874-cf24-4952-aea0-31affedb7ff2"},{"url":"https://github.com/go-gitea/gitea/pull/36835","source":"88ee5874-cf24-4952-aea0-31affedb7ff2"},{"url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.5","source":"88ee5874-cf24-4952-aea0-31affedb7ff2"}]}},{"cve":{"id":"CVE-2026-12252","sourceIdentifier":"security@huntr.dev","published":"2026-07-04T02:16:23.603","lastModified":"2026-07-08T15:01:20.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute them via the `java()` function, which invokes `subprocess.Popen()` without integrity verification. This vulnerability is identical to CVE-2026-0848, which was fixed for StanfordSegmenter by adding SHA256 verification. However, the fix was not applied to these additional classes, leaving them susceptible to arbitrary code execution when loading untrusted JAR files."}],"affected":[{"source":"security@huntr.dev","affectedData":[{"vendor":"nltk","product":"nltk/nltk","versions":[{"version":"unspecified","lessThanOrEqual":"latest","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:32:42.979501Z","id":"CVE-2026-12252","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nltk:nltk:*:*:*:*:*:*:*:*","versionEndIncluding":"3.9.3","matchCriteriaId":"E3C35863-7D82-4EEF-BDE8-E94C559CF4FB"}]}]}],"references":[{"url":"https://huntr.com/bounties/f5c93982-0cc9-4e2e-bb85-1b6ab29a2efb","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]},{"url":"https://huntr.com/bounties/f5c93982-0cc9-4e2e-bb85-1b6ab29a2efb","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2025-13475","sourceIdentifier":"ed10eef1-636d-4fbe-9993-6890dfa878f8","published":"2026-07-04T13:16:30.083","lastModified":"2026-07-09T17:55:35.993","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In multi-tenanted deployments, the application consent management mechanism fails to correctly isolate consent scopes between tenants. Consent granted by a user for a specific SaaS application within one tenant can be incorrectly applied to SaaS applications with the same name in other tenants, leading to unintended cross-tenant consent sharing.\n\nThis vulnerability may result in the exposure of user data across tenants, enabling SaaS applications in different tenants to access and modify information without explicit user authorization. This can lead to unauthorized data access and privacy violations. This vulnerability has no impact if the deployment does not support multi-tenancy."}],"affected":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","affectedData":[{"vendor":"WSO2","product":"WSO2 Identity Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.10.0","versionType":"custom","status":"unknown"},{"version":"5.10.0","lessThan":"5.10.0.382","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 API Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.2.0","versionType":"custom","status":"unknown"},{"version":"3.2.0","lessThan":"3.2.0.457","versionType":"custom","status":"affected"},{"version":"3.2.1","lessThan":"3.2.1.76","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:55:17.820652Z","id":"CVE-2025-13475","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.0.457","matchCriteriaId":"EF81870F-4D69-43EC-B261-D1477127E8B3"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.1","versionEndExcluding":"3.2.1.76","matchCriteriaId":"77DFEDF8-3855-4274-9DDF-9BA4C00E047A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.0","versionEndExcluding":"5.10.0.382","matchCriteriaId":"FE7BBD89-3AD6-4DEE-B553-2E7E49536065"}]}]}],"references":[{"url":"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-1613/","source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2024-1248","sourceIdentifier":"ed10eef1-636d-4fbe-9993-6890dfa878f8","published":"2026-07-04T21:17:13.793","lastModified":"2026-07-09T18:47:41.403","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The silent Just-In-Time (JIT) provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username with a local user. This allows the provisioning process to overwrite existing roles of local users with roles assigned to the federated user.\n\nExploitation requires a federated identity provider (IDP) with silent JIT provisioning enabled and an attacker's knowledge of a local user's username. When these conditions are met, a malicious individual can leverage the JIT provisioning process to modify the roles of local users. The overwritten roles are limited to those defined within the federated IDP, typically granting minimal access rights unless explicitly configured otherwise by the federated IDP administrator."}],"affected":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","affectedData":[{"vendor":"WSO2","product":"WSO2 API Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.0.0","versionType":"custom","status":"unknown"},{"version":"3.0.0","lessThan":"3.0.0.153","versionType":"custom","status":"affected"},{"version":"3.1.0","lessThan":"3.1.0.267","versionType":"custom","status":"affected"},{"version":"3.2.0","lessThan":"3.2.0.351","versionType":"custom","status":"affected"},{"version":"4.0.0","lessThan":"4.0.0.269","versionType":"custom","status":"affected"},{"version":"4.1.0","lessThan":"4.1.0.169","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Identity Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.8.0","versionType":"custom","status":"unknown"},{"version":"5.8.0","lessThan":"5.8.0.101","versionType":"custom","status":"affected"},{"version":"5.9.0","lessThan":"5.9.0.138","versionType":"custom","status":"affected"},{"version":"5.10.0","lessThan":"5.10.0.284","versionType":"custom","status":"affected"},{"version":"5.11.0","lessThan":"5.11.0.321","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Identity Server as Key Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.9.0","versionType":"custom","status":"unknown"},{"version":"5.9.0","lessThan":"5.9.0.148","versionType":"custom","status":"affected"},{"version":"5.10.0","lessThan":"5.10.0.280","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Open Banking AM","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.0","versionType":"custom","status":"unknown"},{"version":"2.0.0","lessThan":"2.0.0.313","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Open Banking IAM","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.0","versionType":"custom","status":"unknown"},{"version":"2.0.0","lessThan":"2.0.0.333","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:50:04.702382Z","id":"CVE-2024-1248","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","description":[{"lang":"en","value":"CWE-298"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.0.0.153","matchCriteriaId":"39255F28-04C6-4FEC-BED8-B2D3F560B4DF"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndExcluding":"3.1.0.267","matchCriteriaId":"7BE8A329-322F-4810-8850-2F64E5A341DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.0.351","matchCriteriaId":"2CF9149A-7024-48A6-9DF9-8D82F72E087D"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.0.269","matchCriteriaId":"388CFAB9-A333-46DA-8952-189C77230CAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.0.169","matchCriteriaId":"CC58D9AE-3C80-465A-BF57-DF6B5D0419AF"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.8.0","versionEndExcluding":"5.8.0.101","matchCriteriaId":"1C35C6BC-9E00-4DD5-9F11-D16C3C55A579"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.9.0","versionEndExcluding":"5.9.0.138","matchCriteriaId":"2A3A3439-3202-45EC-A6C4-6CA442C3ABAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.0","versionEndExcluding":"5.10.0.284","matchCriteriaId":"BEA57A4B-5DED-4F2B-BD53-F676275A76E2"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11.0","versionEndExcluding":"5.11.0.321","matchCriteriaId":"4177090A-AFAE-4C09-B00B-A5333D29A110"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server_as_key_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"5.9.0","versionEndExcluding":"5.9.0.148","matchCriteriaId":"EE6D7C4F-C305-4B7D-9F88-A9A5C11A1622"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server_as_key_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.0","versionEndExcluding":"5.10.0.280","matchCriteriaId":"CC99A3F8-8C3E-4B3D-8177-DE9AE3DF1ECB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:open_banking_am:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.0.313","matchCriteriaId":"305AF79C-BF9E-4EEB-A114-81286F17FDCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:open_banking_iam:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.0.333","matchCriteriaId":"A7394371-E98E-4A1E-953E-163EA3AFC920"}]}]}],"references":[{"url":"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2024-3179/","source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14758","sourceIdentifier":"cna@vuldb.com","published":"2026-07-05T15:16:56.987","lastModified":"2026-07-09T15:47:17.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. Such manipulation leads to integer overflow. The attack needs to be performed locally. The exploit is publicly available and might be used. The name of the patch is 84e773986e7e5bb30453a9384f498ec0ccc9d0a9. A patch should be applied to remediate this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"modules":["hexpairs Parser"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:08:09.437554Z","id":"CVE-2026-14758","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-189"},{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.1.8","matchCriteriaId":"CF1DC775-F4C0-46BB-A813-5CD84451418C"}]}]}],"references":[{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/commit/84e773986e7e5bb30453a9384f498ec0ccc9d0a9","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/issues/26042","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14758","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850382","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376347","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376347/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-14759","sourceIdentifier":"cna@vuldb.com","published":"2026-07-05T16:19:44.583","lastModified":"2026-07-09T15:47:27.510","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function r_bin_java_inner_classes_attr_calc_size of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The patch is named cd62d15a6cbecdc67fd03f3ebdbbbeb741d18f87. To fix this issue, it is recommended to deploy a patch."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"modules":["RBinJava Line Number Table Parser"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:20:33.118403Z","id":"CVE-2026-14759","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.1.8","matchCriteriaId":"CF1DC775-F4C0-46BB-A813-5CD84451418C"}]}]}],"references":[{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/commit/cd62d15a6cbecdc67fd03f3ebdbbbeb741d18f87","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/issues/26043","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14759","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850383","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376348","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376348/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-14760","sourceIdentifier":"cna@vuldb.com","published":"2026-07-05T16:19:44.740","lastModified":"2026-07-09T15:47:37.090","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipulation can lead to use after free. The attack requires local access. The exploit has been made available to the public and could be used for attacks. This patch is called 8b25c773785d85cb0103410a0905089d286921c2. It is advisable to implement a patch to correct this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"modules":["regprofile Handler"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:40:53.795645Z","id":"CVE-2026-14760","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndExcluding":"6.1.8","matchCriteriaId":"CF1DC775-F4C0-46BB-A813-5CD84451418C"}]}]}],"references":[{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/commit/8b25c773785d85cb0103410a0905089d286921c2","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/issues/26044","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14760","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850384","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376349","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376349/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]},{"url":"https://vuldb.com/submit/850384","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Third Party Advisory","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-10656","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-07-05T23:16:52.730","lastModified":"2026-07-08T14:59:33.740","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The MAX32xxx USB device controller driver (drivers/usb/udc/udc_max32.c, compatible adi_max32_usbhs) dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it for NULL. udc_event_xfer_out_done() called net_buf_add(buf, ep_request->actlen) immediately after buf = udc_buf_get(ep_cfg), where udc_buf_get() returns NULL when the endpoint FIFO is empty. A transfer-completion event is queued from interrupt context and processed asynchronously by the driver thread; between queuing and processing, the endpoint FIFO can be drained by host-controlled control flow — in particular udc_setup_received() drains the EP0 OUT/IN FIFOs whenever a new SETUP packet arrives, and dequeue/disable/purge paths drain it likewise. A USB host that aborts an in-flight EP0 control transfer with a new SETUP packet (legal USB behavior) can therefore cause a stale XFER_OUT_DONE event to be processed against an empty FIFO, producing net_buf_add(NULL, ...), a near-NULL pointer dereference that faults and crashes the device. No authentication is required; the attacker is the USB host the device is connected to (physical bus access). Impact is denial of service (device crash). The defect was introduced when the MAX32 UDC driver was added and shipped in Zephyr v4.4.0. The fix adds NULL-buffer checks that return early with UDC_EVT_ERROR/-ENOBUFS in both the OUT-done and IN-done handlers."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject","product":"zephyr","defaultStatus":"unaffected","collectionURL":"https://github.com/zephyrproject-rtos/zephyr","packageName":"zephyr","versions":[{"version":"4.2.0","lessThan":"4.5.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:52:25.573518Z","id":"CVE-2026-10656","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndIncluding":"4.4.0","matchCriteriaId":"2333543A-2859-4C85-906B-FF6DBE95A355"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/commit/a0d8f786559355fb3b38e34799e1ae491ba9545c","source":"vulnerabilities@zephyrproject.org","tags":["Patch"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-58p9-6mjq-rf2m","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-10657","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-07-05T23:16:52.863","lastModified":"2026-07-08T14:55:01.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Zephyr's DNS resolver detects mDNS (.local) queries in dns_resolve_name_internal() (subsys/net/lib/dns/resolve.c) with memcmp(strrchr(query, '.'), \".local\", 7), which always reads a fixed 7 bytes from the suffix pointer. When the resolved hostname's final label is shorter than 7 bytes (e.g. names ending in .org, .com, .net, .io, or a trailing dot), the comparison reads 1-2 bytes past the string's NUL terminator. The hostname (query) is the caller-supplied name passed through the standard getaddrinfo()/dns_get_addr_info()/dns_resolve_name() path and is influenceable by operators or remote inputs (server names from configuration, parsed URLs, or app-facing interfaces). On a tightly-sized buffer with no slack (for example a userspace getaddrinfo call where the hostname is copied with k_usermode_string_alloc_copy to exactly strlen+1 bytes), the over-read crosses the allocation boundary; if that boundary is unmapped (guard page, memory-domain boundary under MPU, or an address sanitizer) the over-read faults, causing a denial of service. The over-read bytes are never returned, so there is no information disclosure. The flaw is compiled only when CONFIG_MDNS_RESOLVER is enabled, exists since v1.10.0, and is fixed by replacing the fixed-length memcmp with a NUL-safe strcmp(ptr, \".local\")."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject","product":"zephyr","defaultStatus":"unaffected","collectionURL":"https://github.com/zephyrproject-rtos/zephyr","packageName":"zephyr","versions":[{"version":"1.10.0","lessThan":"4.5.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:51:45.471859Z","id":"CVE-2026-10657","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*","versionStartIncluding":"1.10.0","versionEndIncluding":"4.4.0","matchCriteriaId":"6E12BDC8-E574-4145-B8B8-F647CC5EB913"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/commit/448a21da12c9ea28f7fd12c6894e03a987b17a27","source":"vulnerabilities@zephyrproject.org","tags":["Patch"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-76jh-3j5f-9vq4","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14787","sourceIdentifier":"cna@vuldb.com","published":"2026-07-06T02:16:21.360","lastModified":"2026-07-09T15:25:14.967","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmd_print in the library libr/core/cmd_print.inc of the component pb Print Command Handler. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been made available to the public and could be used for attacks. Patch name: 2b6265476c75567006b0fcbb749f4ae7b189c5df. It is recommended to apply a patch to fix this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"modules":["pb Print Command Handler"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:35:54.039167Z","id":"CVE-2026-14787","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-189"},{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.6","matchCriteriaId":"03383F2D-3D66-42CF-B627-4ADF5DFFA6DC"}]}]}],"references":[{"url":"https://github.com/phix33/radare2/commit/2b6265476c75567006b0fcbb749f4ae7b189c5df","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/issues/26048","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14787","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850387","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376376","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376376/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-14788","sourceIdentifier":"cna@vuldb.com","published":"2026-07-06T02:16:21.527","lastModified":"2026-07-09T15:18:53.810","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function r_core_bin_load of the file libr/core/cfile.c. Such manipulation leads to use after free. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used. The name of the patch is 635ab1eeb30340c26076722a90cb91fb2272130b. Applying a patch is advised to resolve this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T13:05:40.644106Z","id":"CVE-2026-14788","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.6","matchCriteriaId":"03383F2D-3D66-42CF-B627-4ADF5DFFA6DC"}]}]}],"references":[{"url":"https://github.com/oldzhu/radare2/commit/635ab1eeb30340c26076722a90cb91fb2272130b","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/issues/26049","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14788","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850388","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376377","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376377/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-14789","sourceIdentifier":"cna@vuldb.com","published":"2026-07-06T03:16:29.220","lastModified":"2026-07-09T15:09:39.300","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in stack-based buffer overflow. The attack requires a local approach. The exploit is now public and may be used. The patch is named 175d4addb68981331c85b10681c2161c38fb5762. It is suggested to install a patch to address this issue."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"radareorg","product":"radare2","cpes":["cpe:2.3:a:radareorg:radare2:*:*:*:*:*:*:*:*"],"modules":["Memory64ListStream Parser"],"versions":[{"version":"6.1.0","status":"affected"},{"version":"6.1.1","status":"affected"},{"version":"6.1.2","status":"affected"},{"version":"6.1.3","status":"affected"},{"version":"6.1.4","status":"affected"},{"version":"6.1.5","status":"affected"},{"version":"6.1.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:N/I:N/A:P","baseScore":1.7,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.1,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:59:02.240199Z","id":"CVE-2026-14789","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.0","versionEndIncluding":"6.1.6","matchCriteriaId":"03383F2D-3D66-42CF-B627-4ADF5DFFA6DC"}]}]}],"references":[{"url":"https://github.com/mengzhisuoliu/radare2/commit/175d4addb68981331c85b10681c2161c38fb5762","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/radareorg/radare2/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/radareorg/radare2/issues/26051","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/cve/CVE-2026-14789","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850389","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376378","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376378/cti","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]}]}},{"cve":{"id":"CVE-2026-40047","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:35.377","lastModified":"2026-07-08T15:06:53.087","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Camel Docling component.\n\nThe camel-docling component invokes the external `docling` command-line tool by assembling an argument list in DoclingProducer and executing it through java.lang.ProcessBuilder. Custom CLI arguments supplied through the `CamelDoclingCustomArguments` exchange header (a List<String>) were appended to that argument list with insufficient validation: the original implementation relied on a denylist of disallowed flags and only rejected path values that contained a literal `../` sequence. As a result, a Camel route that forwards externally-influenced data into the `CamelDoclingCustomArguments` header (or into the path-bearing headers used to build the invocation) could cause the producer to pass unrecognized or unintended `docling` CLI flags to the subprocess, and could supply path-like argument values that resolved outside the intended directory through traversal sequences not caught by the literal `../` check. Because Camel itself builds the `docling` invocation from these values, the component is responsible for constraining them, and the weak validation allowed CLI-argument injection and directory traversal in the arguments passed to the external tool. The invocation uses the list-based form of ProcessBuilder, so a shell does not interpret the argument values; OS command injection through shell metacharacters was not possible, and the metacharacter rejection added by the fix is defense-in-depth.\nThis issue affects Apache Camel: from 4.15.0 before 4.18.3.\n\nUsers are recommended to upgrade to a release that contains the CAMEL-23212 fix. On the mainline the fix is included from Apache Camel 4.19.0 (and later releases such as 4.20.0). For users on the 4.18.x LTS releases stream, upgrade to 4.18.3. The fix replaces the denylist with a strict allowlist of recognized `docling` CLI flags (rejecting any unrecognized flag, and rejecting producer-managed flags such as the output-directory flags), defensively rejects shell metacharacters in argument values, and normalizes path-like values with Path.normalize() before validating them so that traversal sequences which bypass a literal `../` check are detected. As defence in depth, route authors should avoid mapping untrusted message content into the `CamelDoclingCustomArguments` header and the path-bearing headers, and should strip Camel-internal headers from messages that arrive from untrusted producers."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-docling","versions":[{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:48:56.576065Z","id":"CVE-2026-40047","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-88"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-40047.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46584","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:36.927","lastModified":"2026-07-08T15:06:26.423","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Camel Mail Component.\n\nThe camel-mail producer (MailProducer.getSender) scanned the outgoing Exchange for message headers in the mail.smtp. / mail.smtps. namespace and, when any were present, built a per-message JavaMail sender with those values applied as JavaMail session properties, overriding the endpoint configuration. This namespace is Camel-internal - only MailProducer interprets it - and was not blocked by any HeaderFilterStrategy, so the values could originate from any inbound protocol (for example platform-http query parameters or request headers, or JMS / Kafka messages from untrusted producers) that feeds a route ending in an smtp / smtps producer without an intervening removeHeaders. The maximal impact is version-dependent: on releases before 4.19.0, setting mail.smtp.host redirects the SMTP connection to a server under the attacker's control, and because the producer then authenticates with the endpoint's configured username and password those credentials are transmitted to the attacker; on 4.19.0 and later the producer connects to the endpoint's configured host explicitly, so the reachable impact is limited to weakening transport security (for example mail.smtp.ssl.trust, mail.smtp.starttls.enable or mail.smtp.socks.host) and interception of the outgoing message rather than host redirect. Exploitation requires a route that channels untrusted input into the mail producer without stripping the namespace.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. After upgrading, the per-message override is disabled by default; enable it only on trusted endpoints with useJavaMailSessionPropertiesFromHeaders=true. For deployments that cannot upgrade immediately, strip the namespace before the mail producer with removeHeaders('mail.smtp.*') and removeHeaders('mail.smtps.*') between any untrusted ingress and the smtp / smtps producer. Even with the opt-in enabled, route authors should still strip the namespace on any path that carries untrusted input."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Mail","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-mail","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"r","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:25:21.574867Z","id":"CVE-2026-46584","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46584.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46585","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:37.030","lastModified":"2026-07-08T15:06:03.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Apache Camel Lucene Component.\n\nThe camel-lucene producer reads the search phrase from an Exchange header (LuceneConstants.HEADER_QUERY) whose value was the plain string QUERY (and RETURN_LUCENE_DOCS for HEADER_RETURN_LUCENE_DOCS). Because these names do not start with the Camel / camel prefix, HttpHeaderFilterStrategy - which blocks only the Camel header namespace on the HTTP boundary - let them pass from an inbound HTTP request straight into the Exchange. In a route that exposes a Lucene query operation behind an HTTP consumer (for example platform-http), any HTTP client could therefore set the QUERY header and have its value executed against the full-text index, overriding the query the route intended to run. Depending on what is indexed, this allows reading documents the request should not have access to (for example a match-all query returns the entire index, or the route's intended per-user filter can be replaced), and expensive regular-expression queries can consume significant CPU. No credentials are required when the HTTP consumer is unauthenticated.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. After upgrading, routes that set the query via the raw header name must use CamelLuceneQuery (and CamelLuceneReturnLuceneDocs) instead of QUERY / RETURN_LUCENE_DOCS. For deployments that cannot upgrade immediately, strip the attacker-controllable headers before the Lucene producer and set the query from a trusted source (for example removeHeader('QUERY') and removeHeader('RETURN_LUCENE_DOCS'), then setHeader('QUERY', constant(...)) at the start of the route)."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Lucene","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-lucene","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:24:25.722933Z","id":"CVE-2026-46585","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46585.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/12","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46590","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:37.147","lastModified":"2026-07-08T15:05:34.147","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Deserialization of Untrusted Data vulnerability in Apache Camel PQC component.\n\nThe camel-pqc component persists post-quantum key metadata (KeyMetadata) through pluggable KeyLifecycleManager implementations. HashicorpVaultKeyLifecycleManager and AwsSecretsManagerKeyLifecycleManager read that metadata back from the configured secret backend by deserializing a Base64-wrapped value with a raw java.io.ObjectInputStream.readObject() and no ObjectInputFilter or class allow-list; the cast to KeyMetadata happens only after readObject() returns, so any readObject() side effects in a crafted object run before the type check. The same unfiltered legacy-migration read also remained in FileBasedKeyLifecycleManager (for the stored KeyPair and KeyMetadata). A principal who can write to the operator-controlled backend that holds these values - the HashiCorp Vault KV path, or the AWS Secrets Manager secret (requiring a Vault token or secretsmanager:PutSecretValue) - could store a crafted serialized object that is deserialized during normal key-lifecycle operations, potentially leading to code execution in the context of the application that manages the keys. This is an incomplete-remediation follow-on to CVE-2026-40048 (CAMEL-23200), which changed FileBasedKeyLifecycleManager to store metadata as JSON / PKCS#8 / X.509 but did not add an ObjectInputFilter, did not cover the Vault and AWS sibling managers, and left FileBasedKeyLifecycleManager's own legacy-migration deserialization unfiltered.\nThis issue affects Apache Camel: from 4.18.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.18.x LTS releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, restrict write access to the key backend so that only the application's own identity can write the camel-pqc secrets (least-privilege HashiCorp Vault policies and secretsmanager:PutSecretValue IAM), and keep the PQC key material in a backend separate from any data that less-trusted principals can write."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-pqc","versions":[{"version":"4.18.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:15:54.431681Z","id":"CVE-2026-46590","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.18.0","versionEndExcluding":"4.18.3","matchCriteriaId":"3F672322-AA52-4621-B687-76B5AC9D619F"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46590.html","source":"security@apache.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46591","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:37.263","lastModified":"2026-07-08T15:05:01.700","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Neutralization of Special Elements in Data Query Logic vulnerability in Apache Camel Neo4J component.\n\nThe camel-neo4j producer builds the Cypher WHERE clause for its match/retrieve and delete operations from the CamelNeo4jMatchProperties map. CVE-2025-66169 addressed Cypher injection through the property values by binding them as query parameters ($paramN), but the property names (the JSON keys of that map) were still concatenated into the query string verbatim in Neo4jProducer.retrieveNodes() and deleteNode(). A property name containing Cypher syntax therefore alters the structure of the executed query. Where a route maps untrusted input into the CamelNeo4jMatchProperties map - for example by passing a request body as the match map, or from a consumer that does not filter inbound Camel* headers - an attacker who controls the JSON key names can inject arbitrary Cypher and read, modify or delete any node or relationship in the Neo4j database. The CamelNeo4jMatchProperties header is itself Camel-prefixed and is filtered by the HTTP header-filter strategy, so a plain HTTP client cannot set it directly; the issue is reachable through routes that deliberately or inadvertently carry untrusted data into that header.\nThis issue affects Apache Camel: from 4.10.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, do not populate the CamelNeo4jMatchProperties map from untrusted input: validate or allow-list the property names (for example against ^[A-Za-z_][A-Za-z0-9_]*$) before the Neo4j producer, and ensure that any consumer feeding such a route filters inbound Camel* / camel* headers so the match header cannot be supplied by an external sender."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-neo4j","versions":[{"version":"4.10.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:20:49.095923Z","id":"CVE-2026-46591","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-943"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10.0","versionEndExcluding":"4.14.8","matchCriteriaId":"CD453DD1-65B8-49D0-BB84-3D585163C326"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46591.html","source":"security@apache.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46592","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:37.380","lastModified":"2026-07-08T14:54:24.890","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Unintended Proxy or Intermediary ('Confused Deputy') vulnerability in Apache Camel CXF SOAP component.\n\nThe camel-cxf producer selects which SOAP operation to invoke on the backend service from the operationName (and operationNamespace) Exchange header, whose constant values (CxfConstants.OPERATION_NAME / OPERATION_NAMESPACE) were the plain strings operationName / operationNamespace. Because these names do not start with the Camel / camel prefix, HttpHeaderFilterStrategy - which blocks only the Camel header namespace on the HTTP boundary - let them pass from an inbound HTTP request straight into the Exchange. In a route that bridges an HTTP consumer (for example platform-http) into a cxf: producer, any HTTP client could therefore set the operationName header and have CxfProducer resolve and invoke a different WSDL operation than the route intended - for example replacing a read operation with a destructive one - against the backend SOAP service (a confused-deputy redirection). The constant is defined in the shared camel-cxf-common module, so the same non-prefixed names also applied to camel-cxfrs. No credentials are required when the bridging consumer is unauthenticated.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. After upgrading, the operation-selection headers are named CamelCxfOperationName / CamelCxfOperationNamespace and are filtered at transport boundaries; see the 4.21 upgrade guide for the cross-transport carrier-header pattern. For deployments that cannot upgrade immediately, do not select the CXF operation from untrusted input: strip the operationName and operationNamespace headers from any untrusted ingress before the cxf: producer and set the operation from a trusted source in the route."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-cxf-soap","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:19:37.827133Z","id":"CVE-2026-46592","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-441"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46592.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/15","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46726","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:37.503","lastModified":"2026-07-08T14:54:13.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Vertx Websocket component.\n\nThe camel-vertx-websocket consumer mapped inbound WebSocket query and path parameters into the Camel Exchange header map without applying any HeaderFilterStrategy (VertxWebsocketConsumer.populateExchangeHeaders()). Because nothing blocked the Camel header namespace, a client connecting to the WebSocket endpoint could set Camel-internal control headers - including CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query parameters. In a route where the WebSocket consumer feeds a downstream HTTP producer, the injected CamelHttpUri redirects the server-side HTTP request to an attacker-chosen destination (server-side request forgery - for example to an internal service or a cloud metadata endpoint). In addition, the HTTP producer resolves Camel property placeholders on the resulting (attacker-controlled) URI, so placeholders embedded in the injected value - such as an environment-variable reference, an application property, or a vault reference - are resolved to their real values and sent to the attacker, disclosing environment variables, application properties and vault secrets. When the WebSocket endpoint is exposed without authentication, this is reachable by an unauthenticated remote attacker.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. The fix makes the affected consumers apply a HeaderFilterStrategy that filters the Camel header namespace case-insensitively on inbound mapping, so externally-supplied Camel* / camel* headers are no longer copied into the Exchange. For deployments that cannot upgrade immediately, strip the Camel control headers from the inbound message before they reach any downstream producer (for example removeHeaders('Camel*') and removeHeaders('camel*') at the start of the route), require authentication on the WebSocket endpoint, and avoid bridging an untrusted consumer directly into an HTTP producer whose target URI can be driven from message headers."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Vertx Websocket","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-vertx-websocket","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:18:45.331627Z","id":"CVE-2026-46726","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46726.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49086","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:38.120","lastModified":"2026-07-08T14:53:56.583","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Unintended Proxy or Intermediary ('Confused Deputy') vulnerability in Apache Camel DAPR component.\n\nThe camel-dapr Dapr Pub/Sub consumer (DaprPubSubConsumer) copied two fields from each inbound CloudEvent - its Pub/Sub component name and its topic - into the CamelDaprPubSubName and CamelDaprTopic Exchange headers. These two headers are producer-direction routing headers: when the route republishes through a Dapr producer, DaprConfigurationOptionsProxy reads them back and prefers them over the destination configured on the endpoint. As a result, in a route that consumes from one Dapr Pub/Sub topic and republishes to another (for example from('dapr-pubsub:p:t').to('dapr-pubsub:p:other')), an actor able to publish a message to the subscribed topic could set the CloudEvent's pub/sub-name and topic to values of their choosing and cause the re-published message to be delivered to an arbitrary Dapr Pub/Sub component and topic instead of the configured destination - redirecting or exfiltrating the message and bypassing the route's intended routing and any topic-level access controls in the underlying broker. Exploitation requires the ability to publish to the topic the route subscribes to; no other authentication or user interaction is needed.\nThis issue affects Apache Camel: from 4.12.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, remove the CamelDaprPubSubName and CamelDaprTopic headers from the Exchange between the Dapr consumer and any Dapr producer in the route (for example removeHeaders('CamelDaprPubSubName', 'CamelDaprTopic')), and restrict who can publish to the subscribed Dapr Pub/Sub topic so that only trusted producers can send to it."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Dapr","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-dapr","versions":[{"version":"4.12.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:04:19.786692Z","id":"CVE-2026-49086","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-441"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.12.0","versionEndExcluding":"4.14.8","matchCriteriaId":"E11116FE-0265-47C9-BF4E-C129E050E736"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-49086.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/21","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49365","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:38.627","lastModified":"2026-07-09T03:04:17.320","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Netty HTTP component.\n\nThe camel-netty-http HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false because the backing field was an uninitialised primitive boolean (Java's default of false), whereas the other Camel HTTP server components (camel-http / camel-jetty / camel-servlet and camel-platform-http) default it to true. With muteException=false, when a request triggers an exception during route processing the consumer writes the full Throwable stack trace into the HTTP response body as text/plain (via DefaultNettyHttpBinding) instead of returning an empty body. Any unauthenticated client that can reach the endpoint and cause a processing error - for example by sending a malformed request body, an invalid parameter, or otherwise triggering a route-internal failure - therefore receives a complete Java stack trace. Such a stack trace can disclose sensitive internal information, including credentials embedded in exception messages, internal host names and IP addresses, filesystem paths, dependency and version details, database and class names, and the application's internal structure, which an attacker can use to plan further attacks.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, set muteException=true explicitly on the camel-netty-http consumer (for example netty-http: http://0.0.0.0:8080/api?muteException=true , or globally via the camel.component.netty-http.configuration.mute-exception=true property), so that processing errors no longer return the stack trace to the client."},{"lang":"es","value":"Vulnerabilidad relacionada con la generación de mensajes de error que contienen información confidencial en el componente HTTP Netty de Apache Camel. El consumidor del servidor HTTP camel-netty-http expone una opción denominada muteException que controla lo que se devuelve al cliente cuando se produce un error en el procesamiento de una ruta. Esta opción tenía como valor predeterminado false porque el campo subyacente era un valor booleano primitivo no inicializado (el valor predeterminado de Java es false), mientras que los demás componentes del servidor HTTP de Camel (camel-http, camel-jetty, camel-servlet y camel-platform-http) lo establecen por defecto en true. Con muteException=false, cuando una solicitud provoca una excepción durante el procesamiento de la ruta, el consumidor escribe el seguimiento completo de la pila de Throwable en el cuerpo de la respuesta HTTP como text/plain (a través de DefaultNettyHttpBinding), en lugar de devolver un cuerpo vacío. Cualquier cliente no autenticado que pueda acceder al punto final y provocar un error de procesamiento —por ejemplo, enviando un cuerpo de solicitud mal formado, un parámetro no válido o provocando de cualquier otra forma un fallo interno de la ruta— recibirá, por lo tanto, un seguimiento completo de la pila de Java. Dicha traza de pila puede revelar información interna confidencial, incluidas credenciales incrustadas en los mensajes de excepción, nombres de host internos y direcciones IP, rutas del sistema de archivos, detalles de dependencias y versiones, nombres de bases de datos y de clases, y la estructura interna de la aplicación, que un atacante puede utilizar para planear nuevos ataques. Este problema afecta a Apache Camel: desde la versión 4.0.0 hasta la 4.14.8, desde la 4.15.0 hasta la 4.18.3 y desde la 4.19.0 hasta la 4.21.0. Se recomienda a los usuarios que actualicen a la versión 4.21.0, que corrige el problema. Si los usuarios utilizan las versiones LTS de la rama 4.14.x, se les sugiere que actualicen a la 4.14.8. Si los usuarios utilizan las versiones de la rama 4.18.x, se les sugiere que actualicen a la 4.18.3. En el caso de las implementaciones que no puedan actualizarse de inmediato, establezca explícitamente `muteException=true` en el consumidor camel-netty-http (por ejemplo, `netty-http: http://0.0.0.0:8080/api?muteException=true`, o de forma global mediante la propiedad `camel.component.netty-http.configuration.mute-exception=true`), de modo que los errores de procesamiento ya no devuelvan el seguimiento de la pila al cliente."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-netty-http","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:34:23.255778Z","id":"CVE-2026-49365","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-49365.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/25","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-53913","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:38.753","lastModified":"2026-07-09T03:03:58.543","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely ('Failing Open') vulnerability in Apache Camel Keycloak Component.\n\nThe KeycloakSecurityPolicy of camel-keycloak guards a route by running KeycloakSecurityProcessor.beforeProcess(), which performs three checks in sequence: it rejects a request that carries no access token, then - only if requiredRoles is non-empty - validates the roles, and - only if requiredPermissions is non-empty - validates the permissions. The actual cryptographic verification of the bearer access token (signature, issuer and expiry for a local JWT, or active-state and issuer for token introspection) is performed exclusively inside those role and permission checks. KeycloakSecurityPolicy defaults requiredRoles and requiredPermissions to empty - which is the documented 'Basic Setup' - so on a route configured that way the role and permission checks are skipped and the access token is therefore never verified. The token-presence check still rejects a missing token, but an invalid token is accepted: any non-null value in the Authorization: Bearer header - including an arbitrary string or a forged, unsigned JWT - passes the policy and the request reaches the protected route, with no signature, issuer or expiry check and no request to Keycloak. The token is read from the inbound request header because allowTokenFromHeader defaults to true. Because the normal reason to place a route behind this policy is that the route performs server-side work, the bypass results in unauthenticated access to that work; where the protected route forwards to a code-execution-capable producer, it can result in unauthenticated remote code execution. This defect is independent of CVE-2026-23552: that issue concerned the issuer claim and was fixed by adding a check inside the verification routine, but here the verification routine is not reached at all in the default configuration, so the defect remains.\nThis issue affects Apache Camel: from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, configure a non-empty requiredRoles or requiredPermissions on every KeycloakSecurityPolicy so that the token-verification path is exercised, set allowTokenFromHeader to false where the token is not expected from the request header, or perform token verification at the framework layer ahead of the policy."},{"lang":"es","value":"Vulnerabilidad por autenticación incorrecta, falta de autenticación para funciones críticas y fallo de seguridad (Failing Open) en el componente Keycloak de Apache Camel. La política KeycloakSecurityPolicy de camel-keycloak protege una ruta ejecutando KeycloakSecurityProcessor.beforeProcess(), que realiza tres comprobaciones en secuencia: rechaza una solicitud que no incluya un token de acceso; a continuación, solo si requiredRoles no está vacío, valida los roles; y, solo si requiredPermissions no está vacío, valida los permisos. La verificación criptográfica propiamente dicha del token de acceso de portador (firma, emisor y fecha de caducidad para un JWT local, o estado activo y emisor para la introspección del token) se lleva a cabo exclusivamente dentro de esas comprobaciones de roles y permisos. KeycloakSecurityPolicy establece por defecto requiredRoles y requiredPermissions como vacíos —lo que constituye la configuración básica documentada—, por lo que, en una ruta configurada de ese modo, se omiten las comprobaciones de roles y permisos y, por lo tanto, el token de acceso nunca se verifica. La comprobación de presencia del token sigue rechazando un token ausente, pero se acepta un token no válido: cualquier valor distinto de nulo en el encabezado Authorization: Bearer —incluida una cadena arbitraria o un JWT falsificado y sin firmar— supera la política y la solicitud llega a la ruta protegida, sin que se comprueben la firma, el emisor o la fecha de caducidad, y sin que se envíe ninguna solicitud a Keycloak. El token se lee del encabezado de la solicitud entrante porque allowTokenFromHeader tiene por defecto el valor «true». Dado que la razón habitual para situar una ruta detrás de esta política es que dicha ruta realice tareas del lado del servidor, esta omisión da lugar a un acceso no autenticado a dichas tareas; cuando la ruta protegida reenvía a un productor capaz de ejecutar código, puede dar lugar a la ejecución remota de código sin autenticación. Este defecto es independiente de CVE-2026-23552: ese problema se refería a la reclamación del emisor y se solucionó añadiendo una comprobación dentro de la rutina de verificación, pero en este caso no se llega en absoluto a la rutina de verificación en la configuración por defecto, por lo que el defecto persiste. Este problema afecta a Apache Camel: desde la versión 4.15.0 hasta la 4.18.3, y desde la 4.19.0 hasta la 4.21.0. Se recomienda a los usuarios que actualicen a la versión 4.21.0, que corrige el problema. Si los usuarios utilizan la rama de versiones 4.18.x, se les sugiere que actualicen a la 4.18.3. En el caso de las implementaciones que no puedan actualizarse de inmediato, configure un requiredRoles o requiredPermissions no vacío en cada KeycloakSecurityPolicy para que se ejecute la ruta de verificación del token, establezca allowTokenFromHeader en false cuando no se espere que el token provenga del encabezado de la solicitud, o realice la verificación del token en la capa del marco de trabajo antes de la política."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Keycloak","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-keycloak","versions":[{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:36:36.837107Z","id":"CVE-2026-53913","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-636"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-53913.html","source":"security@apache.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55993","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:38.897","lastModified":"2026-07-09T03:03:47.023","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Atmosphere Websocket Component.\n\nThe camel-atmosphere-websocket consumer mapped inbound WebSocket query parameters into the Camel Exchange header map without applying any HeaderFilterStrategy (WebsocketConsumer.sendEventNotification() iterates the query-string map collected in WebsocketConsumer.service() and copies each entry into the Exchange). Because nothing blocked the Camel header namespace, a client connecting to the WebSocket endpoint could set Camel-internal control headers - including CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as query parameters. In a route where the WebSocket consumer feeds a downstream HTTP producer, the injected CamelHttpUri redirects the server-side HTTP request to an attacker-chosen destination (server-side request forgery - for example to an internal service or a cloud metadata endpoint). In addition, the HTTP producer resolves Camel property placeholders on the resulting (attacker-controlled) URI, so placeholders embedded in the injected value - such as an environment-variable reference, an application property, or a vault reference - are resolved to their real values and sent to the attacker, disclosing environment variables, application properties and vault secrets. When the WebSocket endpoint is exposed without authentication, this is reachable by an unauthenticated remote attacker.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. The fix makes the consumer apply the HeaderFilterStrategy it already inherits from the HTTP/servlet stack, filtering the Camel header namespace case-insensitively on inbound mapping, so externally-supplied Camel* / camel* headers are no longer copied into the Exchange. For deployments that cannot upgrade immediately, strip the Camel control headers from the inbound message before they reach any downstream producer (for example removeHeaders('Camel*') and removeHeaders('camel*') at the start of the route), require authentication on the WebSocket endpoint, and avoid bridging an untrusted consumer directly into an HTTP producer whose target URI can be driven from message headers."},{"lang":"es","value":"Validación incorrecta de entradas, exposición de información confidencial a un agente no autorizado y vulnerabilidad de falsificación de solicitudes del lado del servidor (SSRF) en Apache Camel, en el componente Atmosphere WebSocket. El consumidor camel-atmosphere-websocket asignaba los parámetros de consulta de WebSocket entrantes al mapa de encabezados de Camel Exchange sin aplicar ninguna HeaderFilterStrategy (WebsocketConsumer.sendEventNotification() recorre el mapa de cadenas de consulta recopilado en WebsocketConsumer.service() y copia cada entrada en el Exchange). Dado que nada bloqueaba el espacio de nombres de encabezados de Camel, un cliente que se conectara al punto final de WebSocket podía establecer encabezados de control internos de Camel —incluido CamelHttpUri (Exchange.HTTP_URI)— simplemente proporcionándolos como parámetros de consulta. En una ruta en la que el consumidor WebSocket alimenta a un productor HTTP posterior, el CamelHttpUri inyectado redirige la solicitud HTTP del lado del servidor a un destino elegido por el atacante (falsificación de solicitudes del lado del servidor; por ejemplo, a un servicio interno o a un punto final de metadatos en la nube). Además, el productor HTTP resuelve los marcadores de posición de propiedades de Camel en la URI resultante (controlada por el atacante), por lo que los marcadores de posición incrustados en el valor inyectado —como una referencia a una variable de entorno, una propiedad de la aplicación o una referencia al almacén de secretos— se resuelven a sus valores reales y se envían al atacante, revelando variables de entorno, propiedades de la aplicación y secretos del almacén. Cuando el punto final de WebSocket está expuesto sin autenticación, un atacante remoto no autenticado puede acceder a él. Este problema afecta a Apache Camel: desde la versión 4.0.0 hasta la 4.14.8, desde la 4.15.0 hasta la 4.18.3 y desde la 4.19.0 hasta la 4.21.0. Se recomienda a los usuarios que actualicen a la versión 4.21.0, que corrige el problema. Si los usuarios utilizan las versiones LTS de la rama 4.14.x, se les sugiere que actualicen a la 4.14.8. Si los usuarios utilizan las versiones de la rama 4.18.x, se les sugiere que actualicen a la 4.18.3. La corrección hace que el consumidor aplique la estrategia HeaderFilterStrategy que ya hereda de la pila HTTP/servlet, filtrando el espacio de nombres de los encabezados de Camel sin distinguir entre mayúsculas y minúsculas en la asignación de entrada, de modo que los encabezados Camel* / camel* proporcionados externamente ya no se copian en el Exchange. En el caso de las implementaciones que no puedan actualizarse de inmediato, elimine los encabezados de control de Camel del mensaje entrante antes de que lleguen a cualquier productor posterior (por ejemplo, utilice removeHeaders(“Camel*”) y removeHeaders(“camel*”) al inicio de la ruta), exija la autenticación en el punto final de WebSocket y evite conectar un consumidor no fiable directamente a un productor HTTP cuyo URI de destino pueda determinarse a partir de los encabezados del mensaje."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Atmosphere Websocket","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-atmosphere-websocket","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:39:28.374828Z","id":"CVE-2026-55993","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-55993.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/27","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-55994","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:39.033","lastModified":"2026-07-09T03:03:31.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation, Exposure of Sensitive Information to an Unauthorized Actor, Server-Side Request Forgery (SSRF) vulnerability in Apache Camel in Iggy component.\n\nThe camel-iggy consumer mapped the user-headers of inbound Iggy messages into the Camel Exchange header map without applying any HeaderFilterStrategy (IggyFetchRecords copied the message user-headers straight into the Exchange). Because nothing blocked the Camel header namespace, an actor able to publish to the consumed Iggy stream/topic could set Camel-internal control headers - including CamelHttpUri (Exchange.HTTP_URI) - simply by supplying them as message user-headers. In a route where the Iggy consumer feeds a downstream HTTP producer, the injected CamelHttpUri redirects the server-side HTTP request to an attacker-chosen destination (server-side request forgery - for example to an internal service or a cloud metadata endpoint). In addition, the HTTP producer resolves Camel property placeholders on the resulting (attacker-controlled) URI, so placeholders embedded in the injected value - such as an environment-variable reference, an application property, or a vault reference - are resolved to their real values and sent to the attacker, disclosing environment variables, application properties and vault secrets.\nThis issue affects Apache Camel: from 4.17.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. The fix adds a dedicated IggyHeaderFilterStrategy (and a headerFilterStrategy endpoint option) that filters the Camel header namespace case-insensitively on inbound mapping, so externally-supplied Camel* / camel* headers are no longer copied into the Exchange. For deployments that cannot upgrade immediately, strip the Camel control headers from the inbound message before they reach any downstream producer (for example removeHeaders('Camel*') and removeHeaders('camel*') at the start of the route), restrict who can publish to the consumed Iggy stream/topic, and avoid bridging an untrusted consumer directly into an HTTP producer whose target URI can be driven from message headers."},{"lang":"es","value":"Validación incorrecta de entradas, exposición de información confidencial a un agente no autorizado y vulnerabilidad de falsificación de solicitudes del lado del servidor (SSRF) en Apache Camel, en el componente Iggy. El consumidor «camel-iggy» asignaba los encabezados de usuario de los mensajes entrantes de Iggy al mapa de encabezados de Camel Exchange sin aplicar ninguna estrategia de filtrado de encabezados (HeaderFilterStrategy); IggyFetchRecords copiaba los encabezados de usuario del mensaje directamente en el Exchange. Dado que nada bloqueaba el espacio de nombres de encabezados de Camel, un actor capaz de publicar en el flujo o tema de Iggy consumido podía establecer encabezados de control internos de Camel —incluido CamelHttpUri (Exchange.HTTP_URI)— simplemente proporcionándolos como encabezados de usuario del mensaje. En una ruta en la que el consumidor de Iggy alimenta a un productor HTTP posterior, el CamelHttpUri inyectado redirige la solicitud HTTP del lado del servidor a un destino elegido por el atacante (falsificación de solicitudes del lado del servidor; por ejemplo, a un servicio interno o a un punto final de metadatos en la nube). Además, el productor HTTP resuelve los marcadores de posición de propiedades de Camel en la URI resultante (controlada por el atacante), por lo que los marcadores de posición incrustados en el valor inyectado —como una referencia a una variable de entorno, una propiedad de la aplicación o una referencia al almacén de secretos— se resuelven a sus valores reales y se envían al atacante, revelando variables de entorno, propiedades de la aplicación y secretos del almacén. Este problema afecta a Apache Camel: desde la versión 4.17.0 hasta la 4.18.3, y desde la 4.19.0 hasta la 4.21.0. Se recomienda a los usuarios que actualicen a la versión 4.21.0, que corrige el problema. Si los usuarios se encuentran en la rama de versiones 4.18.x, se les sugiere que actualicen a la 4.18.3. La corrección añade una IggyHeaderFilterStrategy específica (y una opción de punto final headerFilterStrategy) que filtra el espacio de nombres de los encabezados de Camel sin distinguir entre mayúsculas y minúsculas en la asignación de entrada, de modo que los encabezados Camel* / camel* proporcionados externamente ya no se copian en el Exchange. En el caso de implementaciones que no puedan actualizarse de inmediato, elimine los encabezados de control de Camel del mensaje entrante antes de que lleguen a cualquier productor posterior (por ejemplo, utilice removeHeaders(“Camel*”) y removeHeaders(“camel*”) al inicio de la ruta), restrinja quién puede publicar en el flujo o tema de Iggy consumido y evite conectar a un consumidor no fiable directamente a un productor HTTP cuyo URI de destino pueda determinarse a partir de los encabezados del mensaje."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Iggy","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-iggy","versions":[{"version":"4.17.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T21:13:32.363904Z","id":"CVE-2026-55994","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.17.0","versionEndExcluding":"4.18.3","matchCriteriaId":"68C91D2C-7EF0-4565-81F8-35AABEB92813"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-55994.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/28","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56139","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:39.157","lastModified":"2026-07-09T03:03:18.000","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Generation of Error Message Containing Sensitive Information vulnerability in Apache Camel Undertow Component.\n\nThe camel-undertow HTTP server consumer exposes a muteException option that controls what is returned to the client when a route processing error occurs. This option defaulted to false, whereas the other Camel HTTP server components (camel-http / camel-jetty / camel-servlet and camel-platform-http) default it to true. With muteException=false, when a request triggers an exception during route processing the consumer writes the full Throwable stack trace into the HTTP response body as text/plain instead of returning an empty body. Any unauthenticated client that can reach the endpoint and cause a processing error - for example by sending a malformed request body, an invalid parameter, or otherwise triggering a route-internal failure - therefore receives a complete Java stack trace. Such a stack trace can disclose sensitive internal information, including credentials embedded in exception messages, internal host names and IP addresses, filesystem paths, dependency and version details, database and class names, and the application's internal structure, which an attacker can use to plan further attacks. In addition, for Rest DSL consumers the muteException option was not honoured at all: the RestUndertowHttpBinding was created with a hard-coded false, so the stack trace was returned even when muteException=true had been configured.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nUsers are recommended to upgrade to version 4.21.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. For deployments that cannot upgrade immediately, set muteException=true explicitly on the camel-undertow consumer (for example undertow: http://0.0.0.0:8080/api?muteException=true , or globally via the camel.component.undertow.mute-exception=true property), so that processing errors no longer return the stack trace to the client; note that on affected releases this workaround does not cover Rest DSL consumers, whose binding ignores the option until the fix is applied."},{"lang":"es","value":"Vulnerabilidad relacionada con la generación de mensajes de error que contienen información confidencial en el componente Apache Camel Undertow. El consumidor del servidor HTTP camel-undertow expone una opción denominada muteException que controla lo que se devuelve al cliente cuando se produce un error en el procesamiento de una ruta. El valor predeterminado de esta opción es false, mientras que en los demás componentes del servidor HTTP de Camel (camel-http, camel-jetty, camel-servlet y camel-platform-http) el valor predeterminado es true. Con muteException=false, cuando una solicitud provoca una excepción durante el procesamiento de la ruta, el consumidor escribe el seguimiento completo de la pila de Throwable en el cuerpo de la respuesta HTTP como text/plain, en lugar de devolver un cuerpo vacío. Por lo tanto, cualquier cliente no autenticado que pueda acceder al punto final y provocar un error de procesamiento —por ejemplo, enviando un cuerpo de solicitud mal formado, un parámetro no válido o provocando de cualquier otra forma un fallo interno de la ruta— recibe un seguimiento completo de la pila de Java. Dicha traza de pila puede revelar información interna confidencial, incluidas credenciales incrustadas en los mensajes de excepción, nombres de host internos y direcciones IP, rutas del sistema de archivos, detalles de dependencias y versiones, nombres de bases de datos y clases, y la estructura interna de la aplicación, que un atacante puede utilizar para planear nuevos ataques. Además, para los usuarios de Rest DSL, la opción `muteException` no se respetaba en absoluto: el `RestUndertowHttpBinding` se creaba con un valor false codificado de forma fija, por lo que se devolvía el seguimiento de la pila incluso cuando se había configurado `muteException=true`. Este problema afecta a Apache Camel: desde la versión 4.0.0 hasta la 4.14.8, desde la 4.15.0 hasta la 4.18.3 y desde la 4.19.0 hasta la 4.21.0. Se recomienda a los usuarios que actualicen a la versión 4.21.0, que corrige el problema. Si los usuarios utilizan la rama de versiones LTS 4.14.x, se les recomienda actualizar a la versión 4.14.8. Si utilizan la rama de versiones 4.18.x, se les recomienda actualizar a la versión 4.18.3. En el caso de implementaciones que no puedan actualizarse de inmediato, se debe establecer explícitamente muteException=true en el consumidor camel-undertow (por ejemplo, undertow: http://0.0.0.0:8080/api?muteException=true, o de forma global mediante la propiedad camel.component.undertow.mute-exception=true), de modo que los errores de procesamiento ya no devuelvan el seguimiento de la pila al cliente; ten en cuenta que, en las versiones afectadas, esta solución provisional no se aplica a los consumidores de Rest DSL, cuyo enlace ignora la opción hasta que se aplique la corrección."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel Undertow","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-undertow","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T20:55:36.900366Z","id":"CVE-2026-56139","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-56139.html","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/05/29","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56140","sourceIdentifier":"security@apache.org","published":"2026-07-06T09:16:39.280","lastModified":"2026-07-09T13:02:06.630","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in Apache Camel AWS SNS component.\n\n\nThe camel-aws2-sns component filters Camel headers through a component-specific HeaderFilterStrategy, Sns2HeaderFilterStrategy. Like the sibling Sqs2HeaderFilterStrategy, it originally configured only an outbound filter (setOutFilterPattern, which blocks Camel*, breadcrumbId and org.apache.camel.* headers from being written out) and did not configure an inbound filter rule. For the related camel-aws2-sqs component this inbound gap was exploitable, because the Sqs2Consumer maps inbound SQS message attributes into the Camel Exchange via HeaderFilterStrategy.applyFilterToExternalHeaders, allowing a message sender to inject Camel control headers (tracked as CVE-2026-46456). camel-aws2-sns, by contrast, is producer-only: Sns2Endpoint does not support consumers (createConsumer throws UnsupportedOperationException, 'You cannot receive messages from this endpoint'), so no externally-supplied message attributes are ever mapped inbound into a Camel Exchange through SNS, and the missing inbound filter rule on Sns2HeaderFilterStrategy was therefore not reachable by an attacker. As part of the same fix (CAMEL-23506), an inbound filter rule (setInFilterStartsWith for the Camel namespace) was added to Sns2HeaderFilterStrategy so that its configuration matches the corrected Sqs2HeaderFilterStrategy and the other sibling strategies. This is a defense-in-depth alignment with no known exploit path in camel-aws2-sns.\n\n\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.21.0.\n\nThis is a defense-in-depth hardening change with no known exploit path in camel-aws2-sns, which is producer-only, so no urgent action or workaround is required. Users who want the aligned behaviour can upgrade to version 4.21.0, or to 4.14.8 on the 4.14.x LTS releases stream, or to 4.18.3 on the 4.18.x releases stream, which contain the change. As a general best practice, operators should continue to apply least-privilege IAM permissions on their SNS topics."},{"lang":"es","value":"Vulnerabilidad por validación incorrecta de entradas en el componente AWS SNS de Apache Camel. El componente «camel-aws2-sns» filtra los encabezados de Camel mediante una estrategia de filtrado de encabezados específica del componente, «Sns2HeaderFilterStrategy». Al igual que su homólogo Sqs2HeaderFilterStrategy, originalmente solo configuraba un filtro de salida (setOutFilterPattern, que impide que se escriban los encabezados Camel*, breadcrumbId y org.apache.camel.*) y no configuraba ninguna regla de filtro de entrada. En el caso del componente relacionado camel-aws2-sqs, esta laguna en el filtrado de entrada era explotable, ya que Sqs2Consumer mapea los atributos de los mensajes SQS entrantes al Camel Exchange mediante HeaderFilterStrategy.applyFilterToExternalHeaders, lo que permite al remitente de un mensaje inyectar encabezados de control de Camel (registrado como CVE-2026-46456). camel-aws2-sns, por el contrario, es exclusivamente de productor: Sns2Endpoint no admite consumidores (createConsumer lanza una excepción UnsupportedOperationException, «No se pueden recibir mensajes desde este punto final»), por lo que ningún atributo de mensaje proporcionado externamente se asigna nunca en la entrada a un Camel Exchange a través de SNS, y, por lo tanto, la regla de filtro de entrada que faltaba en Sns2HeaderFilterStrategy no era accesible para un atacante. Como parte de la misma corrección (CAMEL-23506), se ha añadido una regla de filtro de entrada (setInFilterStartsWith para el espacio de nombres Camel) a Sns2HeaderFilterStrategy, de modo que su configuración coincida con la de Sqs2HeaderFilterStrategy, ya corregida, y con la de las demás estrategias equivalentes. Se trata de una medida de defensa en profundidad sin ninguna vía de explotación conocida en camel-aws2-sns. Este problema afecta a Apache Camel: desde la versión 4.0.0 hasta la 4.14.8, desde la 4.15.0 hasta la 4.18.3 y desde la 4.19.0 hasta la 4.21.0. Se trata de un cambio de refuerzo de la defensa en profundidad sin vías de explotación conocidas en camel-aws2-sns, que es de solo productor, por lo que no se requiere ninguna acción urgente ni solución alternativa. Los usuarios que deseen que el comportamiento se ajuste a lo previsto pueden actualizar a la versión 4.21.0, o a la 4.14.8 en la rama de versiones LTS 4.14.x, o a la 4.18.3 en la rama de versiones 4.18.x, que incluyen el cambio. Como buena práctica general, los operadores deben seguir aplicando permisos IAM de «privilegio mínimo» a sus temas de SNS."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel AWS2 SNS","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.camel:camel-aws2-sns","versions":[{"version":"4.0.0","lessThan":"4.14.8","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThan":"4.18.3","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThan":"4.21.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:31:02.739566Z","id":"CVE-2026-56140","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-56140.html","source":"security@apache.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-8591","sourceIdentifier":"ed10eef1-636d-4fbe-9993-6890dfa878f8","published":"2026-07-06T11:16:25.713","lastModified":"2026-07-09T13:04:39.937","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The software accepts user-supplied input via a URL parameter without adequate output encoding before reflecting it back to the user's browser. This condition allows an attacker to inject malicious script content into pages served by the application.\n\nBy leveraging this weakness, an attacker can cause the user's browser to redirect to a malicious website, modify the UI of the webpage, or retrieve information from the browser. However, the impact is mitigated by the use of httpOnly flags on session-related cookies, preventing session hijacking."}],"affected":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","affectedData":[{"vendor":"WSO2","product":"WSO2 Identity Server","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.10.0","versionType":"custom","status":"unknown"},{"version":"5.10.0","lessThan":"5.10.0.381","versionType":"custom","status":"affected"},{"version":"5.10.0","lessThan":"5.10.0.384","versionType":"custom","status":"affected"},{"version":"6.0.0","lessThan":"6.0.0.255","versionType":"custom","status":"affected"},{"version":"7.0.0","lessThan":"7.0.0.131","versionType":"custom","status":"affected"},{"version":"7.1.0","lessThan":"7.1.0.21","versionType":"custom","status":"affected"},{"version":"7.1.0","lessThan":"7.1.0.51","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 API Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.1.0","versionType":"custom","status":"unknown"},{"version":"3.1.0","lessThan":"3.1.0.355","versionType":"custom","status":"affected"},{"version":"3.2.0","lessThan":"3.2.0.459","versionType":"custom","status":"affected"},{"version":"3.2.1","lessThan":"3.2.1.78","versionType":"custom","status":"affected"},{"version":"4.0.0","lessThan":"4.0.0.380","versionType":"custom","status":"affected"},{"version":"4.1.0","lessThan":"4.1.0.243","versionType":"custom","status":"affected"},{"version":"4.2.0","lessThan":"4.2.0.183","versionType":"custom","status":"affected"},{"version":"4.3.0","lessThan":"4.3.0.94","versionType":"custom","status":"affected"},{"version":"4.4.0","lessThan":"4.4.0.58","versionType":"custom","status":"affected"},{"version":"4.5.0","lessThan":"4.5.0.43","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.7","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 API Control Plane","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.44","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.8","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Traffic Manager","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.42","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.7","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Universal Gateway","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.42","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.7","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Open Banking AM","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.0","versionType":"custom","status":"unknown"},{"version":"2.0.0","lessThan":"2.0.0.404","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Identity Server as Key Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.10.0","versionType":"custom","status":"unknown"},{"version":"5.10.0","lessThan":"5.10.0.375","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Open Banking IAM","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"2.0.0","versionType":"custom","status":"unknown"},{"version":"2.0.0","lessThan":"2.0.0.424","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T11:04:42.314721Z","id":"CVE-2025-8591","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_control_plane:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.44","matchCriteriaId":"3EEB2B5C-1661-45F4-9909-EAA1086B2038"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_control_plane:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.8","matchCriteriaId":"782317B4-CADB-48F1-9ED6-3423161C3AF7"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndExcluding":"3.1.0.355","matchCriteriaId":"B525D489-F3E2-401A-B52A-13C4ABE27E3B"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndExcluding":"3.2.0.459","matchCriteriaId":"3B47BAE2-5527-4E09-8968-E6A7F05393CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.1","versionEndExcluding":"3.2.1.78","matchCriteriaId":"5DE13ADA-7B14-4E1A-A662-C977E52B9B69"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.0.380","matchCriteriaId":"5F90E6ED-EE4F-43FF-B0C3-BFD397D36D6B"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.0.243","matchCriteriaId":"8C211F6A-1C4C-4748-A711-D7E607697DA7"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.2.0.183","matchCriteriaId":"C8834ABC-9249-4969-BB84-F9ED80C8762C"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0","versionEndExcluding":"4.3.0.94","matchCriteriaId":"5CE615B5-9DDA-4DEA-A1BE-A660A30EF9F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.0.58","matchCriteriaId":"C45F22B9-AE3D-4F64-8458-1E80D95CF974"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.43","matchCriteriaId":"B6FA0582-8C11-413F-B5C3-C740C76C0F22"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.7","matchCriteriaId":"07D205A7-8BDF-47AA-B9C3-A5C0C018E654"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.0","versionEndExcluding":"5.10.0.384","matchCriteriaId":"92B2A962-462E-433E-A918-4A3949190754"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.0.0.255","matchCriteriaId":"9BA7443A-4D9D-4A72-8361-71CD14BFFC1F"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.0.0","versionEndExcluding":"7.0.0.131","matchCriteriaId":"110F5D8D-32E8-4E7B-8925-D04781FC8B2D"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server:*:*:*:*:*:*:*:*","versionStartIncluding":"7.1.0","versionEndExcluding":"7.1.0.51","matchCriteriaId":"290B6F9F-C620-4C42-A095-58E2A6057C35"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:identity_server_as_key_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"5.10.0","versionEndExcluding":"5.10.0.375","matchCriteriaId":"FBBDC7FF-75BF-44E2-A12E-1A39577421EA"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:open_banking_am:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.0.404","matchCriteriaId":"2CA09F50-25B4-40C7-BBD2-2456EF96898E"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:open_banking_iam:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.0.424","matchCriteriaId":"4CC0BAF2-3A88-4EB1-9652-9DBFE8EF0674"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.42","matchCriteriaId":"0337DA4D-6D6D-489A-BD02-DCF3CB3EDDE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.7","matchCriteriaId":"90699855-9764-46ED-97C1-7720E22DEBE4"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:universal_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.42","matchCriteriaId":"DD5C8591-B117-4775-A083-D0C65120303A"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:universal_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.7","matchCriteriaId":"7FF82291-D261-4D97-915C-02B0CC65870F"}]}]}],"references":[{"url":"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2025-4343/","source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44936","sourceIdentifier":"meissner@suse.de","published":"2026-07-06T11:16:27.610","lastModified":"2026-07-09T20:34:30.743","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Missing filtering when the helmRepoURLRegex field isn't set on a GitRepo resource in SUSE Rancher Fleet's bundle reader in 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 forwards Helm authentication credentials (BasicAuth) to any URL specified in the helm.repo field of a fleet.yaml file, allowing attackers able to push to fleet monitored git repos to leak helm access credentials."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"SUSE","product":"Rancher","defaultStatus":"unaffected","packageName":"Fleet","repo":"https://github.com/rancher/fleet","versions":[{"version":"0.15.0","lessThan":"0.15.2","versionType":"semver","status":"affected"},{"version":"0.14.0","lessThan":"0.14.6","versionType":"semver","status":"affected"},{"version":"0.13.0","lessThan":"0.13.11","versionType":"semver","status":"affected"},{"version":"0.12.0","lessThan":"0.12.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:47:38.527371Z","id":"CVE-2026-44936","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.12.0","versionEndExcluding":"0.12.15","matchCriteriaId":"8DE7373C-74E0-4B59-AF44-ECB9AC0130B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.13.0","versionEndExcluding":"0.13.11","matchCriteriaId":"D76AA40B-6291-46DC-BE27-BF4B8F6A8B23"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.14.0","versionEndExcluding":"0.14.6","matchCriteriaId":"F267A8DC-9A24-4A98-B765-CEEC0EBC2576"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.15.0","versionEndExcluding":"0.15.2","matchCriteriaId":"BE1A7C49-CBBF-45BA-91F1-D2DA940BE908"}]}]}],"references":[{"url":"https://github.com/advisories/GHSA-hx4v-cxpf-vh8m","source":"meissner@suse.de","tags":["Exploit","Third Party Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-44937","sourceIdentifier":"meissner@suse.de","published":"2026-07-06T11:16:27.727","lastModified":"2026-07-09T20:24:49.943","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Potential forgery of webhook requests when using a unauthenticated webhook in SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.5 could be used by remote attackers to cause a denial of service or a downgrade attack on other repositories on the system."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"SUSE","product":"Rancher","defaultStatus":"unaffected","packageName":"Fleet","repo":"https://github.com/rancher/fleet/","versions":[{"version":"0.15.0","lessThan":"0.15.2","versionType":"semver","status":"affected"},{"version":"0.14.0","lessThan":"0.14.6","versionType":"semver","status":"affected"},{"version":"0.13.0","lessThan":"0.13.11","versionType":"semver","status":"affected"},{"version":"0.12.0","lessThan":"0.12.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T12:46:52.400471Z","id":"CVE-2026-44937","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.12.0","versionEndExcluding":"0.12.15","matchCriteriaId":"8DE7373C-74E0-4B59-AF44-ECB9AC0130B9"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.13.0","versionEndExcluding":"0.13.11","matchCriteriaId":"D76AA40B-6291-46DC-BE27-BF4B8F6A8B23"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.14.0","versionEndExcluding":"0.14.6","matchCriteriaId":"F267A8DC-9A24-4A98-B765-CEEC0EBC2576"},{"vulnerable":true,"criteria":"cpe:2.3:a:suse:rancher_fleet:*:*:*:*:*:*:*:*","versionStartIncluding":"0.15.0","versionEndExcluding":"0.15.2","matchCriteriaId":"BE1A7C49-CBBF-45BA-91F1-D2DA940BE908"}]}]}],"references":[{"url":"https://github.com/rancher/fleet/security/advisories/GHSA-jmf4-m7j9-g72r","source":"meissner@suse.de","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46587","sourceIdentifier":"security@apache.org","published":"2026-07-06T11:16:28.677","lastModified":"2026-07-08T14:38:17.680","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in Apache Camel.\n\nThis issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0.\n\nUsers are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.14.7","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThanOrEqual":"4.18.2","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThanOrEqual":"4.20.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:39:16.885479Z","id":"CVE-2026-46587","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46587.html","source":"security@apache.org","tags":["Vendor Advisory","Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/15","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-46588","sourceIdentifier":"security@apache.org","published":"2026-07-06T11:16:28.777","lastModified":"2026-07-08T14:38:22.180","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in Apache Camel.\n\nThis issue affects Apache Camel: through 4.14.7, from 4.15.0 through 4.18.2, from 4.19.0 through 4.20.0.\n\nUsers are recommended to upgrade to version 4.14.8, 4.18.3, 4.21.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.14.7","versionType":"semver","status":"affected"},{"version":"4.15.0","lessThanOrEqual":"4.18.2","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThanOrEqual":"4.20.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:37:28.968816Z","id":"CVE-2026-46588","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.14.8","matchCriteriaId":"7662EB25-EAB6-493F-924C-5CA8A6F462B4"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15.0","versionEndExcluding":"4.18.3","matchCriteriaId":"0AEE4159-4465-4ACD-B94A-1E4682C85270"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-46588.html","source":"security@apache.org","tags":["Vendor Advisory","Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/16","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49042","sourceIdentifier":"security@apache.org","published":"2026-07-06T11:16:29.607","lastModified":"2026-07-08T14:38:10.537","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in Apache Camel.\n\nThis issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0.\n\nUsers are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Camel","defaultStatus":"unaffected","versions":[{"version":"4.8.0","lessThanOrEqual":"4.18.2","versionType":"semver","status":"affected"},{"version":"4.19.0","lessThanOrEqual":"4.20.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:39:58.115864Z","id":"CVE-2026-49042","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.8.0","versionEndExcluding":"4.18.3","matchCriteriaId":"E24A874B-2B0D-4B55-A6E7-4865E7B13ED8"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:camel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.19.0","versionEndExcluding":"4.21.0","matchCriteriaId":"1C2A1A7A-FADC-470F-8265-FA126AFD94ED"}]}]}],"references":[{"url":"https://camel.apache.org/security/CVE-2026-49042.html","source":"security@apache.org","tags":["Vendor Advisory","Patch"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/17","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49297","sourceIdentifier":"security@apache.org","published":"2026-07-06T11:16:30.207","lastModified":"2026-07-08T14:53:39.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Apache Airflow's Google provider operators `GCSToSFTPOperator` and `GCSTimeSpanFileTransformOperator` joined GCS object names returned by the bucket listing API directly to a destination filesystem path without normalisation or containment check. A user with write access to the source GCS bucket (typically a different trust principal than the DAG author — partner uploads, ingest-only service accounts, public-data buckets) could create an object whose name contains `..` segments and cause the DAG run to write the downloaded blob outside the configured destination (the SFTP `destination_path` for `GCSToSFTPOperator`; the worker-local temp directory for `GCSTimeSpanFileTransformOperator`), enabling overwrite of arbitrary files on the SFTP server or the worker host. Affects deployments that ingest from buckets writable by less-trusted principals. Users are advised to upgrade to `apache-airflow-providers-google` 22.2.1 or later."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow Google provider","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow-providers-google","versions":[{"version":"0","lessThan":"22.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:25:48.763029Z","id":"CVE-2026-49297","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:apache-airflow-providers-google:*:*:*:*:*:*:*:*","versionEndExcluding":"22.2.1","matchCriteriaId":"6CAFC50E-13FD-4AFB-8556-D9EE695D5A18"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67667","source":"security@apache.org","tags":["Exploit","Issue Tracking","Patch"]},{"url":"https://lists.apache.org/thread/cb5nvoxsj1q7rv878cyqgtg150w0zglq?users@airflow.apache.org","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/04/8","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-4249","sourceIdentifier":"ed10eef1-636d-4fbe-9993-6890dfa878f8","published":"2026-07-06T11:16:30.433","lastModified":"2026-07-09T13:04:57.540","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The throttling event handling mechanism in multiple WSO2 products accepts user-supplied JSON payloads without sufficient validation of their structure and content. This allows an unauthenticated remote attacker to inject malicious JSON data that can lead to a persistent denial of service condition.\n\nSuccessful exploitation of this vulnerability can disrupt the API Gateway, preventing legitimate API traffic from being processed and impacting complete service availability. The denial of service is persistent, requiring manual intervention to restore normal operations."}],"affected":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","affectedData":[{"vendor":"WSO2","product":"WSO2 Universal Gateway","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.54","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.18","versionType":"custom","status":"affected"},{"version":"4.7.0","lessThan":"4.7.0.2","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 Traffic Manager","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.53","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.18","versionType":"custom","status":"affected"},{"version":"4.7.0","lessThan":"4.7.0.2","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 API Control Plane","defaultStatus":"unaffected","versions":[{"version":"4.5.0","lessThan":"4.5.0.55","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.19","versionType":"custom","status":"affected"},{"version":"4.7.0","lessThan":"4.7.0.2","versionType":"custom","status":"affected"}]},{"vendor":"WSO2","product":"WSO2 API Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"3.2.0","versionType":"custom","status":"unknown"},{"version":"3.2.0","lessThan":"3.2.0.470","versionType":"custom","status":"affected"},{"version":"3.2.1","lessThan":"3.2.1.89","versionType":"custom","status":"affected"},{"version":"4.0.0","lessThan":"4.0.0.390","versionType":"custom","status":"affected"},{"version":"4.1.0","lessThan":"4.1.0.254","versionType":"custom","status":"affected"},{"version":"4.2.0","lessThan":"4.2.0.194","versionType":"custom","status":"affected"},{"version":"4.3.0","lessThan":"4.3.0.105","versionType":"custom","status":"affected"},{"version":"4.4.0","lessThan":"4.4.0.69","versionType":"custom","status":"affected"},{"version":"4.5.0","lessThan":"4.5.0.54","versionType":"custom","status":"affected"},{"version":"4.6.0","lessThan":"4.6.0.18","versionType":"custom","status":"affected"},{"version":"4.7.0","lessThan":"4.7.0.2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T11:03:16.637529Z","id":"CVE-2026-4249","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","type":"Secondary","description":[{"lang":"en","value":"CWE-707"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_control_plane:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.55","matchCriteriaId":"E6AE2096-6207-4861-A980-64F5416C19D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_control_plane:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.19","matchCriteriaId":"FC38E438-7325-4C66-A5A8-37B7D8F13B91"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"4.0.0.390","matchCriteriaId":"0703E142-37D2-4078-B277-923B3A457E2B"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"4.1.0.254","matchCriteriaId":"A867EE45-A0AC-4B09-83BA-A6272A2EA011"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"4.2.0.194","matchCriteriaId":"6803CD9D-A16A-4D44-84C6-E5D633C965AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0","versionEndExcluding":"4.3.0.105","matchCriteriaId":"46411B3B-15A5-4B79-9C39-3D09F7454B65"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.0.69","matchCriteriaId":"637EDDCF-CE42-418E-A556-B74290D9C6A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.54","matchCriteriaId":"94BB9179-F8AB-478E-8C20-50FB326DECA0"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.18","matchCriteriaId":"99985361-612C-40EE-9630-1261BD87997C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.53","matchCriteriaId":"64AC5FDC-E47A-48CF-87AD-E2F5B692AE7F"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:traffic_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.18","matchCriteriaId":"551D22E4-FAA7-452F-ADF8-E1AC91150C28"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:universal_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5.0","versionEndExcluding":"4.5.0.54","matchCriteriaId":"DE92AC9A-4016-4715-86F5-0D00DECBD21D"},{"vulnerable":true,"criteria":"cpe:2.3:a:wso2:universal_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.0.18","matchCriteriaId":"EC1DB254-830D-452A-AA6C-D3B87C9A4B3A"}]}]}],"references":[{"url":"https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2026/WSO2-2026-5236/","source":"ed10eef1-636d-4fbe-9993-6890dfa878f8","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13698","sourceIdentifier":"security@openvpn.net","published":"2026-07-06T15:16:35.140","lastModified":"2026-07-09T13:05:30.767","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers with a valid tls-crypt-v2 client key to potentially cause a denial of service"}],"affected":[{"source":"security@openvpn.net","affectedData":[{"vendor":"OpenVPN","product":"OpenVPN","defaultStatus":"unaffected","versions":[{"version":"2.5.0","lessThanOrEqual":"2.5.11","versionType":"semver","status":"affected"},{"version":"2.6.0","lessThanOrEqual":"2.6.20","versionType":"semver","status":"affected"},{"version":"2.7_alpha1","lessThanOrEqual":"2.7.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@openvpn.net","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:28:06.327727Z","id":"CVE-2026-13698","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@openvpn.net","type":"Secondary","description":[{"lang":"en","value":"CWE-401"},{"lang":"en","value":"CWE-770"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-401"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*","versionStartIncluding":"2.5.0","versionEndIncluding":"2.5.11","matchCriteriaId":"F9915569-EAC5-4D79-9840-C792E33F600B"},{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*","versionStartIncluding":"2.6.0","versionEndExcluding":"2.6.21","matchCriteriaId":"DE7F0547-6422-45EF-94F6-1567BF2FC15F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*","versionStartIncluding":"2.7","versionEndExcluding":"2.7.5","matchCriteriaId":"764A9624-67E3-40F7-95FD-476D3681DF44"}]}]}],"references":[{"url":"https://community.openvpn.net/Security%20Announcements/CVE-2026-13698","source":"security@openvpn.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13122","sourceIdentifier":"security@openvpn.net","published":"2026-07-06T16:16:28.677","lastModified":"2026-07-09T13:06:19.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through 2.7.4 allows remote attackers to cause a denial of service via a malformed authentication token that triggers a reachable assertion when external-auth is enabled"}],"affected":[{"source":"security@openvpn.net","affectedData":[{"vendor":"Openvpn","product":"OpenVPN","defaultStatus":"unaffected","versions":[{"version":"2.6.0","lessThanOrEqual":"2.6.20","versionType":"semver","status":"affected"},{"version":"2.7_alpha1","lessThanOrEqual":"2.7.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@openvpn.net","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T15:51:45.374719Z","id":"CVE-2026-13122","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@openvpn.net","type":"Secondary","description":[{"lang":"en","value":"CWE-617"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*","versionStartIncluding":"2.6.0","versionEndExcluding":"2.6.21","matchCriteriaId":"DE7F0547-6422-45EF-94F6-1567BF2FC15F"},{"vulnerable":true,"criteria":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*","versionStartIncluding":"2.7","versionEndExcluding":"2.7.5","matchCriteriaId":"764A9624-67E3-40F7-95FD-476D3681DF44"}]}]}],"references":[{"url":"https://community.openvpn.net/Security%20Announcements/CVE-2026-13122","source":"security@openvpn.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58203","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T16:16:35.590","lastModified":"2026-07-09T20:23:55.267","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pydantic-settings provides settings management using Pydantic. From 2.12.0 until 2.14.2, NestedSecretsSettingsSource reads secret values from files in a configured secrets_dir. When secrets_nested_subdir=True, a directory entry inside secrets_dir that is a symbolic link pointing outside secrets_dir is followed, so files outside the configured directory are read into settings values. The same code path bypasses the documented secrets_dir_max_size protection. An attacker or lower-privileged component able to influence entries in the configured secrets directory (for example, a writable or shared secrets mount) can turn this into an unintended local file read into settings and can defeat the advertised loading-size cap.  This vulnerability is fixed in 2.14.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pydantic","product":"pydantic-settings","versions":[{"version":">= 2.12.0, < 2.14.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T16:19:35.619669Z","id":"CVE-2026-58203","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-59"},{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pydantic:pydantic:*:*:*:*:*:*:*:*","versionStartIncluding":"2.12.0","versionEndExcluding":"2.14.2","matchCriteriaId":"BC535D79-BBC1-40FB-8695-DD29EB8D08EC"}]}]}],"references":[{"url":"https://github.com/pydantic/pydantic-settings/security/advisories/GHSA-4xgf-cpjx-pc3j","source":"security-advisories@github.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://github.com/pydantic/pydantic-settings/security/advisories/GHSA-4xgf-cpjx-pc3j","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-5268","sourceIdentifier":"7bd90cf1-1651-495e-9ae8-9415fb3c9feb","published":"2026-07-06T16:16:38.433","lastModified":"2026-07-08T21:16:54.663","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An authentication bypass vulnerability exists in\nthe default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass\nsecurity controls and gain unauthorized access to the underlying filesystem.\nSuccessful exploitation could allow an attacker to read or modify system files."}],"affected":[{"source":"7bd90cf1-1651-495e-9ae8-9415fb3c9feb","affectedData":[{"vendor":"CIENA","product":"6500 S-Series","defaultStatus":"unaffected","versions":[{"version":"R16.96 and prior","status":"affected"}]},{"vendor":"CIENA","product":"6500 T-Series","defaultStatus":"unaffected","versions":[{"version":"R16.1 and prior","status":"affected"}]},{"vendor":"CIENA","product":"PTS","defaultStatus":"unaffected","versions":[{"version":"R16.1 and prior","status":"affected"}]},{"vendor":"CIENA","product":"CPL","defaultStatus":"unaffected","versions":[{"version":"R12.63 and prior","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T18:42:35.509616Z","id":"CVE-2026-5268","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"7bd90cf1-1651-495e-9ae8-9415fb3c9feb","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://www.ciena.com/product-security","source":"7bd90cf1-1651-495e-9ae8-9415fb3c9feb"}]}},{"cve":{"id":"CVE-2026-43825","sourceIdentifier":"security@apache.org","published":"2026-07-06T17:16:31.570","lastModified":"2026-07-08T19:46:24.460","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted Java Deserialization in Apache OpenNLP SvmDoccatModel\n\nVersions Affected:\n  before 3.0.0-M4 (libsvm document categorization module; introduced in\n  OPENNLP-1808 and only present on the 3.x line)\n\nDescription:\nSvmDoccatModel.deserialize(InputStream) reads an attacker-controlled\nstream with java.io.ObjectInputStream and calls readObject() without an\nObjectInputFilter installed. ObjectInputStream materialises every class\nreferenced in the stream before the resulting object is cast to\nSvmDoccatModel, so the cast that follows readObject() executes only\nafter the foreign object graph has already been deserialised in full.\n\nIf a Java deserialization gadget chain is available on the consumer's\nclasspath, a crafted payload supplied to\ndeserialize() executes arbitrary code in the JVM that loads it. Apache\nOpenNLP itself does not ship a known gadget chain, so the realistic\nrisk is to downstream applications that embed the libsvm module\nalongside vulnerable transitive dependencies. The method is public and\nstatic, so any caller can pass an untrusted stream to it directly.\n\nThe practical impact is remote code execution against processes that\nload SvmDoccatModel instances from untrusted or semi-trusted origins.\n\nMitigation:\n\n3.x users should upgrade to 3.0.0-M4.\n\nUsers who cannot upgrade immediately should treat all serialized\nSvmDoccatModel streams as untrusted input unless their provenance is\nverified, and should avoid invoking SvmDoccatModel.deserialize() on\nstreams supplied by end users or fetched from third-party sources\nwithout integrity checks."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache OpenNLP :: Core :: ML :: LibSVM","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.opennlp:opennlp-ml-libsvm","versions":[{"version":"3.0.0-M1","lessThan":"3.0.0-M4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:11:49.058504Z","id":"CVE-2026-43825","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:opennlp:3.0.0:m1:*:*:*:*:*:*","matchCriteriaId":"57E14048-91DB-4673-9A7B-B15675B3994A"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:opennlp:3.0.0:m2:*:*:*:*:*:*","matchCriteriaId":"2E738486-C0BD-4FDB-8880-DBC2BA4C0D77"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:opennlp:3.0.0:m3:*:*:*:*:*:*","matchCriteriaId":"FB9FDE8C-5093-4106-99EA-D1C273B81D21"}]}]}],"references":[{"url":"https://lists.apache.org/thread/c7kom0pgk9cbpfnbooh5m3g85ndf50hn","source":"security@apache.org","tags":["Mailing List","Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/06/9","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48316","sourceIdentifier":"psirt@adobe.com","published":"2026-07-06T17:16:32.010","lastModified":"2026-07-09T17:19:22.820","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"ColdFusion","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"2023.20","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T03:56:40.241331Z","id":"CVE-2026-48316","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:-:*:*:*:*:*:*","matchCriteriaId":"B02A37FE-5D31-4892-A3E6-156A8FE62D28"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update1:*:*:*:*:*:*","matchCriteriaId":"0AA3D302-CFEE-4DFD-AB92-F53C87721BFF"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update10:*:*:*:*:*:*","matchCriteriaId":"645D1B5F-2DAB-4AB8-A465-AC37FF494F95"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update11:*:*:*:*:*:*","matchCriteriaId":"ED6D8996-0770-4C9F-BEA5-87EA479D40A5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update12:*:*:*:*:*:*","matchCriteriaId":"4836086E-3D4A-4A07-A372-382D385CB490"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update13:*:*:*:*:*:*","matchCriteriaId":"CBC19168-4184-4B59-B9C8-E98844124EED"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update14:*:*:*:*:*:*","matchCriteriaId":"A60DCD92-9A5B-411C-9554-642C91D77FAE"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update15:*:*:*:*:*:*","matchCriteriaId":"58CC65EF-60A3-4DFA-AA51-E5013F116CEA"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update16:*:*:*:*:*:*","matchCriteriaId":"2E3EBFB1-4488-4924-A2E2-B7E422D68345"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update17:*:*:*:*:*:*","matchCriteriaId":"A683F9B2-A0DC-4AA0-BE97-9E74FA200AB1"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update18:*:*:*:*:*:*","matchCriteriaId":"8689F35F-9A81-45D2-B782-DBA12306BA45"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update19:*:*:*:*:*:*","matchCriteriaId":"5FAA5985-4B25-46C5-8064-0713AB251704"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update2:*:*:*:*:*:*","matchCriteriaId":"EB88D4FE-5496-4639-BAF2-9F29F24ABF29"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update20:*:*:*:*:*:*","matchCriteriaId":"9E3884AF-7A1A-4604-B653-6694B7BD1E86"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update3:*:*:*:*:*:*","matchCriteriaId":"43E0ED98-2C1F-40B8-AF60-FEB1D85619C0"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update4:*:*:*:*:*:*","matchCriteriaId":"76204873-C6E0-4202-8A03-0773270F1802"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update5:*:*:*:*:*:*","matchCriteriaId":"C1A22BE9-0D47-4BA8-8BDB-9B12D7A0F7C7"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update6:*:*:*:*:*:*","matchCriteriaId":"E3A83642-BF14-4C37-BD94-FA76AABE8ADC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update7:*:*:*:*:*:*","matchCriteriaId":"A892E1DC-F2C8-4F53-8580-A2D1BEED5A25"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update8:*:*:*:*:*:*","matchCriteriaId":"DB97ADBA-C1A9-4EE0-9509-68CB12358AE5"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2023:update9:*:*:*:*:*:*","matchCriteriaId":"E17C38F0-9B0F-4433-9CBD-6E3D63EA9BDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:-:*:*:*:*:*:*","matchCriteriaId":"30779417-D4E5-4A01-BE0E-1CE1D134292A"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update1:*:*:*:*:*:*","matchCriteriaId":"80D7FC6A-F264-4CB1-A18D-B091EBA47882"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update2:*:*:*:*:*:*","matchCriteriaId":"E3DA0D20-93BA-4C76-A400-159853CD7277"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update3:*:*:*:*:*:*","matchCriteriaId":"5BAB6F21-61F1-43AB-88BA-553CD9AD6C0E"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update4:*:*:*:*:*:*","matchCriteriaId":"C85288B9-5D63-49EA-828A-8DB3BB2367F6"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update5:*:*:*:*:*:*","matchCriteriaId":"3882A011-5A01-48E7-B5E7-5A837B1CE245"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update6:*:*:*:*:*:*","matchCriteriaId":"AACCE621-3380-4144-BA1B-AA26FE96B902"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update7:*:*:*:*:*:*","matchCriteriaId":"EBC62370-3FA2-4AF7-A201-4155D09051F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update8:*:*:*:*:*:*","matchCriteriaId":"D7616F34-9422-4815-806F-4484F68ED2A8"},{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:coldfusion:2025:update9:*:*:*:*:*:*","matchCriteriaId":"FB078BC9-164F-46D0-99F8-086F93FF2046"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/coldfusion/apsb26-68.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54291","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T19:17:08.407","lastModified":"2026-07-09T13:16:25.717","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pgjdbc is an open source postgresql JDBC Driver. In releases 42.7.4 through 42.7.11, channelBinding=require connections can be silently downgraded from SCRAM-SHA-256-PLUS with channel binding to plain SCRAM-SHA-256 without it, losing the man-in-the-middle protection the setting is meant to guarantee. An attacker who can intercept the TLS connection can trigger the downgrade with a certificate whose signature algorithm has no tls-server-end-point channel-binding hash, because the bundled com.ongres.scram:scram-client returns an empty byte array instead of failing and pgJDBC ScramAuthenticator checks only that the server advertised a PLUS mechanism, without rejecting the empty binding or checking that the negotiated mechanism uses channel binding. This issue is fixed in version 42.7.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"pgjdbc","product":"pgjdbc","versions":[{"version":">= 42.7.4, < 42.7.12","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:47:12.248185Z","id":"CVE-2026-54291","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-636"},{"lang":"en","value":"CWE-757"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:postgresql:postgresql_jdbc_driver:*:*:*:*:*:*:*:*","versionStartIncluding":"42.7.4","versionEndExcluding":"42.7.12","matchCriteriaId":"A4316240-4F4D-4E4B-80A6-E6EACEFFF161"}]}]}],"references":[{"url":"https://github.com/ongres/scram/releases/tag/3.3","source":"security-advisories@github.com","tags":["Not Applicable"]},{"url":"https://github.com/pgjdbc/pgjdbc/commit/77df98e4e66c12936ded3478a0954f6f580bad99","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-j92g-9f8w-j867","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9181","sourceIdentifier":"psirt@esri.com","published":"2026-07-06T19:17:09.553","lastModified":"2026-07-08T15:16:32.720","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Esri ArcGIS Server contains a directory traversal vulnerability. ArcGIS Enterprise on Kubernetes is not impacted. An unauthenticated attacker could exploit this issue by sending crafted path parameters. Successful exploitation could allow overwriting sensitive files on the system. Abuse of this issue can allow full administrative access to ArcGIS Server, with high impact to confidentiality, integrity, and availability. This issue impacts all versions of ArcGIS Server on Windows and Linux 12.0 and prior. This issue does not impact ArcGIS Enterprise for Kubernetes."}],"affected":[{"source":"psirt@esri.com","affectedData":[{"vendor":"Esri","product":"ArcGIS Server","defaultStatus":"unaffected","platforms":["Windows","Linux"],"versions":[{"version":"0","lessThanOrEqual":"12.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@esri.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-9181","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@esri.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0","matchCriteriaId":"C61890F4-51DC-4DC5-8993-4C9D2CA0099A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/may-2026-arcgis-security-bulletin","source":"psirt@esri.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-9182","sourceIdentifier":"psirt@esri.com","published":"2026-07-06T19:17:09.680","lastModified":"2026-07-08T16:16:35.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Esri ArcGIS Server contains an unrestricted file upload vulnerability. An unauthenticated attacker could exploit this issue by uploading a crafted file to the affected endpoint. Successful exploitation could allow arbitrary file upload, potentially allowing for other attacks. This issue impacts all versions of ArcGIS Server on Windows and Linux 12.0 and prior. This issue does not impact ArcGIS Enterprise for Kubernetes."}],"affected":[{"source":"psirt@esri.com","affectedData":[{"vendor":"Esri","product":"ArcGIS Server","defaultStatus":"unaffected","platforms":["Windows","Linux"],"versions":[{"version":"0","lessThanOrEqual":"12.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@esri.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-06T19:21:40.781968Z","id":"CVE-2026-9182","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@esri.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:esri:arcgis_server:*:*:*:*:*:*:*:*","versionEndIncluding":"12.0","matchCriteriaId":"C61890F4-51DC-4DC5-8993-4C9D2CA0099A"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/may-2026-arcgis-security-bulletin","source":"psirt@esri.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-11405","sourceIdentifier":"cret@cert.org","published":"2026-07-06T20:16:29.450","lastModified":"2026-07-08T14:16:54.773","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8.\r\n\r\n- The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key).\r\n- After normal authentication fails, it calls GetValue(\"sys.rzadmin.password\") to read a backdoor password from the device configuration.\r\n- It performs a direct strcmp() comparison (plaintext, not hashed) between the config value and the user-supplied password.\r\n\r\nA successful match grants role=2 (admin-level access) and creates a valid session. The rzadmin username is never checked — any username works with the backdoor"}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"Tenda","product":"firmware","versions":[{"version":"US_AC6V2.0RTL_V15.03.06.51_multi_T","status":"affected"}]},{"vendor":"Tenda","product":"firmware","versions":[{"version":"US_AC5V1.0RTL_V15.03.06.48_multi_TDE01","status":"affected"}]},{"vendor":"Tenda","product":"firmware","versions":[{"version":"US_AC10V1.0re_V15.03.06.46_multi_TDE01","status":"affected"}]},{"vendor":"Tenda","product":"firmware","versions":[{"version":"US_W15EV1.0br_V15.11.0.5(1068_1567_841)_EN_TDE","status":"affected"}]},{"vendor":"Tenda","product":"firmware","versions":[{"version":"US_FH1201V1.0BR_V1.2.0.14(408)_EN_TD","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T03:56:43.961536Z","id":"CVE-2026-11405","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://cwe.mitre.org/data/definitions/912.html","source":"cret@cert.org"},{"url":"https://kb.cert.org/vuls/id/213560","source":"cret@cert.org"},{"url":"https://www.kb.cert.org/vuls/id/213560","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-14536","sourceIdentifier":"security@devolutions.net","published":"2026-07-06T20:16:29.883","lastModified":"2026-07-09T16:16:36.927","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper enforcement of a mandatory multi-factor authentication policy in Devolutions Server 2026.2.9.0 allows an attacker with valid user credentials to bypass the MFA Required policy and authenticate without completing multi-factor authentication. The problem occurs when DVLS encounters an invalid default MFA value."}],"affected":[{"source":"security@devolutions.net","affectedData":[{"vendor":"Devolutions","product":"Server","defaultStatus":"unaffected","versions":[{"version":"2026.2.4","lessThan":"2026.2.9","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:02:50.670875Z","id":"CVE-2026-14536","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:devolutions:devolutions_server:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.2.4.0","versionEndIncluding":"2026.2.9.0","matchCriteriaId":"32CBC404-3680-4B99-BEC7-4DB4AFD60E12"}]}]}],"references":[{"url":"https://devolutions.net/security/advisories/DEVO-2026-0023/","source":"security@devolutions.net","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48267","sourceIdentifier":"psirt@adobe.com","published":"2026-07-06T21:16:56.223","lastModified":"2026-07-08T19:42:40.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue requires user interaction in that a victim must open a malicious file."}],"affected":[{"source":"psirt@adobe.com","affectedData":[{"vendor":"Adobe","product":"DNG SDK","defaultStatus":"affected","versions":[{"version":"0","lessThanOrEqual":"1.7.1 2536","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@adobe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:43:39.490277Z","id":"CVE-2026-48267","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@adobe.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:adobe:dng_software_development_kit:*:*:*:*:*:*:*:*","versionEndExcluding":"1.7.1.2611","matchCriteriaId":"EB12F01C-B3CE-4C78-8974-8E1F27294CBA"}]}]}],"references":[{"url":"https://helpx.adobe.com/security/products/dng-sdk/apsb26-67.html","source":"psirt@adobe.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-50135","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:56.347","lastModified":"2026-07-08T14:53:04.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Hugo is a static site generator. From 0.123.0 to 0.161.1, a regression made  RootMappingFs.statRoot  use  Stat  (follows symlinks) instead of  Lstat , so a direct  resources.Get  of a symlink pointing outside its mount returned the target's contents — letting a symlink planted in a local mount (e.g. a vendored  themes/  theme) read arbitrary files accessible to the Hugo user. Go-module themes from GitHub (symlinks stripped) and directory walks were unaffected. Fixed in 0.162.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"gohugoio","product":"hugo","versions":[{"version":">= 0.123.0, < 0.162.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:52:31.351209Z","id":"CVE-2026-50135","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gohugo:hugo:*:*:*:*:*:*:*:*","versionStartIncluding":"0.123.0","versionEndExcluding":"0.161.1","matchCriteriaId":"C293B2BB-CA8A-4ECD-9674-943C0196A0A1"}]}]}],"references":[{"url":"https://github.com/gohugoio/hugo/commit/f8b5fa09a64950c32b803821ede411ebfe772b7a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/gohugoio/hugo/releases/tag/v0.162.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/gohugoio/hugo/security/advisories/GHSA-fw87-fv5r-9fpw","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54763","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:56.787","lastModified":"2026-07-08T20:16:52.803","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Traefik is an HTTP reverse proxy and load balancer. Prior to v2.11.51, v3.6.22, and v3.7.6, Traefik's BasicAuth, DigestAuth, and ForwardAuth middlewares strip canonical-cased spoofed identity headers before writing Traefik's own value, but do not account for underscore-variant header names, which many backends normalize identically to dashed forms. An attacker able to reach a protected route can inject an underscore-variant header that survives Traefik's stripping and reaches the backend alongside, or on the unauthenticated ForwardAuth authResponseHeaders path instead of, the value Traefik intended to set, spoofing identity or authorization context. This issue is fixed in versions v2.11.51, v3.6.22, and v3.7.6."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"traefik","product":"traefik","versions":[{"version":"< 2.11.51","status":"affected"},{"version":">= 3.0.0-beta1, < 3.6.22","status":"affected"},{"version":">= 3.7.0-ea.1, < 3.7.6","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:13:29.094037Z","id":"CVE-2026-54763","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-178"},{"lang":"en","value":"CWE-290"},{"lang":"en","value":"CWE-345"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionEndExcluding":"2.11.51","matchCriteriaId":"5AEF8E00-6A9F-4F16-BEC2-9CCF183AC647"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"3.6.22","matchCriteriaId":"A035A58C-BBD8-4E57-B6F3-A42E2F9CC4BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:traefik:traefik:*:*:*:*:*:*:*:*","versionStartIncluding":"3.7.0","versionEndExcluding":"3.7.6","matchCriteriaId":"359A11C2-8FAA-436F-BB24-C2B166473FDC"}]}]}],"references":[{"url":"https://github.com/traefik/traefik/commit/108a5264473a2cbc8f12d6d691a3c6553cdf2c1b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/traefik/traefik/pull/13262","source":"security-advisories@github.com","tags":["Issue Tracking"]},{"url":"https://github.com/traefik/traefik/security/advisories/GHSA-x677-9fxg-v5c5","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57572","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T21:16:58.047","lastModified":"2026-07-08T20:16:53.567","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Crawl4AI is an open-source LLM-friendly web crawler and scraper. Prior to 0.9.0, the Docker API server accepted request-supplied browser_config.extra_args, which flowed into Chromium's launch arguments. An attacker could inject Chromium switches that replace a child-process launch command together with --no-zygote, causing Chromium to fork or exec an attacker-controlled command as the container's runtime user. The Docker API is unauthenticated by default, so a single request yields arbitrary command execution. This issue is fixed in version 0.9.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"unclecode","product":"crawl4ai","versions":[{"version":"< 0.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:13:03.306047Z","id":"CVE-2026-57572","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-88"},{"lang":"en","value":"CWE-94"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:kidocode:crawl4ai:*:*:*:*:*:*:*:*","versionEndExcluding":"0.9.0","matchCriteriaId":"E7ED5B79-F478-4E2C-B384-BA572D992FAA"}]}]}],"references":[{"url":"https://github.com/unclecode/crawl4ai/commit/60886d1a0c52682e4c83a7cef9dfac417fff6bd2","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/unclecode/crawl4ai/security/advisories/GHSA-r253-r9jw-qg44","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34167","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:48.497","lastModified":"2026-07-08T20:16:48.697","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the ActivityMonitor Livewire component exposes a public $activityId property without Livewire's #[Locked] attribute. It loads activities via Activity::find($this->activityId) with no authorization or team scoping. Activity IDs are auto-incrementing integers. Any authenticated user can enumerate activity records across all teams and read the full command output from remote SSH processes, which may include secrets, configuration files, and infrastructure details. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:14:55.507572Z","id":"CVE-2026-34167","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/2729dffb3e30167c1ffd642357b7e0bb99b7d180","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9189","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-962v-gxmw-56hc","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-962v-gxmw-56hc","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-38973","sourceIdentifier":"cve@mitre.org","published":"2026-07-06T22:16:48.767","lastModified":"2026-07-09T16:16:40.723","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"mrubyc through release3.4.1 was found to contain an out-of-bounds read in builtin missing-method lookup inside mrbc_find_method()."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:57:08.540622Z","id":"CVE-2026-38973","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://github.com/mrubyc/mrubyc","source":"cve@mitre.org"},{"url":"https://github.com/mrubyc/mrubyc/commit/f83a8b67ca1c7c62ac0dd548a363d79f767c4e30","source":"cve@mitre.org"},{"url":"https://github.com/mrubyc/mrubyc/issues/279%2C","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-38979","sourceIdentifier":"cve@mitre.org","published":"2026-07-06T22:16:49.010","lastModified":"2026-07-09T16:16:40.873","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"ajenti through v2.2.13 has a clickjacking weakness in the browser-facing login and administrative UI. In ajenti-core/aj/http.py, the core HTTP response path initializes an empty header list, forwards handler-added headers verbatim, and finalizes responses through WSGI start_response() without adding anti-framing protections such as X-Frame-Options or a Content-Security-Policy frame-ancestors restriction."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:00:49.315429Z","id":"CVE-2026-38979","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-1021"}]}],"references":[{"url":"https://github.com/ajenti/ajenti","source":"cve@mitre.org"},{"url":"https://github.com/ajenti/ajenti/commit/e54e83888fc7cb10061a18b04c1a7e3100d77f03","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-43918","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T22:16:49.707","lastModified":"2026-07-08T20:16:49.663","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, when a client or staff/admin account is suspended or marked inactive, existing authenticated sessions are not invalidated. The session identity loaders in src/di.php (loggedin_client and loggedin_admin) only reject sessions if the backing account record no longer exists in the database. They do not verify that the account's status is still active. This allows a suspended or deactivated user to retain full access until their session naturally expires. This issue has been fixed in version 0.8.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":"< 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:13:53.682802Z","id":"CVE-2026-43918","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/releases/tag/0.8.0","source":"security-advisories@github.com"},{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-qv6c-v49w-8g2j","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53641","sourceIdentifier":"security-advisories@github.com","published":"2026-07-06T23:16:55.967","lastModified":"2026-07-08T20:16:52.437","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a stored cross-site scripting (XSS) vulnerability in the client-facing email history views of FOSSBilling. Email HTML content (`content_html`) is rendered into a JavaScript template literal using the `|raw` filter, bypassing all output escaping. An attacker with admin access can inject malicious JavaScript payloads into email content that execute in the browser of any client who views their email history. Version 0.8.0 contains a fix. Some workarounds are available. Restrict admin account access, audit email content in the database for suspicious payloads, and/or monitor client accounts for unusual activity."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"FOSSBilling","product":"FOSSBilling","versions":[{"version":">= 0.6.0, < 0.8.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:48:10.248215Z","id":"CVE-2026-53641","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-838"}]}],"references":[{"url":"https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-q6c8-6r72-35f7","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2024-56141","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T00:16:33.607","lastModified":"2026-07-08T20:16:46.777","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Minosoft is an open-source, multi-version Minecraft Java Edition client written in Kotlin. Starting in commit f1ae30e2b046a490026a8413b075685deb795122, the CryptManager  encryption routine ( CryptManager.kt ) initializes its AES cipher using an initialization vector (IV) that is set equal to the secret key rather than to a sufficiently random value. Because the IV is not random and is derived directly from the key, the encryption is vulnerable to chosen-ciphertext/chosen-plaintext attacks: an attacker who can submit specific messages for encryption can recover the secret key. This affects all versions supporting Minecraft protocol 1.7 and later. No patched version is available, and no known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"Bixilon","product":"Minosoft","versions":[{"version":">= f1ae30e2b046a490026a8413b075685deb795122","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:48:31.002750Z","id":"CVE-2024-56141","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-329"}]}],"references":[{"url":"https://github.com/Bixilon/Minosoft/blob/3a608abe2d0999e4e702cc1b2d28366884c7f31e/src/main/java/de/bixilon/minosoft/protocol/protocol/encryption/CryptManager.kt#L72","source":"security-advisories@github.com"},{"url":"https://github.com/Bixilon/Minosoft/security/advisories/GHSA-rvr6-48rj-c94j","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-13356","sourceIdentifier":"security@mozilla.org","published":"2026-07-07T00:16:34.063","lastModified":"2026-07-08T14:52:38.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A malicious webpage could interrupt a pending navigation by enqueuing a synchronous JavaScript dialog, causing the browser UI to display the destination origin in the address bar while continuing to render attacker-controlled content. This vulnerability was fixed in Firefox for iOS 152.3."}],"affected":[{"source":"security@mozilla.org","affectedData":[{"vendor":"Mozilla","product":"Firefox for iOS","versions":[{"version":"152.3","lessThanOrEqual":"*","versionType":"rpm","status":"unaffected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:26:57.344345Z","id":"CVE-2026-13356","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-451"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:iphone_os:*:*","versionEndExcluding":"152.3","matchCriteriaId":"71042F58-3679-49B6-B19D-B7F7342C4A1B"}]}]}],"references":[{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=2047768","source":"security@mozilla.org","tags":["Permissions Required"]},{"url":"https://www.mozilla.org/security/advisories/mfsa2026-65/","source":"security@mozilla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-34044","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:48.153","lastModified":"2026-07-09T16:16:39.660","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.466, the Logs::mount() component looks up resources by UUID without scoping the lookup to the current team, allowing an authenticated user to access logs for applications owned by other teams by supplying a victim resource UUID. This issue is fixed in version 4.0.0-beta.466."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.466","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:16.024637Z","id":"CVE-2026-34044","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/6fbb5e626a82c576ae7a1a08b4e1d16aee2e82ed","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.466","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-565g-9j4m-wqmr","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-34152","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:50.043","lastModified":"2026-07-09T16:16:39.760","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, pre-deployment and post-deployment commands are single-quote escaped but then sent through SSH heredoc transport that preserves newlines, allowing an authenticated user to inject additional shell statements that execute on the remote server during deployment. This issue is fixed in version 4.0.0-beta.471."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.471","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:31:18.948810Z","id":"CVE-2026-34152","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/ad95d65aca064f49b38f73f88d61f842737d5463","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9173","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.471","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-5qp8-9gg7-4c86","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-42145","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T04:17:51.353","lastModified":"2026-07-09T16:16:41.330","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, the file upload endpoint (app/Http/Controllers/UploadController.php) for database backup restore uploads did not enforce file type or size validation, allowing an authenticated user to upload unexpected or oversized files that could affect service availability. This issue is fixed in version 4.0.0-beta.474."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coollabsio","product":"coolify","versions":[{"version":"< 4.0.0-beta.474","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:17.298839Z","id":"CVE-2026-42145","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"},{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://github.com/coollabsio/coolify/commit/e6a6446daeace2999fb77888a611a3271812911f","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/pull/9667","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/releases/tag/v4.0.0-beta.474","source":"security-advisories@github.com"},{"url":"https://github.com/coollabsio/coolify/security/advisories/GHSA-66gv-g2w9-6wxp","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-10834","sourceIdentifier":"contact@wpscan.com","published":"2026-07-07T06:16:21.637","lastModified":"2026-07-09T16:16:34.507","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Travel Engine  WordPress plugin before 6.8.1 does not properly validate the source of a user-supplied profile image path before moving the file, allowing authenticated users with subscriber-level access and above to relocate arbitrary files within the WordPress uploads directory into their own profile-image path. This removes the targeted media from its original location and can break content across the site."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"WP Travel Engine","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"6.8.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.1,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:35:10.278364Z","id":"CVE-2026-10834","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/5b939f98-0fbd-4f89-9948-77dbcc67f9d3/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-14345","sourceIdentifier":"security@wordfence.com","published":"2026-07-07T06:16:22.113","lastModified":"2026-07-08T18:16:32.003","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsanitized write of attacker-controlled postData values into a PHP-includeable .log file combined with the use of include_once to render that file in wpfnl_show_log. This makes it possible for unauthenticated attackers to execute code on the server. Exploitation requires that the Log Settings \"Enable Logs\" toggle is on and that an administrator subsequently opens the polluted log file via the plugin's Log Settings View UI; however, the nonce required to reach the optin endpoint is publicly emitted on every funnel step page, so the injection step itself is fully unauthenticated."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"getwpfunnels","product":"WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.12.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:52:57.720625Z","id":"CVE-2026-14345","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.5/admin/modules/settings/class-wpfnl-settings.php#L709","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.5/includes/core/classes/class-wpfnl-ajax-handler.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.5/includes/core/classes/class-wpfnl-ajax-handler.php#L523","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.5/public/class-wpfnl-public.php#L1185","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.7/admin/modules/settings/class-wpfnl-settings.php#L709","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.7/includes/core/classes/class-wpfnl-ajax-handler.php#L39","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.7/includes/core/classes/class-wpfnl-ajax-handler.php#L523","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wpfunnels/tags/3.12.7/public/class-wpfnl-public.php#L1185","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset/3597260/wpfunnels/trunk/admin/modules/settings/class-wpfnl-settings.php","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?old_path=%2Fwpfunnels/tags/3.12.7&new_path=%2Fwpfunnels/tags/3.12.8","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5d84d749-0ab5-49dd-8e4f-45681f197742?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11610","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T10:16:39.690","lastModified":"2026-07-08T21:16:46.137","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A heap buffer overflow flaw was found in the SASL I/O layer of 389 Directory Server\n(389-ds-base). After a successful SASL bind with integrity protection (SSF > 0),\nan authenticated attacker can send a specially crafted oversized LDAP UNBIND packet\nthat is copied into a 512-byte heap receive buffer without a bounds check in\nsasl_io_recv() in sasl_io.c. This allows up to approximately 2 megabytes of\nattacker-controlled data to overflow the buffer, causing a denial of service (server\ncrash). In FreeIPA and Red Hat Identity Management deployments, any domain user with\na valid Kerberos ticket, any enrolled host, or any service account can trigger this\nvulnerability over the network after authenticating via GSSAPI.\nThe vulnerable code path has existed since approximately 2013 (389-ds-base 1.3.2) and\nwas not addressed by the CVE-2025-14905 fix, which patched a separate heap overflow\nin schema.c only."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"389ds","product":"389-ds-base","defaultStatus":"unaffected","collectionURL":"https://github.com/389ds/389-ds-base","packageName":"389-ds-base","versions":[{"version":"1.3.2","lessThanOrEqual":"3.3.0","versionType":"semver","status":"affected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.5 E4S for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server_e4s:11.5::el8"],"versions":[{"version":"8060020260702180044.0ca98e7e","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.7 E4S for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server_e4s:11.7::el8"],"versions":[{"version":"8080020260702180836.f969626e","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 11.9 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11","cpes":["cpe:/a:redhat:directory_server:11.9::el8"],"versions":[{"version":"8100020260702145313.37ed7c03","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.2 E4S for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12","cpes":["cpe:/a:redhat:directory_server_e4s:12.2::el9"],"versions":[{"version":"9020020260703060155.1674d574","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12.4 E4S for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12","cpes":["cpe:/a:redhat:directory_server_e4s:12.4::el9"],"versions":[{"version":"9040020260703055735.1674d574","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:10.2"],"versions":[{"version":"0:3.2.0-8.el10_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10.0 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"versions":[{"version":"0:3.0.6-19.el10_0","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7 Extended Lifecycle Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:rhel_els:7"],"versions":[{"version":"0:1.3.11.1-13.el7_9","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:enterprise_linux:8::appstream"],"versions":[{"version":"8100020260626120929.25e700aa","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"8040020260629123121.96015a92","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.4::appstream","cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"],"versions":[{"version":"8040020260629123121.96015a92","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"8060020260626130540.824efc52","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_aus:8.6::appstream","cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"],"versions":[{"version":"8060020260626130540.824efc52","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Telecommunications Update Service","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020260630025241.6dbb3803","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4","cpes":["cpe:/a:redhat:rhel_e4s:8.8::appstream","cpe:/a:redhat:rhel_tus:8.8::appstream"],"versions":[{"version":"8080020260630025241.6dbb3803","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:enterprise_linux:9::appstream","cpe:/a:redhat:enterprise_linux:9::crb"],"versions":[{"version":"0:2.8.0-8.el9_8","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"versions":[{"version":"0:2.2.4-19.el9_2","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_e4s:9.4::appstream"],"versions":[{"version":"0:2.4.5-26.el9_4","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9.6 Extended Update Support","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream","cpe:/a:redhat:rhel_eus:9.6::crb"],"versions":[{"version":"0:2.6.1-22.el9_6","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13.2","defaultStatus":"affected","collectionURL":"https://catalog.redhat.com/software/containers/","packageName":"dirsrv/dirsrv-container-rhel10","cpes":["cpe:/a:redhat:directory_server:13.2::el10"],"versions":[{"version":"1783452100","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12/389-ds-base","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:6"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T21:02:20.457715Z","id":"CVE-2026-11610","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36195","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36196","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36197","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36198","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36200","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36201","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36202","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36204","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36205","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36206","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36208","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36209","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36585","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36641","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36660","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36670","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36671","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2026-11610","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2484414","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-14867","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-07-07T10:16:40.120","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Credentials of built-in users are insecurely stored in the User directory of PcVue projects, all versions prior to 17.0.0. A local attacker could retrieve users’ credentials. \n\nActive Directory accounts are not affected by this vulnerability."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"affected","versions":[{"version":"0","lessThan":"17.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Amber","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:08:53.050760Z","id":"CVE-2026-14867","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-256"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndExcluding":"17.0.0","matchCriteriaId":"62062D62-40E8-496A-A847-6D864DDA46C9"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-5","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14868","sourceIdentifier":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","published":"2026-07-07T10:16:40.273","lastModified":"2026-07-09T18:32:08.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The encryption algorithm used to protect the configuration of user accounts, stored in the built-in user directory of PcVue projects, all versions prior to 17.0.0, is not strong enough for the level of protection required. A local attacker could alter the existing configuration and ultimately gain privileged access to the PcVue application."}],"affected":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","affectedData":[{"vendor":"arcinfo","product":"PcVue","defaultStatus":"affected","versions":[{"version":"0","lessThan":"17.0.0","versionType":"cpe","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:X/RE:M/U:Amber","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"YES","Recovery":"USER","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"MODERATE","providerUrgency":"AMBER"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","ssvcData":{"options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CNA","version":"2.0.3"}},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T12:07:11.716678Z","id":"CVE-2026-14868","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","type":"Secondary","description":[{"lang":"en","value":"CWE-326"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:arcinfo:pcvue:*:*:*:*:*:*:*:*","versionEndExcluding":"17.0.0","matchCriteriaId":"62062D62-40E8-496A-A847-6D864DDA46C9"}]}]}],"references":[{"url":"https://www.pcvue.com/security/#SB2026-5","source":"87c8e6ad-f0f5-4ca8-89e2-89f26d6ed932","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-33264","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:40.443","lastModified":"2026-07-08T19:37:10.507","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossing the Airflow security boundary that DAG-author code must never execute in those processes. Users are advised to upgrade to `apache-airflow` 3.3.0 or later. As a defense-in-depth mitigation, deployments where DAG-author trust is limited can restrict the `[core] allowed_deserialization_classes` config to a narrow allowlist."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-33264","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-502"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/66002","source":"security@apache.org","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/apache/airflow/pull/68528","source":"security@apache.org","tags":["Issue Tracking","Patch"]},{"url":"https://lists.apache.org/thread/otvdw8qt2y7xy2n5nq9xby9ky4rf5ltj","source":"security@apache.org","tags":["Vendor Advisory","Mailing List"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","Mailing List"]}]}},{"cve":{"id":"CVE-2026-48828","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:41.260","lastModified":"2026-07-08T19:26:11.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Bulk Variables API in Apache Airflow called the redactor without passing the variable's key, so the key-based `should_hide_value_for_key` check (which triggers on secret-suffixed key names like `*_password` / `*_token` / `*_secret`) could not fire for JSON-decodable variable values. An authenticated UI/API user with bulk Variable read permission could retrieve plaintext values from JSON variables whose key would otherwise trigger redaction. Affects deployments that store sensitive values in JSON-typed Airflow Variables under secret-suffixed key names. Users are advised to upgrade to `apache-airflow` 3.3.0 or later (the fix landed on `main` after 3.2.2; no 3.2.x backport)."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:47:25.626361Z","id":"CVE-2026-48828","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67495","source":"security@apache.org","tags":["Issue Tracking","Patch"]},{"url":"https://lists.apache.org/thread/y9kf314t6dhnv994hr11wj3tbow847yc","source":"security@apache.org","tags":["Vendor Advisory","Mailing List"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","Mailing List"]}]}},{"cve":{"id":"CVE-2026-48891","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:41.373","lastModified":"2026-07-09T13:16:42.860","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A bug in Apache Airflow's `/ui/dependencies` scheduling graph endpoint applied the caller's readable-Dag filter to the top-level serialized Dag key but still emitted referenced Dag IDs through the `dep.source` and `dep.target` fields of trigger / sensor dependency entries. An authenticated UI user with read permission on some Dags could enumerate the identifiers of other Dags they were not authorized to read by inspecting the dependency graph for trigger / sensor references. Affects deployments that rely on per-Dag read scoping to keep Dag identifiers private across teams. This is a residual gap in the fix for CVE-2026-28563, which filtered the top-level Dag key but did not propagate the filter into the trigger / sensor dep-source / dep-target fields. Users who already upgraded for CVE-2026-28563 should additionally upgrade to `apache-airflow` 3.3.0 or later to cover the residual trigger / sensor dependency leak."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:24:41.564185Z","id":"CVE-2026-48891","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67627","source":"security@apache.org","tags":["Issue Tracking"]},{"url":"https://lists.apache.org/thread/wzc8nflg94rq6w8f5tvtlo0o3g4wjrfl","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-28563","source":"security@apache.org","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-48892","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:41.480","lastModified":"2026-07-09T13:16:57.813","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Config API in Apache Airflow surfaced per-key secrets-backend overrides (environment variables like `AIRFLOW__SECRETS__BACKEND_KWARG__SECRET_ID` and `AIRFLOW__WORKERS__SECRETS_BACKEND_KWARG__SECRET_ID`) as synthetic config options whose option names were not in `sensitive_config_values`, so the masker did not redact them. An authenticated UI/API user with Config read permission could retrieve plaintext secrets-backend credentials (Vault `role_id` / `secret_id`, etc.) from the Config API output. Affects deployments that configure secrets backends via per-key environment overrides. Users are advised to upgrade to `apache-airflow` 3.3.0 or later."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:23:05.117867Z","id":"CVE-2026-48892","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67622","source":"security@apache.org","tags":["Issue Tracking"]},{"url":"https://lists.apache.org/thread/pq5yy40079h6tzh3fxvw28dd8dbk72hk","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-49296","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:41.603","lastModified":"2026-07-08T20:04:17.073","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Before apache-airflow 3.3.0, a user authorized to read one Dag could disclose the source of other Dags co-located in the same source file. `GET /api/v2/dagSources/{dag_id}` — and the equivalent Dag-source view in the UI — returned the entire source file without redacting Dags the caller was not authorized to read, bypassing per-DAG read authorization. Deployments that co-locate multiple Dags in a single file and rely on per-DAG access control to limit source visibility are affected; single-Dag-per-file deployments are not. Upgrade to apache-airflow 3.3.0 or later."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"3.0.0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:28:04.105895Z","id":"CVE-2026-49296","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67662","source":"security@apache.org","tags":["Issue Tracking","Patch"]},{"url":"https://lists.apache.org/thread/qqv41t3oydkn9o14r2rfz1wkdrsp5jzn","source":"security@apache.org","tags":["Vendor Advisory","Mailing List"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/5","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","Mailing List"]}]}},{"cve":{"id":"CVE-2026-49487","sourceIdentifier":"security@apache.org","published":"2026-07-07T10:16:41.723","lastModified":"2026-07-09T13:17:08.983","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In Apache Airflow before 3.3.0, the REST API task-instance detail and list\nendpoints returned a deferred task's trigger kwargs without masking. When a\ndeferred operator passed a secret (for example a provider API key) into its\ntrigger, any authenticated user with DAG-scoped task-instance read access for\nthat DAG could read that secret in clear text while the task was deferred.\nUsers should upgrade to apache-airflow 3.3.0 or later, which masks sensitive\nvalues in trigger kwargs returned by the API."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Airflow","defaultStatus":"unaffected","collectionURL":"https://pypi.python.org","packageName":"apache-airflow","versions":[{"version":"0","lessThan":"3.3.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:41:40.350304Z","id":"CVE-2026-49487","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"6E334749-0D93-4319-9286-B9AC590F4698"}]}]}],"references":[{"url":"https://github.com/apache/airflow/pull/67868","source":"security@apache.org","tags":["Issue Tracking"]},{"url":"https://lists.apache.org/thread/qlw6pozlzlfhkvmbgqsbjlq6vj4v0pc4","source":"security@apache.org","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/6","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-10659","sourceIdentifier":"vulnerabilities@zephyrproject.org","published":"2026-07-07T13:16:29.043","lastModified":"2026-07-09T17:42:30.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The Dhara flash translation layer disk driver (drivers/disk/ftl_dhara.c) implemented the dhara_nand_ callbacks so that, on a flash error, the error code was written unconditionally through the caller-supplied dhara_error_t err pointer (e.g. *err = DHARA_E_ECC in dhara_nand_read, and similar in dhara_nand_erase/prog/copy). The upstream Dhara library calls these callbacks with err == NULL along its journal-resume binary search: find_last_checkblock() invokes find_checkblock(j, mid, &found, NULL), which forwards the NULL pointer into dhara_nand_read(). This path runs during disk_ftl_access_init() -> dhara_map_resume() whenever the FTL disk is mounted/initialised. If a flash read error (uncorrectable ECC, bad block, controller error) occurs on one of the probed checkpoint pages, the driver dereferences and writes to NULL, faulting the kernel (denial of service). The trigger is conditioned on the NAND medium content/health, which can be influenced by media wear, induced faults, or a corrupted/crafted on-flash image. The fix routes all error assignments through the library's NULL-safe dhara_set_error() helper. Affects Zephyr v4.4.0, where the driver was introduced."}],"affected":[{"source":"vulnerabilities@zephyrproject.org","affectedData":[{"vendor":"zephyrproject","product":"zephyr","defaultStatus":"unaffected","collectionURL":"https://github.com/zephyrproject-rtos/zephyr","packageName":"zephyr","versions":[{"version":"4.4.0","lessThan":"4.5.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T13:24:10.256609Z","id":"CVE-2026-10659","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vulnerabilities@zephyrproject.org","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:zephyrproject:zephyr:4.4.0:*:*:*:*:*:*:*","matchCriteriaId":"BCD89951-E5B1-416E-B009-99D2CFB72BFD"}]}]}],"references":[{"url":"https://github.com/zephyrproject-rtos/zephyr/commit/a8371b0d4719efe37a66e2abb618ad9b81792212","source":"vulnerabilities@zephyrproject.org","tags":["Patch"]},{"url":"https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-q28v-3729-f82g","source":"vulnerabilities@zephyrproject.org","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53481","sourceIdentifier":"security_alert@emc.com","published":"2026-07-07T13:16:31.397","lastModified":"2026-07-08T19:57:35.883","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access to the system. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-53481","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53483","sourceIdentifier":"security_alert@emc.com","published":"2026-07-07T13:16:31.590","lastModified":"2026-07-08T19:57:04.163","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 an improper authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access. This is a critical severity vulnerability as it allows an attacker to take complete control of system; so Dell recommends customers to upgrade at the earliest opportunity."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-53483","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53479","sourceIdentifier":"security_alert@emc.com","published":"2026-07-07T14:16:32.410","lastModified":"2026-07-08T19:57:25.183","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special elements used in an OS command ('OS command Injection') vulnerability. A remote high privileged attacker could potentially exploit this vulnerability, leading to protection mechanism bypass. This is a Critical vulnerability as it allows an attacker to invoke arbitrary command execution with root privileges; so Dell recommends customers to upgrade at the earliest opportunity."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T03:56:33.302107Z","id":"CVE-2026-53479","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-12352","sourceIdentifier":"e8a6bb0b-e373-42b1-a5de-93e314325576","published":"2026-07-07T15:16:42.283","lastModified":"2026-07-09T19:19:56.577","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device."}],"affected":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","affectedData":[{"vendor":"Digi International","product":"PortServer TS 1/2/4","defaultStatus":"unaffected","versions":[{"version":"82000747_V1","lessThanOrEqual":"82000747_AB","versionType":"custom","status":"affected"}]},{"vendor":"Digi International","product":"Digi One SP / SP IA / IA","defaultStatus":"unaffected","versions":[{"version":"82000774-W","lessThanOrEqual":"93000459_AB","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:56:42.626683Z","id":"CVE-2026-12352","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://www.digi.com/resources/security","source":"e8a6bb0b-e373-42b1-a5de-93e314325576"}]}},{"cve":{"id":"CVE-2026-12948","sourceIdentifier":"e8a6bb0b-e373-42b1-a5de-93e314325576","published":"2026-07-07T15:16:42.413","lastModified":"2026-07-09T19:19:56.577","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A stored cross-site scripting (XSS) vulnerability in the web management interface of the Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA allows a remote, authenticated administrator to inject script into certain system configuration fields. The script subsequently executes in the browser of a user who views the affected pages (CWE-79)."}],"affected":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","affectedData":[{"vendor":"Digi International","product":"Digi PortServer TS","defaultStatus":"unaffected","versions":[{"version":"82000747_V1","lessThanOrEqual":"82000747_AB","versionType":"custom","status":"affected"}]},{"vendor":"Digi International","product":"Digi One SP","defaultStatus":"unaffected","versions":[{"version":"82000747_V1","lessThanOrEqual":"82000747_AB","versionType":"custom","status":"affected"}]},{"vendor":"Digi International","product":"Digi One SP IA","defaultStatus":"unaffected","versions":[{"version":"82000747_V1","lessThanOrEqual":"82000747_AB","versionType":"custom","status":"affected"}]},{"vendor":"Digi International","product":"Digi One IA","defaultStatus":"unaffected","versions":[{"version":"82000747_V1","lessThanOrEqual":"82000747_AB","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:56:16.795819Z","id":"CVE-2026-12948","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"e8a6bb0b-e373-42b1-a5de-93e314325576","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://www.digi.com/resources/security","source":"e8a6bb0b-e373-42b1-a5de-93e314325576"}]}},{"cve":{"id":"CVE-2026-14940","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T15:16:43.193","lastModified":"2026-07-09T20:20:52.007","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A heap-buffer-overflow flaw was found in 389 Directory Server (389-ds-base). When\nnormalizing a Distinguished Name (DN) that contains a legacy-quoted value encoding a\nmultivalued nested Relative Distinguished Name (RDN), the server can write past the\nend of a heap allocation while sorting RDN attribute-value pairs. An unauthenticated\nremote attacker can trigger this condition by sending an LDAP operation whose DN\nreaches the DN normalization routine, such as a search with a crafted base DN. This\ncan corrupt heap memory and may cause denial of service."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Directory Server 11","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11/389-ds-base","cpes":["cpe:/a:redhat:directory_server:11"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12/389-ds-base","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4/389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T15:35:34.392277Z","id":"CVE-2026-14940","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:11.0:*:*:*:*:*:*:*","matchCriteriaId":"2A169F6D-88A5-4631-9D30-519350ACFE6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*","matchCriteriaId":"A3DAF61A-58A9-41A6-A4DC-64148055B0C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:13.0:*:*:*:*:*:*:*","matchCriteriaId":"904002F4-762C-4CFF-88C4-8FC929774DF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*","matchCriteriaId":"A861110D-0BBC-4052-BBFD-F718F6CD72C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14940","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2497697","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48588","sourceIdentifier":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","published":"2026-07-07T15:16:47.447","lastModified":"2026-07-09T13:01:25.340","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`UpdateCacheMiddleware` and the `cache_page()` decorator cache responses that vary on cookies when the incoming request carries unrelated cookies, which allows remote attackers to read private data from the shared cache.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Chris Whyland for reporting this issue."}],"affected":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","affectedData":[{"vendor":"djangoproject","product":"Django","defaultStatus":"unaffected","collectionURL":"https://pypi.org/project/Django/","packageName":"django","repo":"https://github.com/django/django/","versions":[{"version":"6.0","lessThan":"6.0.7","versionType":"python","status":"affected"},{"version":"6.0.7","versionType":"python","status":"unaffected"},{"version":"5.2","lessThan":"5.2.16","versionType":"python","status":"affected"},{"version":"5.2.16","versionType":"python","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.3,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:59:46.664212Z","id":"CVE-2026-48588","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","description":[{"lang":"en","value":"CWE-524"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.2.16","matchCriteriaId":"C0B79BBD-C987-4A96-A18F-14A3492416EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.7","matchCriteriaId":"1256CB79-DD55-4E6A-BF09-9F18703BA172"}]}]}],"references":[{"url":"https://docs.djangoproject.com/en/dev/releases/security/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Patch","Vendor Advisory"]},{"url":"https://groups.google.com/g/django-announce","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Release Notes"]},{"url":"https://www.djangoproject.com/weblog/2026/jul/07/security-releases/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Vendor Advisory","Patch"]}]}},{"cve":{"id":"CVE-2026-53877","sourceIdentifier":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","published":"2026-07-07T15:16:48.453","lastModified":"2026-07-09T12:59:39.403","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`django.contrib.gis.gdal.GDALRaster` over-reads its in-memory buffer when constructed from a bytes object, which can disclose adjacent memory or cause service degradation via a potential segmentation fault when the `vsi_buffer` property is accessed.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Bence Nagy for reporting this issue."}],"affected":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","affectedData":[{"vendor":"djangoproject","product":"Django","defaultStatus":"unaffected","collectionURL":"https://pypi.org/project/Django/","packageName":"django","repo":"https://github.com/django/django/","versions":[{"version":"6.0","lessThan":"6.0.7","versionType":"python","status":"affected"},{"version":"6.0.7","versionType":"python","status":"unaffected"},{"version":"5.2","lessThan":"5.2.16","versionType":"python","status":"affected"},{"version":"5.2.16","versionType":"python","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:58:59.505374Z","id":"CVE-2026-53877","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","description":[{"lang":"en","value":"CWE-805"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.2.16","matchCriteriaId":"C0B79BBD-C987-4A96-A18F-14A3492416EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.7","matchCriteriaId":"1256CB79-DD55-4E6A-BF09-9F18703BA172"}]}]}],"references":[{"url":"https://docs.djangoproject.com/en/dev/releases/security/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Patch","Vendor Advisory"]},{"url":"https://groups.google.com/g/django-announce","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Release Notes"]},{"url":"https://www.djangoproject.com/weblog/2026/jul/07/security-releases/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Vendor Advisory","Patch"]}]}},{"cve":{"id":"CVE-2026-53878","sourceIdentifier":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","published":"2026-07-07T15:16:48.583","lastModified":"2026-07-09T12:58:17.183","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Django 6.0 before 6.0.7 and 5.2 before 5.2.16.\n`DomainNameValidator` does not prohibit newlines in domain names (unless used via a form field, since `CharField` strips newlines). If an application uses values with newlines in an HTTP response, header injection can occur. Django itself is unaffected because `HttpResponse` prohibits newlines in HTTP headers.\nEarlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected.\nDjango would like to thank Bence Nagy for reporting this issue."}],"affected":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","affectedData":[{"vendor":"djangoproject","product":"Django","defaultStatus":"unaffected","collectionURL":"https://pypi.org/project/Django/","packageName":"django","repo":"https://github.com/django/django/","versions":[{"version":"6.0","lessThan":"6.0.7","versionType":"python","status":"affected"},{"version":"6.0.7","versionType":"python","status":"unaffected"},{"version":"5.2","lessThan":"5.2.16","versionType":"python","status":"affected"},{"version":"5.2.16","versionType":"python","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T14:58:12.426667Z","id":"CVE-2026-53878","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","type":"Secondary","description":[{"lang":"en","value":"CWE-144"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"5.2.16","matchCriteriaId":"C0B79BBD-C987-4A96-A18F-14A3492416EA"},{"vulnerable":true,"criteria":"cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0","versionEndExcluding":"6.0.7","matchCriteriaId":"1256CB79-DD55-4E6A-BF09-9F18703BA172"}]}]}],"references":[{"url":"https://docs.djangoproject.com/en/dev/releases/security/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Patch","Vendor Advisory"]},{"url":"https://groups.google.com/g/django-announce","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Release Notes"]},{"url":"https://www.djangoproject.com/weblog/2026/jul/07/security-releases/","source":"6a34fbeb-21d4-45e7-8e0a-62b95bc12c92","tags":["Vendor Advisory","Patch"]}]}},{"cve":{"id":"CVE-2026-14935","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T16:16:38.010","lastModified":"2026-07-08T15:24:06.060","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"gstreamer1-plugins-bad-free","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:13:21.634704Z","id":"CVE-2026-14935","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-670"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14935","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2497679","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer-security/-/merge_requests/98","source":"secalert@redhat.com"},{"url":"https://gitlab.freedesktop.org/gstreamer/gstreamer/-/work_items/5171","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-14969","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T16:16:38.310","lastModified":"2026-07-09T20:16:29.207","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in 389-ds-base where the LDBM backend attribute encryption uses a hardcoded static initialization vector for AES-CBC and 3DES-CBC operations, allowing an attacker with privileged filesystem access to detect plaintext equality across encrypted entries by comparing ciphertext blocks."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Directory Server 11","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11/389-ds-base","cpes":["cpe:/a:redhat:directory_server:11"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12/389-ds-base","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unknown","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4/389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:11:32.041523Z","id":"CVE-2026-14969","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-329"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:11.0:*:*:*:*:*:*:*","matchCriteriaId":"2A169F6D-88A5-4631-9D30-519350ACFE6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*","matchCriteriaId":"A3DAF61A-58A9-41A6-A4DC-64148055B0C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:13.0:*:*:*:*:*:*:*","matchCriteriaId":"904002F4-762C-4CFF-88C4-8FC929774DF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*","matchCriteriaId":"A861110D-0BBC-4052-BBFD-F718F6CD72C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-14969","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2497735","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56811","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-07T16:16:40.710","lastModified":"2026-07-09T14:59:45.367","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix (Phoenix.Socket module) allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a reachable channel transport (WebSocket or LongPoll).\n\nThis vulnerability is associated with program files lib/phoenix/socket.ex and program routine 'Elixir.Phoenix.Socket':handle_in/4.\n\nPhoenix transports do not limit the number of channels that a single transport process may join. Every phx_join message a client sends over one connection starts a persistent channel process, and the socket process accepts an unbounded number of them. A single unauthenticated client can therefore open one WebSocket or LongPoll connection and stream a large number of phx_join messages, spawning hundreds of thousands of channel processes over that one connection and eventually reaching the BEAM maximum process limit. Once the process table is exhausted the virtual machine can no longer start new processes, denying service to legitimate traffic across the whole node. Because the amplification happens inside a single connection, network-layer connection caps and rate limiting do not mitigate it.\n\nThe fix adds a :max_channels_per_transport option (default 100) that bounds the number of channels a single transport process can join, forcing abusive clients to open many connections instead, where external load balancers and reverse proxies can throttle them.\n\nThis issue affects phoenix: from 0.11.0 before 1.5.15, from 1.6.0-rc.0 before 1.6.17, from 1.7.0-rc.0 before 1.7.24, and from 1.8.0-rc.0 before 1.8.9."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"phoenixframework","product":"phoenix","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"phoenix","cpes":["cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*"],"modules":["'Elixir.Phoenix.Socket'"],"programFiles":["lib/phoenix/socket.ex"],"programRoutines":[{"name":"'Elixir.Phoenix.Socket':handle_in/4"}],"repo":"https://github.com/phoenixframework/phoenix","packageURL":"pkg:hex/phoenix","versions":[{"version":"0.11.0","lessThan":"1.5.15","versionType":"semver","status":"affected"},{"version":"1.6.0-rc.0","lessThan":"1.6.17","versionType":"semver","status":"affected"},{"version":"1.7.0-rc.0","lessThan":"1.7.24","versionType":"semver","status":"affected"},{"version":"1.8.0-rc.0","lessThan":"1.8.9","versionType":"semver","status":"affected"}]},{"vendor":"phoenixframework","product":"phoenix","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"phoenixframework/phoenix","cpes":["cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*"],"modules":["'Elixir.Phoenix.Socket'"],"programFiles":["lib/phoenix/socket.ex"],"programRoutines":[{"name":"'Elixir.Phoenix.Socket':handle_in/4"}],"repo":"https://github.com/phoenixframework/phoenix","packageURL":"pkg:github/phoenixframework/phoenix","versions":[{"version":"14a297e88023cb280a577962a49a0bbdeef9f4eb","lessThan":"*","versionType":"git","status":"affected","changes":[{"at":"c498ba8cf49f6accbbd0c643a5340b58db891218","status":"unaffected"},{"at":"d19ca0a8d9f82c130b7ed339b9f033433e2dea5e","status":"unaffected"},{"at":"a612100cd8a4279091abc1a2ef8fb98a6d01c0a1","status":"unaffected"},{"at":"16e295d2fccab185d1292322e2bee5d46c725c8a","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:12:27.662417Z","id":"CVE-2026-56811","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.2.0","versionEndExcluding":"1.5.15","matchCriteriaId":"3CF8EA55-C063-4742-87ED-53E1998977B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.0","versionEndExcluding":"1.6.17","matchCriteriaId":"809E49A8-D727-4E05-BBF9-F9E34077E4A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.7.24","matchCriteriaId":"3257C901-8FC3-4107-95C6-C57F909FFE40"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8.0","versionEndExcluding":"1.8.9","matchCriteriaId":"8F98C1AC-1593-43EB-929A-4D3B7597C9BC"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-56811.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch","Third Party Advisory","Mitigation"]},{"url":"https://github.com/phoenixframework/phoenix/commit/16e295d2fccab185d1292322e2bee5d46c725c8a","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/a612100cd8a4279091abc1a2ef8fb98a6d01c0a1","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/c498ba8cf49f6accbbd0c643a5340b58db891218","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/d19ca0a8d9f82c130b7ed339b9f033433e2dea5e","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-6983-jfq8-485w","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch","Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-56811","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Third Party Advisory","Mitigation"]}]}},{"cve":{"id":"CVE-2026-56812","sourceIdentifier":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","published":"2026-07-07T16:16:40.920","lastModified":"2026-07-09T14:51:19.313","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Check for Unusual or Exceptional Conditions vulnerability in phoenixframework phoenix (Presence JavaScript client) allows an attacker with ordinary channel access to cause a persistent client-side denial of service against every viewer of a presence channel topic.\n\nThis vulnerability is associated with program files assets/js/phoenix/presence.js and program routines Presence.syncState and Presence.syncDiff.\n\nThe Phoenix JavaScript presence client checks whether a presence already exists with a bare truthiness test (state[key]) instead of an own-property check. Presence keys can be attacker-controlled, because applications track presences under a username or id supplied by the client. A user who joins a channel choosing a key that is an Object.prototype member name (__proto__, constructor, toString, hasOwnProperty, and similar) makes that lookup return JavaScript's built-in Object.prototype instead of undefined. Because the prototype is truthy, the code treats it as an existing presence and reads .metas.map(...) off it, which throws an uncaught TypeError.\n\nThe exception propagates out of the presence message handler, so the local state is never updated and onSync() never fires. Because the malicious key is tracked on the server, it is re-pushed on every presence update and keeps re-throwing, so presence sync stays broken for every viewer of that channel topic until the attacker leaves. Both syncState and syncDiff use the same unsafe existence-check pattern. The impact is limited to the affected topic and is a read-time confusion of the prototype object, not a mutation of Object.prototype (it is not prototype pollution).\n\nThis issue affects phoenix: from 1.2.0-rc.0 before 1.5.15, from 1.6.0-rc.0 before 1.6.17, from 1.7.0-rc.0 before 1.7.24, and from 1.8.0-rc.0 before 1.8.9."}],"affected":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","affectedData":[{"vendor":"phoenixframework","product":"phoenix","defaultStatus":"unaffected","collectionURL":"https://repo.hex.pm","packageName":"phoenix","cpes":["cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*"],"modules":["Presence"],"programFiles":["assets/js/phoenix/presence.js"],"programRoutines":[{"name":"Presence.syncState"},{"name":"Presence.syncDiff"}],"repo":"https://github.com/phoenixframework/phoenix","packageURL":"pkg:hex/phoenix","versions":[{"version":"1.2.0-rc.0","lessThan":"1.5.15","versionType":"semver","status":"affected"},{"version":"1.6.0-rc.0","lessThan":"1.6.17","versionType":"semver","status":"affected"},{"version":"1.7.0-rc.0","lessThan":"1.7.24","versionType":"semver","status":"affected"},{"version":"1.8.0-rc.0","lessThan":"1.8.9","versionType":"semver","status":"affected"}]},{"vendor":"phoenixframework","product":"phoenix","defaultStatus":"unaffected","collectionURL":"https://registry.npmjs.org","packageName":"phoenix","cpes":["cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*"],"modules":["Presence"],"programFiles":["assets/js/phoenix/presence.js"],"programRoutines":[{"name":"Presence.syncState"},{"name":"Presence.syncDiff"}],"repo":"https://github.com/phoenixframework/phoenix","packageURL":"pkg:npm/phoenix","versions":[{"version":"1.2.0-rc.0","lessThan":"1.5.15","versionType":"semver","status":"affected"},{"version":"1.6.0-rc.0","lessThan":"1.6.17","versionType":"semver","status":"affected"},{"version":"1.7.0-rc.0","lessThan":"1.7.24","versionType":"semver","status":"affected"},{"version":"1.8.0-rc.0","lessThan":"1.8.9","versionType":"semver","status":"affected"}]},{"vendor":"phoenixframework","product":"phoenix","defaultStatus":"unaffected","collectionURL":"https://github.com","packageName":"phoenixframework/phoenix","cpes":["cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*"],"modules":["Presence"],"programFiles":["assets/js/phoenix/presence.js"],"programRoutines":[{"name":"Presence.syncState"},{"name":"Presence.syncDiff"}],"repo":"https://github.com/phoenixframework/phoenix","packageURL":"pkg:github/phoenixframework/phoenix","versions":[{"version":"2270aaf21bd02c6a6a1022820564efb605a97655","lessThan":"*","versionType":"git","status":"affected","changes":[{"at":"7f7b971c1ea0994e3fbd1c11ddb05e780bd38ad8","status":"unaffected"},{"at":"89a1c4be161e436241e12b2378a719904b9bd96f","status":"unaffected"},{"at":"b90b22521465ece00eb5a19d5aa2b9465b209c85","status":"unaffected"},{"at":"beffc4da1e787e572121f68902c63daf4fe7d9c2","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV40":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T16:11:03.353715Z","id":"CVE-2026-56812","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","type":"Secondary","description":[{"lang":"en","value":"CWE-754"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.2.0","versionEndExcluding":"1.5.15","matchCriteriaId":"3CF8EA55-C063-4742-87ED-53E1998977B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.0","versionEndExcluding":"1.6.17","matchCriteriaId":"809E49A8-D727-4E05-BBF9-F9E34077E4A4"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.7.24","matchCriteriaId":"3257C901-8FC3-4107-95C6-C57F909FFE40"},{"vulnerable":true,"criteria":"cpe:2.3:a:phoenixframework:phoenix:*:*:*:*:*:*:*:*","versionStartIncluding":"1.8.0","versionEndExcluding":"1.8.9","matchCriteriaId":"8F98C1AC-1593-43EB-929A-4D3B7597C9BC"}]}]}],"references":[{"url":"https://cna.erlef.org/cves/CVE-2026-56812.html","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch","Third Party Advisory","Mitigation"]},{"url":"https://github.com/phoenixframework/phoenix/commit/7f7b971c1ea0994e3fbd1c11ddb05e780bd38ad8","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/89a1c4be161e436241e12b2378a719904b9bd96f","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/b90b22521465ece00eb5a19d5aa2b9465b209c85","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/commit/beffc4da1e787e572121f68902c63daf4fe7d9c2","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Patch"]},{"url":"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-63mc-hw7g-86rr","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Exploit","Patch","Vendor Advisory"]},{"url":"https://osv.dev/vulnerability/EEF-CVE-2026-56812","source":"6b3ad84c-e1a6-4bf7-a703-f496b71e49db","tags":["Third Party Advisory","Mitigation"]},{"url":"https://github.com/phoenixframework/phoenix/security/advisories/GHSA-63mc-hw7g-86rr","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-12799","sourceIdentifier":"secalert@redhat.com","published":"2026-07-07T17:16:34.640","lastModified":"2026-07-09T16:16:30.723","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting (XSS) attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"io.undertow.jastow-jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1-9.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-activemq-artemis","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.40.0-7.redhat_00015.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-activemq-artemis-native","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"1:2.0.0-2.redhat_00005.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-aesh-extensions","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.8.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-aesh-readline","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.0-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-agroal","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-angus","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.5-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-angus-activation","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.3-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-antlr4","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.13.2-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-beanutils","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.11.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-cli","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.9.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-codec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.17.2-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-collections","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.2.2-28.redhat_2.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-io","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.16.1-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-commons-lang","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.18.0-2.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.10-3.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-cxf-xjc-utils","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-mime4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:0.8.12-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-sshd","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.14.0-4.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-artemis-native","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"1:2.0.0-2.redhat_00005.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-artemis-wildfly-integration","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.4-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-asyncutil","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:0.1.0-2.redhat_00010.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-atinject","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-5.redhat_00007.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-aws-java-sdk","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.30.32-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-azure-storage","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.6.6-5.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-bouncycastle","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.84.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-byte-buddy","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.14.18-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-caffeine","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.8-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-commons-logging-jboss-logging","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.0-2.Final_redhat_1.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-cryptacular","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.2.5-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-eap-product-conf-parent","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:801.7.0-1.GA_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-ecj","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"1:3.33.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-eclipse-jgit","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:6.10.1.202505221210-1.r_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-elasticsearch","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.15.4-4.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-elytron-web","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-eventstream","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.1-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-expressly","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.0-6.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-fastinfoset","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.1-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-fge-btf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.2.0-4.redhat_00007.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-fge-msg-simple","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.0-4.redhat_00007.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-gnu-getopt","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.13-4.redhat_5.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-gson","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.10.1-2.redhat_00005.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-guava-failureaccess","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.3-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-guava-libraries","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:33.0.0-3.jre_redhat_00004.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-h2database","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.2.224-4.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hal-console","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.7.19-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:6.6.50-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate-commons-annotations","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:7.0.3-3.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate-search","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:7.2.6-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate-validator","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.0.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hornetq","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.11-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hppc","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:0.10.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-httpcomponents-asyncclient","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.5-4.redhat_00006.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-httpcomponents-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.5.14-5.redhat_00016.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-httpcomponents-core","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.4.16-6.redhat_00011.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-infinispan","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:15.0.21-1.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-insights-java-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.3-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-installation-manager-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-ironjacamar","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.18-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-annotations","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-core","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-coreutils","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.8.0-3.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-databind","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-dataformats-text","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-jaxrs-providers","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-modules-base","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jackson-modules-java8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.18.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-activation","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.4-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-annotation-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.1-5.redhat_00005.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-authentication-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.0-3.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-authorization-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-3.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-batch-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.1-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-ejb-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.1-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-enterprise-concurrent","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.2-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-enterprise-concurrent-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.3-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-enterprise-lang-model","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.1-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-interceptor-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-5.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-jms-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.0-4.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-json","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.6-5.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-json-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.3-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-mail","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.3-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-resource-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-security-enterprise-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-servlet-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:6.0.0-6.redhat_00007.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-servlet-jsp-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.1-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-servlet-jsp-jstl-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.2-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-transaction-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-3.redhat_00004.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-validation-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.2-3.redhat_00006.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-websocket","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.1-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-ws-rs-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.0-5.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jakarta-xml-bind-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.4-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jandex","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.2.7-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jansi","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.1-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jasypt","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.9.3-4.redhat_00004.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-java-classmate","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.6.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-javaee-jpa-spec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.0-4.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-javaee-security-soteria","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.3-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-javaewah","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.2.3-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-javapackages-tools","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:6.0.0-8.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jaxb","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.6-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jaxbintros","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jberet","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-aesh","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-cert-helper","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.3-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-classfilewriter","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.3.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-common-beans","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-dmr","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.7.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-ejb3-ext-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-ejb-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.8-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-el-api_5.0_spec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-genericjms","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.0-3.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-iiop-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-invocation","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-jakarta-xml-ws-api_4.0_spec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-logging","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.6.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-logmanager","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.19-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-marshalling","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.2.3-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-metadata","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:16.1.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-modules","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.6-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-msc","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.5.5-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-openjdk-orb","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:10.1.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-remoting","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.31-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-remoting-jmx","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.0-3.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-saaj-api_3.0_spec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-stdio","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-threads","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.5.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-transaction-spi","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-vfs","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.3.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-weld-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.0-4.SP3_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-common","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.1.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-common-tools","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:7.3.8-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-jaxws-undertow-httpspi","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-spi","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jboss-xnio-base","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.8.16-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jcip-annotations","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.0-3.redhat_00009.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jctools","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.6-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"1:5.3.23-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups-aws","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups-azure","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.2-1.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups-kubernetes","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-joda-time","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.12.7-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jose4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:0.9.6-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jsf-impl","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.11-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jsonb-spec","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.1-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-json-patch","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.9.0-3.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jul-to-slf4j-stub","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.1-1.Final_redhat_3.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-log4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.23.1-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-log4j2-jboss-logmanager","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-lucene-solr","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:9.11.1-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-mod_cluster","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-narayana","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:7.1.2-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-neethi","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.2.1-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-netty","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.132-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-netty-transport-native-epoll","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.132-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-netty-xnio-transport","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:0.1.10-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-nimbus-jose-jwt","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:9.37.3-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-objectweb-asm","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:9.7.1-3.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-opensaml","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.3.2-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-parsson","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.7-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-pem-keystore","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.4.0-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-plexus-utils","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.6.1-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-protoparser","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.0.3-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-protostream","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.14-2.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-reactive-streams","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.4-4.redhat_00005.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-reactivex-rxjava","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.12-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-reactivex-rxjava2","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.2.21-5.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-resilience4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.2.0-2.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-resteasy","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:6.2.15-1.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-resteasy-extensions","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-3.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-resteasy-spring","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.2.0-3.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-saaj-impl","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.4-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-shibboleth-java-support","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.0.0-6.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-slf4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.17-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-slf4j-jboss-logmanager","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.2-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-snakeyaml","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-stax2-api","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.2.2-2.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-stax-ex","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.0-3.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-staxmapper","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.5.0-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-sun-istack-commons","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:4.1.2-2.redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.24-4.SP3_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow-jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.2.9-1.SP1_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-vdx","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.1.6-3.redhat_1.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-velocity","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-7.redhat_00010.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-weld-core","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.1.6-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.1.7-4.GA_redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-client-config","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.0.1-4.Final_redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-clustering","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:5.0.12-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-common","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.7.0-2.Final_redhat_00003.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-discovery","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.3.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-elytron","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.6.9-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-elytron-ee","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.1.4-2.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-http-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.1.4-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-javadocs","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:8.1.1-11.GA_redhat_00019.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-naming-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.0.1-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-openssl","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-openssl-el10-x86_64","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-1.Final.redhat.00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-transaction-client","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.5-1.Final_redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-woodstox-core","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:7.0.0-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-ws-commons-XmlSchema","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:2.3.0-2.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wsdl4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.6.3-5.redhat_00008.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wss4j","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.4-1.redhat_00002.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-xml-commons-resolver","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:1.2.0-2.redhat_12.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-xml-security","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.5-1.redhat_00001.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-yasson","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el10"],"versions":[{"version":"0:3.0.4-5.redhat_00007.1.el10eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:4.0.10-3.redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-artemis-wildfly-integration","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:2.0.4-1.Final_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-eap-product-conf-parent","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:801.7.0-1.GA_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:6.6.50-1.Final_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:7.3.8-1.Final_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"1:5.3.23-1.Final_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:2.3.24-4.SP3_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow-jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:2.2.9-1.SP1_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:8.1.7-4.GA_redhat_00003.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-elytron","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:2.6.9-1.Final_redhat_00001.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-javadocs","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"],"versions":[{"version":"0:8.1.1-11.GA_redhat_00019.1.el8eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-apache-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:4.0.10-3.redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-artemis-wildfly-integration","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:2.0.4-1.Final_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-eap-product-conf-parent","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:801.7.0-1.GA_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-hibernate","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:6.6.50-1.Final_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jbossws-cxf","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:7.3.8-1.Final_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-jgroups","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"1:5.3.23-1.Final_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:2.3.24-4.SP3_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-undertow-jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:2.2.9-1.SP1_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:8.1.7-4.GA_redhat_00003.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-elytron","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:2.6.9-1.Final_redhat_00001.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"eap8-wildfly-javadocs","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"],"versions":[{"version":"0:8.1.1-11.GA_redhat_00019.1.el9eap","lessThan":"*","versionType":"rpm","status":"unaffected"}]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"eap74-els-openjdk11-openshift-rhel8/eap74-els-openjdk11-openshift-rhel8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"eap74-els-openjdk17-openshift-rhel8/eap74-els-openjdk17-openshift-rhel8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"eap74-els-openjdk8-openshift-rhel8/eap74-els-openjdk8-openshift-rhel8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"io.undertow.jastow-jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"jboss-eap-7/eap74-els-openjdk17-openshift-rhel8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"jboss-eap-7/eap74-els-openjdk8-openshift-rhel8","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:7"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"jastow","cpes":["cpe:/a:redhat:jboss_enterprise_application_platform:8"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"io.undertow.jastow-jastow","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat JBoss Enterprise Application Platform Expansion Pack","defaultStatus":"affected","collectionURL":"https://access.redhat.com/jbossnetwork/restricted/listSoftware.html","packageName":"jastow","cpes":["cpe:/a:redhat:jbosseapxp"]},{"vendor":"Red Hat","product":"Red Hat Single Sign-On 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"jastow","cpes":["cpe:/a:redhat:red_hat_single_sign_on:7"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:34:16.067117Z","id":"CVE-2025-12799","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2026:36342","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36343","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36344","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2026:36345","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-12799","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2413071","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-13019","sourceIdentifier":"psirt@esri.com","published":"2026-07-07T17:16:35.400","lastModified":"2026-07-09T14:40:59.697","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes have a missing authentication for critical function vulnerability allows a remote, unauthenticated attacker to access an unprotected API."}],"affected":[{"source":"psirt@esri.com","affectedData":[{"vendor":"Esri","product":"Portal for ArcGIS","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@esri.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-13019","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@esri.com","type":"Secondary","description":[{"lang":"en","value":"CWE-640"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*","versionEndIncluding":"12.1","matchCriteriaId":"587ADE6F-C9ED-46CD-92F0-0559E73C004B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*","matchCriteriaId":"14C32308-314D-4E0D-B15F-6A68DF21E9F9"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/june-2026-arcgis-security-bulletin","source":"psirt@esri.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13020","sourceIdentifier":"psirt@esri.com","published":"2026-07-07T17:16:35.510","lastModified":"2026-07-09T14:33:14.943","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A Weak Password Recovery Mechanism for Forgotten Password exists in Esri Portal for ArcGIS versions 12.1 and earlier on Windows, Linux and Kubernetes. A remote, unauthorized attacker may assume ownership of a user’s account by manipulating this mechanism. ArcGIS Administrators should configure an email server with ArcGIS Enterprise to facilitate user self-service password recovery. The ability for an administrator to reset a user’s password remains unchanged."}],"affected":[{"source":"psirt@esri.com","affectedData":[{"vendor":"Esri","product":"Portal for ArcGIS","defaultStatus":"unaffected","platforms":["Windows","Linux"],"versions":[{"version":"0","lessThan":"12.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@esri.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T00:00:00+00:00","id":"CVE-2026-13020","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@esri.com","type":"Secondary","description":[{"lang":"en","value":"CWE-640"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:esri:portal_for_arcgis:*:*:*:*:*:*:*:*","versionEndIncluding":"12.1","matchCriteriaId":"587ADE6F-C9ED-46CD-92F0-0559E73C004B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:a:kubernetes:kubernetes:-:*:*:*:*:*:*:*","matchCriteriaId":"14C32308-314D-4E0D-B15F-6A68DF21E9F9"},{"vulnerable":false,"criteria":"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*","matchCriteriaId":"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/june-2026-arcgis-security-bulletin","source":"psirt@esri.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14904","sourceIdentifier":"ff89ba41-3aa1-4d27-914a-91399e9639e5","published":"2026-07-07T17:16:35.627","lastModified":"2026-07-08T15:36:14.057","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"AWS Research and Engineering Studio (RES) is an open-source solution that enables researchers and engineers to create and manage secure virtual desktops and computing resources on AWS.\n\n\n\nImproper link resolution before file access issue (CWE-59) in the Auth.GetUserPrivateKey API. An authenticated remote user could read arbitrary files on the cluster-manager EC2 instance by replacing their SSH private key file (~/.ssh/id_rsa) with a symbolic link targeting any file on the host. Because the cluster-manager process runs as root, any file readable by root is exposed, including other users' SSH private keys and application configuration secrets.\n\n\n\nIt's recommended to upgrade to RES version 2026.06."}],"affected":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","affectedData":[{"vendor":"AWS","product":"res","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2026.03","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T17:08:18.431361Z","id":"CVE-2026-14904","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ff89ba41-3aa1-4d27-914a-91399e9639e5","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://aws.amazon.com/security/security-bulletins/2026-053-aws/","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5"},{"url":"https://github.com/aws/res/releases/tag/2026.06","source":"ff89ba41-3aa1-4d27-914a-91399e9639e5"}]}},{"cve":{"id":"CVE-2026-23697","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T17:16:35.977","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the .phar extension. The uploaded file is stored with its original .phar extension under the web-accessible storage directory, and a misconfigured .htaccess using Apache 2.2 syntax is silently ignored on Apache 2.4 deployments, allowing unauthenticated HTTP requests to directly execute the uploaded PHP payload."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Vtiger","product":"Vtiger CRM","defaultStatus":"affected","repo":"https://sourceforge.net/projects/vtigercrm/","versions":[{"version":"0","lessThanOrEqual":"8.3.0","versionType":"semver","status":"affected"},{"version":"8.4.0","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T17:31:42.988594Z","id":"CVE-2026-23697","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://jivasecurity.com/writeups/vtiger-rce-phar-upload-cve-2026-23697","source":"disclosure@vulncheck.com"},{"url":"https://www.vtiger.com/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/vtiger-crm-authenticated-file-upload-rce-via-documents-module","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-23698","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T17:16:36.123","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents directly into the modules/ directory under the web root without validating file types beyond the manifest.xml descriptor. Attackers can place executable PHP files in the modules/ directory that become directly accessible via HTTP, bypassing Vtiger's authentication and authorization layer entirely since Apache resolves the path and invokes the PHP interpreter before the application routing layer is involved, resulting in a persistent web shell independent of the originating session."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Vtiger","product":"Vtiger CRM","defaultStatus":"affected","repo":"https://sourceforge.net/projects/vtigercrm/","versions":[{"version":"0","lessThanOrEqual":"8.4.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T17:11:14.403153Z","id":"CVE-2026-23698","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://jivasecurity.com/writeups/vtiger-rce-module-import-cve-2026-23698","source":"disclosure@vulncheck.com"},{"url":"https://www.vtiger.com/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/vtiger-crm-authenticated-rce-via-module-import-file-upload","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-48947","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:52.607","lastModified":"2026-07-09T14:26:48.667","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows privileged users to overwrite media files without editing permissions."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.1.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:35:14.984578Z","id":"CVE-2026-48947","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.1.0","versionEndExcluding":"5.4.7","matchCriteriaId":"C0BFC416-9A95-4D08-A34D-1A79EC84648B"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1055-20260701-core-incorrect-access-control-in-com-media-webservice-endpoints.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48948","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:52.800","lastModified":"2026-07-09T14:20:16.517","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows user to download vcard exports of com_contact contacts that are inaccessible."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"3.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:45:28.746420Z","id":"CVE-2026-48948","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"ABD295F3-69ED-4875-A798-D66954EB4368"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1056-20260702-core-incorrect-access-control-in-com-contact-vcf-download.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48949","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:53.203","lastModified":"2026-07-09T13:52:59.970","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of validation leads to an XSS vulnerability in the MFA management views."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.2.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:44:10.684311Z","id":"CVE-2026-48949","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2.0","versionEndExcluding":"5.4.7","matchCriteriaId":"8904567D-8EA0-4B10-BB1A-5D6AE00671DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1057-20260703-core-xss-in-mfa-method-management.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48950","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:53.543","lastModified":"2026-07-09T13:48:02.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of escaping leads to an XSS vulnerability in the file management view of com_templates."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:40:50.946478Z","id":"CVE-2026-48950","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1058-20260704-core-xss-in-com-templates.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48951","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:53.680","lastModified":"2026-07-09T13:44:41.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of escaping leads to XSS vulnerabilities in modalreturn layouts of various components."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:53:39.104248Z","id":"CVE-2026-48951","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1059-20260705-core-xss-in-various-modalreturn-layouts.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48952","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:53.810","lastModified":"2026-07-09T13:43:43.173","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of escaping leads to an XSS vulnerability in the update list view of com_installer."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:33:48.060052Z","id":"CVE-2026-48952","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1060-20260706-core-xss-in-com-installer.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48953","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:53.933","lastModified":"2026-07-09T13:32:08.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Lack of escaping leads to an XSS vulnerability in the generic image output layout."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:50:53.114959Z","id":"CVE-2026-48953","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1061-20260707-core-xss-in-the-generic-image-output-layout.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48954","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:54.060","lastModified":"2026-07-09T14:44:43.660","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Improper validation leads to a generic XSS vector in the language override feature."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"3.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"UNREPORTED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:43:24.410096Z","id":"CVE-2026-48954","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"3.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"ABD295F3-69ED-4875-A798-D66954EB4368"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1062-20260708-core-xss-through-language-overrides.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48955","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:54.193","lastModified":"2026-07-09T17:00:04.290","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows unauthorized users to access workflow stage and transition information."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:41:11.630932Z","id":"CVE-2026-48955","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1063-20260709-core-incorrect-access-control-in-com-workflow.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48956","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:54.313","lastModified":"2026-07-09T16:58:49.893","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows users to display a list of modules in the frontend."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:38:53.208864Z","id":"CVE-2026-48956","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1064-20260710-core-incorrect-access-control-in-com-modules.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48957","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:54.440","lastModified":"2026-07-09T16:57:34.057","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows unauthorized users to access com_privacy datasets."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:40:23.161263Z","id":"CVE-2026-48957","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1065-20260711-core-incorrect-access-control-in-com-privacy-webservice-endpoints.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-48958","sourceIdentifier":"security@joomla.org","published":"2026-07-07T19:16:54.567","lastModified":"2026-07-09T16:55:31.333","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An improper access check allows unauthorized users to create custom fields via webservices endpoints."}],"affected":[{"source":"security@joomla.org","affectedData":[{"vendor":"Joomla! Project","product":"Joomla! CMS","defaultStatus":"unaffected","versions":[{"version":"4.0.0-5.4.6","status":"affected"},{"version":"6.0.0-6.1.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security@joomla.org","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:39:08.720016Z","id":"CVE-2026-48958","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@joomla.org","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndExcluding":"5.4.7","matchCriteriaId":"A72B66B5-01A3-40C0-88E4-7DD430C34AAD"},{"vulnerable":true,"criteria":"cpe:2.3:a:joomla:joomla\\!:*:*:*:*:*:*:*:*","versionStartIncluding":"6.0.0","versionEndExcluding":"6.1.2","matchCriteriaId":"B4397373-3CB3-40C2-8825-0044683AD167"}]}]}],"references":[{"url":"https://developer.joomla.org/security-centre/1066-20260712-core-incorrect-access-control-in-com-fields-webservice-endpoints.html","source":"security@joomla.org","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55435","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T19:16:54.873","lastModified":"2026-07-09T16:16:44.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, AI Bridge proxy endpoints authenticate via `Server.IsAuthorized` in `coderd/aibridgedserver`, which validates key format, expiry, secret and deleted or system users but does not check whether the account is suspended. Because suspension does not revoke existing API keys, a suspended user's unexpired token keeps working. Practical impact is limited to already-issued API keys of suspended users until those keys are deleted. Versions 2.32.7, 2.33.8, and 2.34.2 patch the issue. As a workaround, on suspension, delete the user's API keys via `DELETE /api/v2/users/{user}/keys`."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:14.795795Z","id":"CVE-2026-55435","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/commit/0d2c9f904a8b75b888140fcc8fbf4633660cc787","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/coder/coder/pull/26164","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/pull/26173","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-wqxv-w64v-5wh6","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-7017","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-07T19:16:55.530","lastModified":"2026-07-08T15:56:29.290","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HTTP::Tiny versions before 0.095 for Perl forward credential headers to cross-origin redirect targets.\n\nWhen the server returns a 3xx redirect, `_maybe_redirect` follows the `Location:` header and `_prepare_headers_and_cb` re-merges the caller's `headers` argument into the new request, without checking whether the redirect target shares an origin with the original URL. Caller-supplied `Authorization`, `Cookie` and `Proxy-Authorization` headers are therefore re-sent to whatever host the redirect names, across scheme, host or port boundaries, and including `https` to `http` downgrades that expose them in plaintext on the wire.\n\nThe HTTP::Tiny POD note that \"Authorization headers will not be included in a redirected request\" applied only to the URL-userinfo Basic-auth path, not to headers passed explicitly by the caller."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"HAARG","product":"HTTP::Tiny","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"HTTP-Tiny","programFiles":["lib/HTTP/Tiny.pm"],"programRoutines":[{"name":"_maybe_redirect"},{"name":"_prepare_headers_and_cb"}],"repo":"https://github.com/Perl-Toolchain-Gang/HTTP-Tiny","versions":[{"version":"0","lessThan":"0.095","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T18:31:23.699590Z","id":"CVE-2026-7017","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"references":[{"url":"https://github.com/Perl-Toolchain-Gang/HTTP-Tiny/commit/84984ef3930ddd4afcf5eb83b40d3cee200739c3.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://github.com/Perl-Toolchain-Gang/HTTP-Tiny/commit/8f32ca89e21c3ad0422adc698fa6ad17a193f55f.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://github.com/Perl-Toolchain-Gang/HTTP-Tiny/commit/e7a03aedf2395158f2b0d3bad2df943349227bb3.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://github.com/Perl-Toolchain-Gang/HTTP-Tiny/pull/36","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/HAARG/HTTP-Tiny-0.095-TRIAL/changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/13","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-44877","sourceIdentifier":"security-alert@hpe.com","published":"2026-07-07T20:16:28.693","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated remote disclosure vulnerability has been identified in HPE Networking Instant On 1830, 1930, and 1960 Switches. Successful exploitation of this vulnerability could allow an unauthenticated remote threat actor to access sensitive cryptographic secrets on a vulnerable system."}],"affected":[{"source":"security-alert@hpe.com","affectedData":[{"vendor":"Hewlett Packard Enterprise (HPE)","product":"HPE Networking Instant On","defaultStatus":"affected","platforms":["Switch Model 1830","Switch Model 1930","Switch Model 1960"],"versions":[{"version":"3.0.0","lessThanOrEqual":"3.3.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-alert@hpe.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T20:31:39.854857Z","id":"CVE-2026-44877","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw05038en_us&docLocale=en_US","source":"security-alert@hpe.com"}]}},{"cve":{"id":"CVE-2026-58468","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T20:16:29.240","lastModified":"2026-07-08T18:16:33.757","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"NocoBase through 2.1.20 contains a server-side request forgery vulnerability in the serverRequest wrapper that allows authenticated administrators to issue arbitrary outbound HTTP requests by supplying malicious URLs to workflow request nodes, custom request action buttons, or the AI plugin. Attackers can target loopback addresses, RFC-1918 private ranges, and cloud instance metadata endpoints to perform internal network port enumeration, host discovery, and retrieval of IAM role credentials from the instance metadata service. v2.1.18 added a warning message for when SERVER_REQUEST_WHITELIST is not configured."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"nocobase","product":"nocobase","defaultStatus":"affected","repo":"https://github.com/nocobase/nocobase","versions":[{"version":"0","lessThanOrEqual":"2.1.20","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:48:33.586731Z","id":"CVE-2026-58468","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/nocobase/nocobase/commit/5706fb48d9bbe190f9e0044c6d5c87fc5b68c7f1","source":"disclosure@vulncheck.com"},{"url":"https://github.com/nocobase/nocobase/issues/9962","source":"disclosure@vulncheck.com"},{"url":"https://github.com/nocobase/nocobase/pull/9966","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/nocobase-server-side-request-forgery-via-serverrequest-wrapper","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-44454","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:25.180","lastModified":"2026-07-08T19:47:37.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7 and 2.30.2, the `dotfiles` registry module passed unsanitized user input to shell commands, allowing arbitrary code execution inside a provisioned workspace. Any user who supplied a crafted `dotfiles_uri` value (for example, one containing shell command substitution such as `$(...)`) could achieve command execution in their own workspace. The Create Workspace page's `mode=auto` deep links amplified this into a one-click attack: an attacker could craft a URL that prefilled `param.dotfiles_uri` and silently provisioned a workspace with the attacker-controlled value, with no explicit user confirmation. In versions 2.29.7 and 2.30.2, input validation was added to the dotfiles module to reject URIs and usernames containing special characters, and the unsafe `eval`/`sh -c` usage was removed. This eliminated the command injection at its source."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":"< 2.29.7","status":"affected"},{"version":">= 2.30.0, < 2.30.2","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:47:43.261401Z","id":"CVE-2026-44454","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.7","matchCriteriaId":"D37CCB83-921A-4600-8B00-0C43292359C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.30.2","matchCriteriaId":"8D0B7997-9C95-4059-BE18-43C39DD9AC2A"}]}]}],"references":[{"url":"https://github.com/coder/coder/commit/60e3ab7632f42415d283b9fd5622ee53a4639ceb","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/coder/coder/pull/22011","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.30.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-m3cr-vc2j-pm27","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]},{"url":"https://github.com/coder/registry/commit/8e68c96633f65a1babd76a93b6923e3deead4a82","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/coder/registry/pull/703","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]}]}},{"cve":{"id":"CVE-2026-46672","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:25.420","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Actual is a local-first personal finance app. Prior to 26.6.0, @actual-app/cli ships a hand-rolled CSV serializer in packages/cli/src/output.ts used whenever the global --format csv option is passed, whose escapeCsv helper only handles RFC 4180 delimiter, quote, and newline escaping and does not neutralize standard CSV formula-injection prefixes. Any CLI command that streams an object array containing user-controlled strings, including transactions list, accounts list, payees list, categories list, tags list, category-groups list, rules list, schedules list, and query, can emit cells that auto-evaluate when the resulting CSV is opened in Excel, LibreOffice Calc, or Google Sheets, enabling data exfiltration and arbitrary formula execution. This issue is fixed in version 26.6.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"actualbudget","product":"actual","versions":[{"version":"< 26.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.5,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:59:38.913676Z","id":"CVE-2026-46672","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1236"}]}],"references":[{"url":"https://github.com/actualbudget/actual/commit/068185751c03b42e726e3c60b718413d5f96c306","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/pull/7859","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/releases/tag/v26.6.0","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-7gh7-258j-4mpq","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-7gh7-258j-4mpq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-46700","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:25.560","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Actual is a local-first personal finance tool. Prior to 26.6.0, the GET /secret/:name endpoint in @actual-app/sync-server checks only that the caller has a valid session and does not verify the caller is an admin, while the sibling POST /secret/ handler enforces an admin check in OpenID mode. Any authenticated non-admin BASIC user in OpenID multi-user deployments can probe the secrets store and learn which admin-managed bank-sync integrations have been configured, including simplefin_accessKey, pluggyai_clientSecret, pluggyai_itemIds, and the gocardless secrets. This issue is fixed in version 26.6.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"actualbudget","product":"actual","versions":[{"version":"< 26.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:43:08.864861Z","id":"CVE-2026-46700","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/actualbudget/actual/commit/3494f78c9459ed9c412e28b500b675ba5eb72d4e","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/pull/7862","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/releases/tag/v26.6.0","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-3f62-qv96-4p78","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-3f62-qv96-4p78","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-50007","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:25.977","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with user_access on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users, including /delete-user-file, /reset-user-file, and /user-create-key, because requireFileAccess treats ordinary shared access as sufficient for file-management operations that should be restricted to the file owner or an administrator. This issue is fixed in version 26.7.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"actualbudget","product":"actual","versions":[{"version":"< 26.7.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:01:55.677484Z","id":"CVE-2026-50007","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/actualbudget/actual/commit/18a8dc03c48eeb2e8252669a80673e6a9933b5fd","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/commit/3b9e79ed5ee795a80bbae214d6ebb2755289d7f2","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/pull/7977","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/pull/8333","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-23vm-ffgg-qvjr","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-23vm-ffgg-qvjr","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-50529","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:26.110","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/share/proxyInfo share interface generates and returns X-DE-LINK-TOKEN before validating the share password or ticket, allowing unauthenticated attackers who know a protected share UUID to obtain a valid link token for subsequent share-related API calls even with missing or invalid credentials. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:13:30.348616Z","id":"CVE-2026-50529","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/c4e85a981e53c95b1ea73757db31e3025efdc410","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-7287-qqj9-phr6","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-7287-qqj9-phr6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-50530","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:26.240","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a share mode chart data interface only validates that sceneId matches the resourceId in the link token and fails to validate whether tableId and field IDs in the request body belong to the shared resource, allowing an attacker with a valid share link token to replace dataset identifiers and retrieve unauthorized data through POST /de2api/chartData/getData. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:54:45.493386Z","id":"CVE-2026-50530","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/c4e85a981e53c95b1ea73757db31e3025efdc410","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-qcf4-345v-6vg9","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-qcf4-345v-6vg9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-53729","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:26.543","lastModified":"2026-07-08T15:16:29.190","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, any authenticated user can download (/exportCenter/download/{id}), delete (/exportCenter/delete), retry (/exportCenter/retry/{id}), or generate download links (/exportCenter/generateDownloadUri/{id}) for export tasks belonging to other users by manipulating the task ID parameter, and the /exportCenter/download/{id} endpoint is whitelisted from authentication, allowing unauthenticated access to exported files. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:49:52.215818Z","id":"CVE-2026-53729","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/57e90bdcc21c3fa2ec57184671603ad88a5b941b","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-9423-78gr-xjj5","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53730","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:26.700","lastModified":"2026-07-09T16:16:43.120","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the /de2api/datasetData/previewSql endpoint lacks the mandatory @DePermit permission validation annotation, allowing any authenticated user to specify datasourceId=-1, access the built-in engine database, execute arbitrary SQL statements, and read sensitive core data. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:13.495690Z","id":"CVE-2026-53730","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/7b47af38b8fa017c9eecb00a4a49264663189e7b","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-2jmq-vffm-4qmj","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-53751","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:26.857","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the H2 database JDBC URL validation logic can be bypassed with special Unicode characters whose case-conversion behavior differs between DataEase validation and H2 parsing, allowing attackers to smuggle dangerous parameters such as init in malicious H2 JDBC connection strings and achieve arbitrary code execution. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:48:50.317866Z","id":"CVE-2026-53751","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/2204258118eac6160a6636ca20dbedb0d3f95747","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-xjhm-r8p8-c2cg","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-xjhm-r8p8-c2cg","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55434","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:27.290","lastModified":"2026-07-08T19:47:17.140","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.33.0 and prior to versions 2.33.8 and 2.34.2, AI Bridge provider handlers read request bodies with `io.ReadAll` without a maximum size so an authenticated user with AI Bridge access could send an arbitrarily large body and exhaust memory. Exploitation requires authenticated access to the AI Bridge endpoints and the impact is limited to availability (denial of service). Versions 2.33.8 and 2.34.2 patch the issue. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:15:03.906169Z","id":"CVE-2026-55434","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26164","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-f5vp-w269-392g","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55592","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:27.433","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy origin and can read same-origin browser data, interact with the Dashy DOM, and send requests as the victim. This issue is fixed in version 4.3.7."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lissy93","product":"dashy","versions":[{"version":"< 4.3.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N","baseScore":3.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:30:25.302873Z","id":"CVE-2026-55592","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/lissy93/dashy/commit/4bc620e21cc8e3466f32b8bc40614b0d0eb5648b","source":"security-advisories@github.com"},{"url":"https://github.com/lissy93/dashy/releases/tag/4.3.7","source":"security-advisories@github.com"},{"url":"https://github.com/lissy93/dashy/security/advisories/GHSA-58mp-4qr3-vmrc","source":"security-advisories@github.com"},{"url":"https://github.com/lissy93/dashy/security/advisories/GHSA-58mp-4qr3-vmrc","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55631","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:27.593","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, the font management module allows authenticated users to submit an arbitrary fileTransName when creating a font record; when the record is later deleted, the backend concatenates that stored value with the font storage directory and passes it to FileUtils.deleteFile() without path traversal sanitization, allowing deletion of arbitrary writable files in the application container. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:55:13.912367Z","id":"CVE-2026-55631","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/8892a6945b0b7a329a156155270fae58afa895bc","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-r99p-w8fc-93g6","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-r99p-w8fc-93g6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55633","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:27.750","lastModified":"2026-07-08T15:16:29.953","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, a bypass of the H2 zip protocol and file dropper fix allows an authenticated attacker to upload a zip archive disguised with a .ttf extension through FontManage.saveFile and then exploit it through the zip protocol to achieve remote code execution. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:45:59.007550Z","id":"CVE-2026-55633","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/265b31179f1427c059f739841f2e39aaa6d1b937","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/commit/8892a6945b0b7a329a156155270fae58afa895bc","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/releases/tag/v2.10.24","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-8x36-774q-pwqg","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-8x36-774q-pwqg","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55635","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:27.903","lastModified":"2026-07-09T16:16:45.013","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, chart quota and Y-axis filters embed attacker-controlled filter values directly into generated SQL in Quota2SQLObj.getYWheres() without applying the SQL literal validation and escaping used by other filter paths, allowing an authenticated user who can create or modify chart definitions or submit chart data requests containing quota filters to inject SQL into queries executed against configured datasources. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:12.104328Z","id":"CVE-2026-55635","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/4463e21cb73d3d4bb8af89a0cb71ee403e4b808a","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-p758-rx6v-hc8g","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-55647","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:28.060","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, dashboard text components render stored component content with Vue v-html without server-side HTML sanitization, allowing an authenticated user who can edit dashboard component data to inject HTML with executable event handlers that execute when another user or shared-link visitor views the dashboard. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:50:15.562603Z","id":"CVE-2026-55647","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/9565812980da781eda04c0a3632bf5dc8b0469f6","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/commit/adab5f1e8954ff91830a3b2f052a42a139d978e1","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-4v63-24fg-pfg7","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-4v63-24fg-pfg7","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-57172","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T21:17:28.223","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"DataEase is an open source data visualization and analysis tool. Prior to 2.10.24, ShareSecretManage uses a hardcoded default share link signature key, allowing an attacker who can obtain a passwordless share for a resource and user to use the known key link-pwd-fit2cloud to forge linkToken JWTs, bypass TokenFilter verification, and access backend resources as the share creator even if the original share has been revoked. This issue is fixed in version 2.10.24."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dataease","product":"dataease","versions":[{"version":"< 2.10.24","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:37:32.958637Z","id":"CVE-2026-57172","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-321"},{"lang":"en","value":"CWE-798"}]}],"references":[{"url":"https://github.com/dataease/dataease/commit/356e83b518603f5612104760ced80aae8fc5d675","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-7cpg-f4cj-7pgm","source":"security-advisories@github.com"},{"url":"https://github.com/dataease/dataease/security/advisories/GHSA-7cpg-f4cj-7pgm","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-58469","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T21:17:28.383","lastModified":"2026-07-09T15:59:43.220","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GNU Wget through 1.25.0, fixed in commit 37a40fc, contains a heap buffer underread vulnerability in the clean_metalink_string() function within src/metalink.c that allows a malicious server to trigger memory corruption by serving a Metalink document containing a whitespace-only URL. Attackers can cause the function to decrement a pointer past the start of the buffer when processing an all-whitespace Metalink URL, potentially leading to abnormal program behavior."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"gnuwget","product":"wget","defaultStatus":"affected","repo":"https://gitlab.com/gnuwget/wget","versions":[{"version":"0","lessThanOrEqual":"1.25.0","versionType":"semver","status":"affected"},{"version":"37a40fcb450153f69537c7cbc2a7a4fb0b6f7826","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:36:30.807990Z","id":"CVE-2026-58469","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*","versionEndIncluding":"1.25.0","matchCriteriaId":"45E64942-BAA4-406A-9C9E-0624B2975957"}]}]}],"references":[{"url":"https://gitlab.com/gnuwget/wget/-/commit/37a40fcb450153f69537c7cbc2a7a4fb0b6f7826","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://www.vulncheck.com/advisories/gnu-wget-heap-buffer-underread-via-metalink-url-parsing","source":"disclosure@vulncheck.com","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58470","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T21:17:28.553","lastModified":"2026-07-09T16:01:18.490","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GNU Wget through 1.25.0, fixed in commit 43d3ba9, contains an integer overflow vulnerability in the parse_content_range() function within src/http.c that allows server-controlled values to cause signed integer arithmetic to overflow. Attackers can supply malicious Content-Range header values to trigger undefined behavior and download desynchronization in the affected client."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"gnuwget","product":"wget","defaultStatus":"affected","repo":"https://gitlab.com/gnuwget/wget","versions":[{"version":"0","lessThanOrEqual":"1.25.0","versionType":"semver","status":"affected"},{"version":"43d3ba9336bc94937e6fae2365c6ffd30c34ffcf","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:07:25.811516Z","id":"CVE-2026-58470","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*","versionEndIncluding":"1.25.0","matchCriteriaId":"45E64942-BAA4-406A-9C9E-0624B2975957"}]}]}],"references":[{"url":"https://gitlab.com/gnuwget/wget/-/commit/43d3ba9336bc94937e6fae2365c6ffd30c34ffcf","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://www.vulncheck.com/advisories/gnu-wget-integer-overflow-via-content-range-header-parsing","source":"disclosure@vulncheck.com","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58471","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T21:17:28.710","lastModified":"2026-07-09T16:02:07.273","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GNU Wget through 1.25.0, fixed in commit c2640fe, contains a heap buffer overflow vulnerability in the convert_fname() function within src/url.c that allows remote attackers to trigger memory corruption through a server-supplied filename requiring character set conversion. When the output buffer is too small during iconv E2BIG reallocation, the reallocation logic miscalculates the remaining space, leading to a heap buffer overflow that can be exploited via a maliciously crafted server response."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"gnuwget","product":"wget","defaultStatus":"affected","repo":"https://gitlab.com/gnuwget/wget","versions":[{"version":"0","lessThanOrEqual":"1.25.0","versionType":"semver","status":"affected"},{"version":"c2640fe5171c59f87c58dc9fcb195b2d18b010ee","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-07T20:32:14.930000Z","id":"CVE-2026-58471","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*","versionEndIncluding":"1.25.0","matchCriteriaId":"45E64942-BAA4-406A-9C9E-0624B2975957"}]}]}],"references":[{"url":"https://gitlab.com/gnuwget/wget/-/commit/c2640fe5171c59f87c58dc9fcb195b2d18b010ee","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://www.vulncheck.com/advisories/gnu-wget-heap-buffer-overflow-via-convert-fname-in-url-c","source":"disclosure@vulncheck.com","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58472","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T21:17:28.873","lastModified":"2026-07-09T15:58:45.663","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GNU Wget through 1.25.0, fixed in commit dd692d9, contains a heap buffer overflow vulnerability in the html_quote_string() function in src/convert.c that allows a remote attacker to trigger memory corruption by supplying a crafted HTML attribute with a large number of characters requiring entity encoding. A server-supplied HTML attribute causes a signed integer counter to overflow during output size accumulation, resulting in an undersized heap allocation and subsequent heap buffer overflow during the copy phase."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"gnuwget","product":"wget","defaultStatus":"affected","repo":"https://gitlab.com/gnuwget/wget","versions":[{"version":"0","lessThanOrEqual":"1.25.0","versionType":"semver","status":"affected"},{"version":"dd692d9cea5335b181d877ae917fe6e75587a812","versionType":"git","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":4.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:45:48.507469Z","id":"CVE-2026-58472","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:wget:*:*:*:*:*:*:*:*","versionEndIncluding":"1.25.0","matchCriteriaId":"45E64942-BAA4-406A-9C9E-0624B2975957"}]}]}],"references":[{"url":"https://gitlab.com/gnuwget/wget/-/commit/dd692d9cea5335b181d877ae917fe6e75587a812","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://www.vulncheck.com/advisories/gnu-wget-heap-buffer-overflow-via-html-attribute-encoding","source":"disclosure@vulncheck.com","tags":["Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58473","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T21:17:29.007","lastModified":"2026-07-09T19:37:12.317","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all LLM operations instance-wide to an attacker-controlled endpoint by exploiting the process-wide singleton configuration cache, enabling exfiltration of prompts, uploaded documents, extracted entities, and knowledge graph content from all users."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"topoteretes","product":"cognee","defaultStatus":"affected","repo":"https://github.com/topoteretes/cognee","versions":[{"version":"0","lessThan":"1.2.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:12:35.234873Z","id":"CVE-2026-58473","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/topoteretes/cognee/commit/d10b1b77e2157c6238fd4d1acb1923a048991699","source":"disclosure@vulncheck.com"},{"url":"https://github.com/topoteretes/cognee/issues/3084","source":"disclosure@vulncheck.com"},{"url":"https://github.com/topoteretes/cognee/releases/tag/v1.2.0","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/cognee-unauthorized-llm-configuration-overwrite-via-api-v1-settings","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-58583","sourceIdentifier":"9119a7d8-5eab-497f-8521-727c672e3725","published":"2026-07-07T21:17:29.163","lastModified":"2026-07-08T15:01:22.897","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \\Device\\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly."}],"affected":[{"source":"9119a7d8-5eab-497f-8521-727c672e3725","affectedData":[{"vendor":"FluxInk","product":"Color Management Driver","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"1.0.7.6","versionType":"custom","status":"affected"},{"version":"1.0.7.6","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"9119a7d8-5eab-497f-8521-727c672e3725","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"9119a7d8-5eab-497f-8521-727c672e3725","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"9119a7d8-5eab-497f-8521-727c672e3725","ssvcData":{"timestamp":"2026-07-01T15:52:01.675857Z","id":"CVE-2026-58583","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9119a7d8-5eab-497f-8521-727c672e3725","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://github.com/b3s3da/TcnPeripheral64_PoC","source":"9119a7d8-5eab-497f-8521-727c672e3725"},{"url":"https://github.com/b3s3da/TcnPeripheral64_PoC/security/advisories/GHSA-x4rw-h4v2-v83h","source":"9119a7d8-5eab-497f-8521-727c672e3725"},{"url":"https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-188-01.json","source":"9119a7d8-5eab-497f-8521-727c672e3725"},{"url":"https://www.cve.org/CVERecord?id=CVE-2026-58583","source":"9119a7d8-5eab-497f-8521-727c672e3725"}]}},{"cve":{"id":"CVE-2026-42953","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-07-07T22:16:51.897","lastModified":"2026-07-09T19:48:15.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The application contains an out-of-bounds write vulnerability that can be exploited by an attacker to cause the program to write data past the end of an allocated memory buffer. This can lead to arbitrary code execution."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Labcenter","product":"Proteus","defaultStatus":"unaffected","versions":[{"version":"9.1_SP4_Build-42914","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:03:43.706198Z","id":"CVE-2026-42953","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-06","source":"ics-cert@hq.dhs.gov"}]}},{"cve":{"id":"CVE-2026-42958","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-07-07T22:16:52.060","lastModified":"2026-07-09T19:48:15.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The application contains a use-after-free vulnerability that can be exploited to cause memory corruption while parsing specially crafted files. This could allow an attacker to execute arbitrary code in the context of the current process."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Labcenter","product":"Proteus","defaultStatus":"unaffected","versions":[{"version":"9.1_SP4_Build-42914","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:04:58.767504Z","id":"CVE-2026-42958","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-06","source":"ics-cert@hq.dhs.gov"}]}},{"cve":{"id":"CVE-2026-45796","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:52.317","lastModified":"2026-07-08T19:47:08.010","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 are vulnerable to unauthenticated semi-blind Server-Side Request Forgery (SSRF) via the Azure instance identity endpoint (`POST /api/v2/workspaceagents/azure-instance-identity`). An external attacker can force the Coder server to issue HTTP GET requests to arbitrary internal or external hosts by submitting a crafted PKCS#7 signature. The server does not return the target's response body, but error messages in the API response reveal whether the target is reachable and what type of failure occurred. Versions 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 patch the issue. As a workaround, if the Azure identity-auth mechanism is not being used then restrict access to the corresponding endpoint (`/api/v2/workspaceagents/azure-instance-identity`) using ingress firewall and/or proxy ACLs."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.33.0-rc.0, < 2.33.3","status":"affected"},{"version":">= 2.32.0-rc.0, < 2.32.2","status":"affected"},{"version":">= 2.31.0, < 2.31.12","status":"affected"},{"version":">= 2.30.0, < 2.30.8","status":"affected"},{"version":">= 2.29.0, < 2.29.13","status":"affected"},{"version":"< 2.24.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:53:31.695518Z","id":"CVE-2026-45796","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.24.5","matchCriteriaId":"38FD51E2-14DE-4C93-8EFC-267C222E06FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.29.0","versionEndExcluding":"2.29.13","matchCriteriaId":"055001B5-79DC-4275-91EF-8D7C45FCA8ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.30.8","matchCriteriaId":"7646D2AE-2363-4C43-853A-4F61C95B253B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.31.0","versionEndExcluding":"2.31.12","matchCriteriaId":"02976D4C-3CEB-430B-A464-141A28B2CBED"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.32.0","versionEndExcluding":"2.32.2","matchCriteriaId":"4498D465-4F7F-4786-8716-43A78FBC35B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.3","matchCriteriaId":"88AFFF26-1B74-4DD4-98C7-D5FE8F17CF00"}]}]}],"references":[{"url":"https://github.com/coder/coder/commit/57b11d405f17492aa789d4b9ff33366f961a37f8","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/coder/coder/pull/25274","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.24.5","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.13","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.30.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.31.12","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-686c-7vgv-v3fx","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-46354","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:52.467","lastModified":"2026-07-08T19:47:02.427","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. In versions prior tp 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3, `azureidentity.Validate()` verifies that the PKCS#7 signer certificate chains to a trusted Azure CA but never verifies the PKCS#7 signature itself. An attacker can embed a legitimate Azure certificate alongside arbitrary content e.g. `{\"vmId\":\"<target>\"}` and the forged `vmId` will be accepted returning the victim workspace agent's session token. No authentication is required. The attacker only needs to know a target VM's `vmId` which is a `UUIDv4`. That's a practical limitation which would typically require prior access to be exploited. Versions 2.24.5, 2.29.13, 2.30.8, 2.31.12, 2.32.2, and 2.33.3 patch the issue. As a workaround, reconfigure any Azure templates to use token authentication rather than `azure-instance-identity`."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.33.0-rc.0, < 2.33.3","status":"affected"},{"version":">= 2.32.0-rc.0, < 2.32.2","status":"affected"},{"version":">= 2.31.0, < 2.31.12","status":"affected"},{"version":">= 2.30.0, < 2.30.8","status":"affected"},{"version":">= 2.29.0, < 2.29.13","status":"affected"},{"version":"< 2.24.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:01:18.394796Z","id":"CVE-2026-46354","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-347"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.24.5","matchCriteriaId":"38FD51E2-14DE-4C93-8EFC-267C222E06FE"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.29.0","versionEndExcluding":"2.29.13","matchCriteriaId":"055001B5-79DC-4275-91EF-8D7C45FCA8ED"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.30.8","matchCriteriaId":"7646D2AE-2363-4C43-853A-4F61C95B253B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.31.0","versionEndExcluding":"2.31.12","matchCriteriaId":"02976D4C-3CEB-430B-A464-141A28B2CBED"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.32.0","versionEndExcluding":"2.32.2","matchCriteriaId":"4498D465-4F7F-4786-8716-43A78FBC35B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.3","matchCriteriaId":"88AFFF26-1B74-4DD4-98C7-D5FE8F17CF00"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25286","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.24.5","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.13","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.30.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.31.12","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-6x44-w3xg-hqqf","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-49033","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2026-07-07T22:16:52.637","lastModified":"2026-07-09T19:48:15.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The application contains a stack-based buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Labcenter","product":"Proteus","defaultStatus":"unaffected","versions":[{"version":"9.1_SP4_Build-42914","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:07:42.514792Z","id":"CVE-2026-49033","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-advisories/icsa-26-188-06","source":"ics-cert@hq.dhs.gov"}]}},{"cve":{"id":"CVE-2026-49229","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:52.780","lastModified":"2026-07-09T15:16:35.530","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Actual is a local-first personal finance app. Prior to 26.6.0, in OpenID multi-user mode, disabling a user only blocks future OpenID login for that identity, while existing Actual session tokens for the disabled user remain valid. The shared session validation path accepts any existing token row that has not expired without checking whether the associated user is still enabled, allowing a disabled user to continue calling authenticated server endpoints. This issue is fixed in version 26.6.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"actualbudget","product":"actual","versions":[{"version":"< 26.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T03:55:44.914451Z","id":"CVE-2026-49229","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-613"}]}],"references":[{"url":"https://github.com/actualbudget/actual/commit/c8cb8a223a4faf1c2e1dcb0795a79a93f7b19e80","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/releases/tag/v26.6.0","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-cq9c-6w48-qmfg","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-cq9c-6w48-qmfg","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-50179","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:52.923","lastModified":"2026-07-09T16:16:42.473","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Actual is a local-first personal finance tool. Prior to 26.6.0, exportToCSV and exportQueryToCSV in packages/loot-core/src/server/transactions/export/export-to-csv.ts pass user-controlled Payee, Notes, Account, and Category strings to csv-stringify with no cast callback and no formula-prefix neutralization. Strings that begin with equals sign, plus, minus, at sign, tab, or carriage return survive verbatim into the exported CSV, and when a recipient opens the file in Excel, LibreOffice Calc, or Google Sheets, the strings are interpreted as formulas, enabling transaction data exfiltration and attacker-chosen spreadsheet display values. This issue is fixed in version 26.6.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"actualbudget","product":"actual","versions":[{"version":"< 26.6.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:10.601992Z","id":"CVE-2026-50179","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1236"}]}],"references":[{"url":"https://github.com/actualbudget/actual/commit/068185751c03b42e726e3c60b718413d5f96c306","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/releases/tag/v26.6.0","source":"security-advisories@github.com"},{"url":"https://github.com/actualbudget/actual/security/advisories/GHSA-xqjm-27pc-rvwm","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-54601","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.060","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FastGPT is an open source AI knowledge base platform. From 4.14.17 to before 4.15.0-beta4, FastGPT allows an authenticated tenant user to call POST /api/core/dataset/collection/create/reTrainingCollection in a way that persists a server-owned datasetId value from another tenant. This creates mixed dataset objects and downstream dataset, collection, and training endpoints then make authorization decisions from inconsistent ownership anchors, allowing cross-tenant read, update, and delete access when mixed object ids are known. This issue is fixed in version 4.15.0-beta4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"labring","product":"FastGPT","versions":[{"version":">= 4.14.17, < 4.15.0-beta4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:52:48.582115Z","id":"CVE-2026-54601","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-915"}]}],"references":[{"url":"https://github.com/labring/FastGPT/commit/54a53e7d4399f1dfa2913394442c3cf6de672fb3","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/pull/7071","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/releases/tag/v4.15.0-beta4","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-qxcq-48gr-93pj","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-qxcq-48gr-93pj","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-54602","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.217","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FastGPT is a knowledge-based AI application platform. Prior to 4.15.0, GET /api/core/ai/record/getRecord authenticates the caller but loads LLM request and response traces only by requestId without team scoping, allowing any authenticated user to read another team's prompts, retrieved RAG chunks, and completions if the requestId is known. This issue is fixed in version 4.15.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"labring","product":"FastGPT","versions":[{"version":"< 4.15.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:45:07.715556Z","id":"CVE-2026-54602","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/labring/FastGPT/commit/60c62b7af8269c826885b541bb56e6e5c424c11a","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-6vx6-f72r-74cg","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-54607","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.357","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FastGPT is a knowledge-based AI application platform. Prior to 4.15.0-beta4, the HTTP-tool OpenAPI schema importer validates only the top-level URL before passing it to SwaggerParser.bundle, whose remote reference resolver fetches $ref URLs without FastGPT's internal-address guard and returns fetched content inline, allowing an authenticated team member to read internal services or cloud metadata. This issue is fixed in version 4.15.0-beta4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"labring","product":"FastGPT","versions":[{"version":"< 4.15.0-beta4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:48:47.765322Z","id":"CVE-2026-54607","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-918"}]}],"references":[{"url":"https://github.com/labring/FastGPT/commit/1d7b8768aecd53ae59372fd68b10af0e80722c79","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/pull/7073","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/releases/tag/v4.15.0-beta4","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-72hf-5382-2mq9","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-72hf-5382-2mq9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55075","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.650","lastModified":"2026-07-08T19:46:56.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, two flaws in Coder's OIDC login chained into account takeover. Email-based user matching fell back to linking by email without checking for an existing link to a different IdP subject and the `email_verified` claim was only enforced when present as a boolean `false` so an absent or non-boolean claim was treated as verified. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 restricts the email fallback to first-time and legacy linking and defaults `email_verified` to false when the claim is absent or of an unexpected type. As a workaround, configure the OIDC provider to disallow self-registration or to require email verification before issuing tokens."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:02:51.874018Z","id":"CVE-2026-55075","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-289"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25712","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/pull/25713","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-9r87-mvcw-x35f","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55408","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.790","lastModified":"2026-07-08T15:16:29.527","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Koodo Reader is an ebook reader. In version 2.3.0 and earlier, Koodo Reader is vulnerable to remote code execution through malicious EPUB files because the open-book IPC handler enables nodeIntegrationInSubFrames and EPUB chapter content is rendered with unsanitized innerHTML. An attacker can craft an EPUB book that, when imported and opened by the victim, instantiates a hidden iframe with Node.js API access and executes arbitrary operating system commands with the victim user's privileges. This issue is fixed in version 2.3.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"koodo-reader","product":"koodo-reader","versions":[{"version":"< 2.3.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:07:51.495637Z","id":"CVE-2026-55408","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/koodo-reader/koodo-reader/security/advisories/GHSA-mjr7-w4jq-2rq9","source":"security-advisories@github.com"},{"url":"https://github.com/koodo-reader/koodo-reader/security/advisories/GHSA-mjr7-w4jq-2rq9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55418","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:53.930","lastModified":"2026-07-09T16:16:44.800","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"FastGPT is an open source AI knowledge base platform. Prior to v4.15.0-beta5, two FastGPT file handlers authorize an unrelated resource and then sign or read an S3 object using a key taken directly from the request, without checking that the key belongs to the caller's team. Because S3 object keys are global within the bucket and carry the tenant id only as a path segment, an attacker can supply another team's key and obtain its file contents through the chat-file presign endpoint or dataset preview endpoint. This issue is fixed in version v4.15.0-beta5."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"labring","product":"FastGPT","versions":[{"version":"< 4.15.0-beta5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N","baseScore":8.6,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:38:04.939492Z","id":"CVE-2026-55418","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/labring/FastGPT/commit/decb6d2fb1417fb9e2bca145d2dcc9cbcf06396c","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/pull/7104","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/releases/tag/v4.15.0-beta5","source":"security-advisories@github.com"},{"url":"https://github.com/labring/FastGPT/security/advisories/GHSA-6rxv-p43w-mmx5","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58266","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:54.207","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and editor scripts. A malicious imported card package with an embedded iframe can use exposed API methods such as getImageForOcclusion to read arbitrary files accessible to the Anki process and exfiltrate them over the network. This issue is fixed in version 25.09.4."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"ankitects","product":"anki","versions":[{"version":"< 25.09.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:23:23.495354Z","id":"CVE-2026-58266","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://github.com/ankitects/anki/commit/b2b68d829e853da51b5de8aad6c13b53e90bc20d","source":"security-advisories@github.com"},{"url":"https://github.com/ankitects/anki/releases/tag/25.09.4","source":"security-advisories@github.com"},{"url":"https://github.com/ankitects/anki/security/advisories/GHSA-cw6h-ffmh-x6vh","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59153","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T22:16:54.363","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Anki is a program for creating and reviewing flashcards. Prior to 25.09.3, Anki launches a local HTTP server to serve media files and web pages for parts of its interface, but requests from other origins were not sufficiently blocked. A malicious website could potentially trigger side-effecting requests to the local server, with severity varying by browser depending on Private Network Access protections. This issue is fixed in version 25.09.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"ankitects","product":"anki","versions":[{"version":"< 25.09.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:49:55.586751Z","id":"CVE-2026-59153","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"references":[{"url":"https://github.com/ankitects/anki/commit/858e5689d0e4fd24f74856c7e8f245412694a219","source":"security-advisories@github.com"},{"url":"https://github.com/ankitects/anki/releases/tag/25.09.3","source":"security-advisories@github.com"},{"url":"https://github.com/ankitects/anki/security/advisories/GHSA-869j-r97x-hx2g","source":"security-advisories@github.com"},{"url":"https://x.com/taviso/status/2051310678800253318","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59706","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T22:16:54.503","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attacks by setting ollama_base_url to internal addresses like cloud IMDS via PUT /api/v1/config/mem0/llm endpoint."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"mem0","product":"mem0","defaultStatus":"unaffected","packageURL":"pkg:pypi/mem0ai","versions":[{"version":"0","lessThanOrEqual":"a3154d5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:34:02.069552Z","id":"CVE-2026-59706","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/mem0ai/mem0","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/commit/a3154d59e52386d4e1189c1f5f44819868f76514","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/issues/6081","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/mem0-server-side-request-forgery-and-plaintext-api-key-exposure-via-unauthenticated-config-endpoints","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/issues/6081","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-14895","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-07T23:16:54.293","lastModified":"2026-07-08T15:56:29.290","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"String::Util versions before 1.36 for Perl are susceptible to a regular expression denial of service.\n\nThe trim and rtrim functions stripped trailing whitespace with s/\\s*$//u. Because \\s* matches greedily and the $ anchor fails whenever a non-whitespace character follows the whitespace, the regex engine retries the match at each offset of a long whitespace run, producing quadratic backtracking. The fix replaces \\s*$ with \\s+$.\n\nAny caller that passes untrusted input to trim or rtrim can trigger CPU exhaustion with a string containing a long run of whitespace."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"BAKERSCOT","product":"String::Util","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"String-Util","programFiles":["lib/String/Util.pm"],"programRoutines":[{"name":"String::Util::trim"},{"name":"String::Util::rtrim"}],"repo":"https://github.com/scottchiefbaker/String-Util","versions":[{"version":"0","lessThan":"1.36","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:05:12.698100Z","id":"CVE-2026-14895","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-1333"}]}],"references":[{"url":"https://github.com/scottchiefbaker/String-Util/commit/f8150867aaeb8f57c59601aefb2193f2caed8745.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://github.com/scottchiefbaker/String-Util/releases","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/BAKERSCOT/String-Util-1.36/diff/BAKERSCOT/String-Util-1.35#lib/String/Util.pm","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/07/18","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-36162","sourceIdentifier":"cve@mitre.org","published":"2026-07-07T23:16:54.410","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated stored cross-site scripting (XSS) vulnerability in the Upload File Shares API of LiquidFiles v4.2.7 allows attackers to execute arbitrary Javascript or HTML via injecting a crafted payload into the Name parameter."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:35:15.489759Z","id":"CVE-2026-36162","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://docs.liquidfiles.com/release_notes/version_4-2-x.html","source":"cve@mitre.org"},{"url":"https://securing.pl/en/bypassing-csp-to-exploit-stored-xss-in-liquidfiles/","source":"cve@mitre.org"},{"url":"https://securing.pl/en/bypassing-csp-to-exploit-stored-xss-in-liquidfiles/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-36163","sourceIdentifier":"cve@mitre.org","published":"2026-07-07T23:16:54.543","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An HTML injection vulnerability in the file view endpoint of LiquidFiles v4.2.7 allows authenticated attackers to execute arbitrary JavaScript in the context of the victim's browser via the uploading of and user interaction with a crafted HTML file."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:05:43.247810Z","id":"CVE-2026-36163","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://docs.liquidfiles.com/release_notes/version_4-2-x.html","source":"cve@mitre.org"},{"url":"https://securing.pl/en/bypassing-csp-to-exploit-stored-xss-in-liquidfiles/","source":"cve@mitre.org"},{"url":"https://securing.pl/en/bypassing-csp-to-exploit-stored-xss-in-liquidfiles/","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-50811","sourceIdentifier":"cve@mitre.org","published":"2026-07-07T23:16:55.017","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An out-of-bounds read vulnerability exists in FreeType 2.14.3 and versions before commit 5a280ecde6f324de0d226261036e736e0cb49a71 in src/truetype/ttgxvar.c, in the TT_Get_Var_Design implementation used by FT_Get_Var_Design_Coordinates"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T19:46:32.882960Z","id":"CVE-2026-50811","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"references":[{"url":"https://gist.github.com/junius-sec/6dd0fb25b643f89914083a38e5e57ace","source":"cve@mitre.org"},{"url":"https://github.com/freetype/freetype/commit/5a280ecde6f324de0d226261036e736e0cb49a71","source":"cve@mitre.org"},{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/commit/5a280ecde6f324de0d226261036e736e0cb49a71","source":"cve@mitre.org"},{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/issues/1436","source":"cve@mitre.org"},{"url":"https://gitlab.freedesktop.org/freetype/freetype/-/work_items/1436","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-51937","sourceIdentifier":"cve@mitre.org","published":"2026-07-07T23:16:55.130","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Oneblog V2.3.9 allows a remote attacker to obtain sensitive information via the RestApiController.java, JsApiTicketComponent.java, and the GetAccessTokenComponent.java component"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:17:07.027083Z","id":"CVE-2026-51937","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://developers.weixin.qq.com/doc/offiaccount/Basic_Information/Get_access_token.html","source":"cve@mitre.org"},{"url":"https://gist.github.com/Passwords404/2599df955cdb36b36b9551b5b7809114","source":"cve@mitre.org"},{"url":"https://github.com/zhangyd-c/OneBlog/issues/43","source":"cve@mitre.org"},{"url":"https://github.com/zhangyd-c/OneBlog/issues/43","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55076","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T23:16:55.237","lastModified":"2026-07-08T19:46:04.560","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, Coder's OIDC callback checked `email_verified` with a direct Go `bool` type assertion. When an IdP returned the claim as a non-boolean (for example the string `\"false\"`) or omitted it, the assertion failed open and the email was treated as verified. Combined with an unconditional email-based account fallback, this enabled account takeover. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 coerces `email_verified` across bool, string and numeric types (fail-closed) and blocks the email fallback when the matched user already has a different linked IdP subject. As a workaround, ensure the IdP returns `email_verified` as a native JSON boolean. The email-fallback linking issue has no configuration workaround; upgrading is required."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:03:30.696230Z","id":"CVE-2026-55076","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-704"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25712","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/pull/25713","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-75vm-6w67-gwvp","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55077","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T23:16:55.377","lastModified":"2026-07-09T16:16:44.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `PUT /api/v2/users/{user}/password` endpoint authorized only `ActionUpdatePersonal` and did not prevent a `user-admin` from resetting an `owner` account's password. It also did not require the current password when an admin reset another user's password. Exploitation requires the privileged `user-admin` role so practical risk is limited to deployments that grant `user-admin` to less trusted operators. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 prevents non-owner users from resetting the password of an account that holds the `owner` role. As a workaround, restrict the `user-admin` role to trusted administrators."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:31:17.655406Z","id":"CVE-2026-55077","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25709","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-29xf-69gq-m9jx","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55078","sourceIdentifier":"security-advisories@github.com","published":"2026-07-07T23:16:55.510","lastModified":"2026-07-08T19:45:05.967","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.17.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `POST /api/v2/files` converts zip uploads to tar in memory via `CreateTarFromZip`, which enforced a per-entry size limit but no aggregate limit on total decompressed output, writing to an unbounded in-memory buffer. Exploitation requires authenticated file-upload access and the impact is limited to availability (denial of service). The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 adds a metadata preflight check that sums projected entry sizes and a streaming writer that enforces the aggregate limit during decompression. As a workaround, restrict file-upload permissions to trusted users or place a reverse proxy with request-body size limits in front of `coderd`."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":">= 2.17.0, < 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:54:48.796364Z","id":"CVE-2026-55078","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-409"},{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.17.0","versionEndExcluding":"2.29.17","matchCriteriaId":"6197C053-9BC3-4F5B-8BBA-B47352F9653B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25877","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-2mg2-p7r7-g27f","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59705","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-07T23:16:55.997","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory retrieval endpoints to expose private memory content, or invoke pause endpoints with global_pause=true to cause denial-of-service across all users."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"mem0","product":"mem0","defaultStatus":"unaffected","packageURL":"pkg:pypi/mem0ai","versions":[{"version":"0","lessThan":"a3154d5","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.3,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:09:22.095370Z","id":"CVE-2026-59705","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/mem0ai/mem0","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/commit/a3154d59e52386d4e1189c1f5f44819868f76514","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/issues/6080","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/mem0-openmemory-api-unauthenticated-access-via-memory-endpoints","source":"disclosure@vulncheck.com"},{"url":"https://github.com/mem0ai/mem0/issues/6080","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55079","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T00:16:33.153","lastModified":"2026-07-08T19:44:45.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.24.0 and prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `NewDataBuilder` in `provisionersdk/proto/dataupload.go` allocated a byte slice using the client-supplied `FileSize` from a `DataUpload` message without an upper-bound check. Although the DRPC wire limit is 4 MiB, the `FileSize` value itself was unconstrained. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 validates `FileSize` against an upper bound (`MaxFileSize = 100 MiB`) before allocation. As a workaround, restrict access to the provisioner daemon serve endpoint to trusted provisioner daemon service accounts."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":">= 2.24.0, < 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:53:26.878982Z","id":"CVE-2026-55079","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.24.0","versionEndExcluding":"2.29.17","matchCriteriaId":"E3F9D09F-C957-4CCA-8AEB-B401AFD44D18"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25710","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-f962-qm93-mj4c","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55427","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T00:16:33.323","lastModified":"2026-07-08T19:44:24.297","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder config-ssh` wrote server-supplied SSH settings (`HostnameSuffix`, `SSHConfigOptions`) into the user's `~/.ssh/config` without sanitizing embedded newlines or restricting directives so a malicious or compromised Coder server could inject arbitrary SSH configuration. Practical exploitation requires control of the server-supplied values through a malicious or compromised deployment, a man-in-the-middle position or admin access to the `HostnameSuffix` and `SSHConfigOptions` settings. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 validates `HostnameSuffix` and `SSHConfigOptions` against a strict character set that rejects newlines and other control characters. As a workaround, inspect `coder config-ssh --dry-run` output before applying changes."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:09:33.858876Z","id":"CVE-2026-55427","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26154","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-mcqq-fqgf-rxwm","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55428","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T00:16:33.463","lastModified":"2026-07-08T19:44:06.553","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the tailnet coordinator validates that an agent's `Addresses` derive from its authenticated UUID but applies no equivalent check to `AllowedIPs`. The coordinator forwards agent-supplied `AllowedIPs` verbatim to tunnel peers which install them into the WireGuard peer configuration. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 validates each `AllowedIPs` prefix against the authenticating agent's UUID just like `Addresses`. As a workaround, monitor coordinator logs for agents advertising unexpected `AllowedIPs` prefixes."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:10:59.507766Z","id":"CVE-2026-55428","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26144","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-wrq8-fcv5-8hvp","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55429","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T00:16:33.597","lastModified":"2026-07-08T19:43:31.533","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `UpsertWorkspaceApp` overwrites an existing app's `agent_id` on a primary-key conflict and `insertAgentApp` accepts the app ID from the provisioner's `CompleteJob` payload without verifying it belongs to the workspace being built. `CompleteJob` runs under `dbauthz.AsProvisionerd` so the authorization layer does not block the cross-workspace upsert. Exploitation requires elevated access as a template author or external provisioner operator. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 verifies that any existing `workspace_apps` row matching the supplied ID belongs to the workspace being built and rejects cross-workspace agent reassignment. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:41:33.806014Z","id":"CVE-2026-55429","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26103","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-9rjw-3gwp-f59v","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55430","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:27.270","lastModified":"2026-07-08T19:43:14.500","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the workspace app proxy resolves the target app from `httpapi.RequestHost()` which prefers the `X-Forwarded-Host` header over the real `Host` header. No middleware strips `X-Forwarded-Host` before routing and the header is not browser-forbidden so client-side JavaScript can set it on `fetch()` calls. Practical exploitation requires subdomain app routing (wildcard hostname) enabled, a victim who visits the attacker's shared app and a deployment whose upstream proxy does not strip `X-Forwarded-Host`. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 trusts `X-Forwarded-Host` only from configured trusted proxies and otherwise resolves the routing host from the verified request host. As a workaround, place an upstream reverse proxy that strips or overwrites `X-Forwarded-Host` on untrusted requests."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:57:10.249359Z","id":"CVE-2026-55430","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"},{"lang":"en","value":"CWE-441"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26204","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-5g4w-3vw9-478w","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55431","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:27.480","lastModified":"2026-07-08T19:42:45.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, `coder open app` opens external workspace-app URLs without validating the scheme or host. When an external app URL contains the `$SESSION_TOKEN` placeholder the CLI replaces it with the user's real session token before handing the URL to the OS open handler. Practical exploitation requires the victim to run `coder open app` against a workspace whose external app definition the attacker controls. Only a malicious template author can control external app URLs. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 applies a URL-scheme allowlist in the CLI and limits `$SESSION_TOKEN` substitution to trusted destinations like the web frontend. As a workaround, avoid running `coder open app` for untrusted workspaces."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:56:53.370657Z","id":"CVE-2026-55431","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"},{"lang":"en","value":"CWE-601"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26146","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-v54h-cp2w-9x4g","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55432","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:27.620","lastModified":"2026-07-08T19:40:36.780","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the `CreateSubAgent` RPC did not validate a requested app sharing level against the template's `MaxPortSharingLevel` before persisting workspace apps, letting a workspace owner exceed the administrator's configured maximum. Exploitation requires the ability to register sub-agent apps in a workspace the attacker controls. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2clamps the sub-agent app sharing level to the template's `MaxPortSharingLevel`. As a workaround, disable wildcard app hostnames (`CODER_WILDCARD_ACCESS_URL`) to block subdomain-based app routing."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:51:04.699684Z","id":"CVE-2026-55432","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26061","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-x9qq-2qh5-8rxf","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55433","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:27.760","lastModified":"2026-07-08T19:39:45.713","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2, the devcontainer recreate endpoint relied on route middleware that checked only `ActionRead` on the workspace and, unlike the sibling delete endpoint, performed no `ActionUpdate` check before triggering the destructive rebuild. Exploitation requires an existing low-privilege role with access to the target workspace. The fix in versions 2.29.7, 2.32.7, 2.33.8, and 2.34.2 adds an explicit `ActionUpdate` authorization check before the agent is dialed like the delete endpoint. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:01:36.512667Z","id":"CVE-2026-55433","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25812","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-jqj2-x4c5-jfxm","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55436","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:27.890","lastModified":"2026-07-08T19:39:30.790","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Starting in version 2.30.0 and prior to versions 2.32.7, 2.33.8, and 2.34.2, the AI Bridge Proxy (`aibridgeproxyd`) created a goproxy server whose default transport set `InsecureSkipVerify: true` and only assigned a secure transport when an upstream proxy was configured. In the default configuration (no upstream proxy), outbound HTTPS to the Coder access URL accepted any TLS certificate. Practical exploitation requires an on-path (man-in-the-middle) position between the AI Bridge Proxy and the Coder server. Deployments where they are co-located over loopback are effectively unaffected. The fix in versions 2.32.7, 2.33.8, and 2.34.2 applies the secure transport (TLS 1.2 or higher using system root CAs) unconditionally. As a workaround, ensure the Coder access URL uses a trusted certificate and secure the network path between the AI Bridge Proxy and the Coder server (for example, loopback or mTLS)."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:11:39.614123Z","id":"CVE-2026-55436","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26131","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-84rm-42xw-mx52","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55437","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:28.020","lastModified":"2026-07-08T19:38:48.677","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, the `AgentLogLine` dashboard component instantiated `ansi-to-html` without `escapeXML: true` and inserted the result via `dangerouslySetInnerHTML` so HTML embedded in workspace agent log lines was rendered as live markup. Server-side sanitization did not neutralize HTML metacharacters. Exploitation requires a victim to view attacker-controlled agent logs in the dashboard. The fix in versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2 enables `escapeXML: true` so HTML metacharacters are escaped before DOM insertion. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:00:28.554141Z","id":"CVE-2026-55437","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/25808","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-7qw2-f75v-62f7","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55438","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T01:16:28.150","lastModified":"2026-07-08T19:38:38.473","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, the workspace was resolved by ID without confirming the URL's username matched the real owner, while the CORS middleware trusted the unverified username in the hostname. Practical exploitation requires subdomain app routing (wildcard hostname) enabled and a victim who visits the attacker's crafted app URL while authenticated. The fix in versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2 validates the subdomain username against the resolved workspace's actual owner and bases the same-owner CORS decision on the authoritative owner identity. No known workarounds are available."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"coder","product":"coder","versions":[{"version":">= 2.34.0, < 2.34.2","status":"affected"},{"version":">= 2.33.0, < 2.33.8","status":"affected"},{"version":">= 2.30.0, < 2.32.7","status":"affected"},{"version":"< 2.29.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:56:25.900709Z","id":"CVE-2026-55438","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionEndExcluding":"2.29.17","matchCriteriaId":"F97FAF48-192E-4814-82A5-085C44F1D261"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.30.0","versionEndExcluding":"2.32.7","matchCriteriaId":"7ABD4A9B-6AE8-47D8-A1B7-91E42EE0481B"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.33.0","versionEndExcluding":"2.33.8","matchCriteriaId":"F759EEF3-6EAE-475B-85F8-38E7D7B47438"},{"vulnerable":true,"criteria":"cpe:2.3:a:coder:coder:*:*:*:*:*:go:*:*","versionStartIncluding":"2.34.0","versionEndExcluding":"2.34.2","matchCriteriaId":"397A02BF-6CF6-40B1-B792-D7CB9D229050"}]}]}],"references":[{"url":"https://github.com/coder/coder/pull/26085","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/pull/26086","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/coder/coder/releases/tag/v2.29.17","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.32.7","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.33.8","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/releases/tag/v2.34.2","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/coder/coder/security/advisories/GHSA-5wg6-jmq2-53pw","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59995","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:28.390","lastModified":"2026-07-09T17:14:47.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when \"sftp server:/path .\" is used with an attacker-controlled server."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:52:29.053569Z","id":"CVE-2026-59995","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-59996","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:28.557","lastModified":"2026-07-09T17:14:27.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:03:36.338882Z","id":"CVE-2026-59996","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-59997","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:28.727","lastModified":"2026-07-09T17:11:49.987","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:52:00.795684Z","id":"CVE-2026-59997","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-59998","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:28.870","lastModified":"2026-07-09T16:55:00.720","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":2.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:47:41.100414Z","id":"CVE-2026-59998","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-573"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-59999","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:29.010","lastModified":"2026-07-09T16:52:29.240","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:07:15.594672Z","id":"CVE-2026-59999","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-348"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-60000","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:29.153","lastModified":"2026-07-09T16:51:43.727","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:06:03.495582Z","id":"CVE-2026-60000","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-60001","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:29.290","lastModified":"2026-07-09T16:37:12.743","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:03:07.480541Z","id":"CVE-2026-60001","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-60002","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T01:16:29.430","lastModified":"2026-07-09T16:36:21.363","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"OpenBSD","product":"OpenSSH","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"10.4","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.2,"impactScore":5.5},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L","baseScore":9.4,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:01:59.614190Z","id":"CVE-2026-60002","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@mitre.org","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*","versionEndExcluding":"10.4","matchCriteriaId":"947E3B1E-F0DF-47BC-87D8-358B55B164AD"}]}]}],"references":[{"url":"https://marc.info/?l=openssh-unix-dev&m=178333966933090&w=2","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openssh.org/releasenotes.html#10.4p1","source":"cve@mitre.org","tags":["Release Notes"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/06/5","source":"cve@mitre.org","tags":["Mailing List","Release Notes"]}]}},{"cve":{"id":"CVE-2026-14158","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:26.463","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Widget Logic Visual plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.52 via the widget_logic_visual_check_visibility function. This is due to missing capability check and nonce verification on the widget-logic-update-conditional-tags AJAX action combined with insufficient sanitization of the 'nwlv[cod-tag]' parameter before storage and subsequent use in an eval() call. This makes it possible for authenticated attackers, with subscriber-level access and above, to execute code on the server."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"totalbounty","product":"Widget Logic Visual","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.52","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:45:05.011451Z","id":"CVE-2026-14158","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/widget-logic-visual/trunk/ajax.php#L14","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/widget-logic-visual/trunk/ajax.php#L91","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/widget-logic-visual/trunk/custom.php#L50","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5d82e9e2-c572-4911-a6a5-1384844214b0?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14244","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:26.700","lastModified":"2026-07-08T16:16:27.013","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Jssor Slider by jssor.com plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.1.24 via the 'url' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"jssor","product":"Jssor Slider by jssor.com","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.1.24","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:08:06.178479Z","id":"CVE-2026-14244","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/interface/api/class-jssor-slider-admin-controller.php#L307","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/interface/api/class-jssor-slider-admin-controller.php#L414","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/interface/api/class-jssor-slider-admin-controller.php#L43","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/interface/api/class-jssor-slider-admin-controller.php#L506","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/jssor-slider-dispatcher.php#L96","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/jssor-slider/tags/3.1.24/jssor-slider.php#L128","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/0cd880c9-75fe-420b-ae41-558678adb57b?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14482","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:26.840","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The 多说社会化评论框 plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2. The vulnerability exists due to a missing capability and nonce check on a directly web-accessible API endpoint, combined with a trivially forgeable HMAC-SHA1 signature keyed on an always-empty WordPress option, which allows the endpoint's `update_option` handler to pass attacker-controlled `option` and `value` parameters directly to WordPress's `update_option` function without any allowlist or sanitization. This makes it possible for unauthenticated attackers to update arbitrary WordPress options — such as setting `default_role` to `administrator` and enabling open registration — and subsequently register an account with full administrator privileges."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"shen2","product":"多说社会化评论框","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:57:36.253903Z","id":"CVE-2026-14482","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/duoshuo/tags/1.2/LocalServer.php#L49","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/duoshuo/tags/1.2/LocalServer.php#L54","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/duoshuo/tags/1.2/api.php#L40","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/732c7ccd-de50-4e27-8cb9-3bb0ed30f0b4?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14487","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:26.980","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Simple Coherent Form plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the removeUploadDir function in all versions up to, and including, 2.4.13. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The scf_get_id_upload endpoint freely issues a valid scf_upload_file_removal nonce to any unauthenticated visitor, and the removal endpoint's secondary hash check is forgeable offline because it relies on a hardcoded salt embedded in the plugin source, meaning neither control presents a real authorization boundary."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"tombgtn","product":"Simple Coherent Form","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.4.13","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:12:15.352165Z","id":"CVE-2026-14487","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/simple-coherent-form/tags/2.4.13/includes/fields/file.php#L1387","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-coherent-form/tags/2.4.13/includes/fields/file.php#L1494","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-coherent-form/tags/2.4.13/includes/fields/file.php#L1521","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-coherent-form/tags/2.4.13/includes/fields/file.php#L1544","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/simple-coherent-form/tags/2.4.13/includes/fields/file.php#L43","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f4831e75-dc0e-4d6f-b2cb-8498d8629319?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9701","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:28.977","lastModified":"2026-07-08T18:16:35.717","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Eventer plugin for WordPress is vulnerable to an insecure password reset mechanism in all versions up to, and including, 4.4.2. The plugin stores a plaintext copy of the password reset key in the `eventer_verification_code` user meta field when a user requests a password reset. The plaintext key stored in `wp_usermeta` can be used with the plugin's custom reset action to set a new password for any user. Combined with another vulnerability such as SQL Injection (CVE-2026-9700), this makes it possible for unauthenticated attackers to extract the plaintext reset key and take over any user account, including administrators. Note: The password reset function only works up to PHP version 7.4."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"joe007","product":"Eventer","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.4.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:47:48.350133Z","id":"CVE-2026-9701","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-289"}]}],"references":[{"url":"https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/bc656765-1eac-4a96-99e9-c22d64984923?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9842","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T05:16:29.097","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Backstage - Customizer Demo Access plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.4.2. This is due to the plugin assigning the `manage_options` capability to the `backstage_customizer_user` demo role, which is more permissive than necessary for Customizer-only demo access. This makes it possible for unauthenticated attackers to navigate beyond the Customizer and update arbitrary WordPress options such as `default_role`, leading to privilege escalation."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"pixelgrade","product":"Backstage – Customizer Demo Access","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.4.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:00:54.003774Z","id":"CVE-2026-9842","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/backstage/tags/1.4.2/includes/class-Backstage.php#L154","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/backstage/tags/1.4.2/includes/class-Backstage.php#L348","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5bcf1f02-0946-4e96-a81b-00c7c48d64b3?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-10570","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:20.720","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Sympl Repeater for ACF and Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via ACF repeater field values in all versions up to, and including, 2.3. This is due to insufficient input sanitization and output escaping in the symp_arfe_replace_content() function, which uses str_replace() to substitute raw ACF field values (retrieved via get_field()) directly into Elementor-rendered HTML without any escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"idocoh","product":"Sympl Repeater for ACF and Elementor","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:40:27.624321Z","id":"CVE-2026-10570","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/acf-repeater-for-elementor/tags/2.3/sympl-repeater-for-acf-and-elementor.php#L179","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/acf-repeater-for-elementor/tags/2.3/sympl-repeater-for-acf-and-elementor.php#L99","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/daa38c2c-9992-400b-acef-dcd37f9c7269?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-11798","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:21.707","lastModified":"2026-07-08T16:16:26.770","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateor_mastodon_share' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"the_champ","product":"Social Share, Social Login and Social Comments Plugin – Super Socializer","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"7.14.5","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:06:35.384620Z","id":"CVE-2026-11798","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/super-socializer/tags/7.14.5/helper.php#L1243","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/super-socializer/tags/7.14.5/helper.php#L1246","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/37d9171d-4722-4ebc-a773-9fd497bc12cf?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12041","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:21.853","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Chatra Live Chat + ChatBot + Cart Saver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0.12 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"chatra","product":"Chatra Live Chat + ChatBot + Cart Saver","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.12","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:59:14.619642Z","id":"CVE-2026-12041","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/chatra-live-chat/tags/1.0.12/chatra.php#L33","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/chatra-live-chat/tags/1.0.12/chatra.php#L61","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/75da660b-04c7-4f15-b49d-2aa320ef5b4b?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12097","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:22.000","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The User Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to modify the plugin's export field configuration stored in the uiewp_export_field option, controlling which user fields such as password hashes are included in CSV exports and how columns are mapped during imports."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"saadiqbal","product":"User Management","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:12:51.875969Z","id":"CVE-2026-12097","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/user-management/tags/1.2/includes/model.php#L21","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/user-management/tags/1.2/includes/model.php#L729","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/user-management/tags/1.2/includes/model.php#L853","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/user-management/tags/1.2/users-imp-exp-wpexperts.php#L22","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4f1d0a07-254c-4df9-90a4-966dff014df0?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12153","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:22.157","lastModified":"2026-07-08T18:16:30.763","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WP Learn Manager plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.8. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to install and activate arbitrary plugins from the WordPress.org repository on the vulnerable site."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"rabilal","product":"WP Learn Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.1.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:39:00.577656Z","id":"CVE-2026-12153","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/learn-manager/tags/1.1.8/includes/ajax.php#L15","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learn-manager/tags/1.1.8/includes/ajax.php#L8","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learn-manager/tags/1.1.8/modules/jslearnmanager/model.php#L879","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/learn-manager/tags/1.1.8/modules/jslearnmanager/model.php#L920","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8cbf5121-2511-4e21-a346-67fa1e34fc02?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14489","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:22.307","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WHMCS Bridge plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the connect() function in all versions up to, and including, 6.9. This makes it possible for authenticated attackers, with Custom-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"globalprogramming","product":"WHMCS Bridge","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:48:00.445998Z","id":"CVE-2026-14489","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/whmcs-bridge/tags/6.9/bridge.init.php#L482","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/whmcs-bridge/tags/6.9/bridge.init.php#L809","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/whmcs-bridge/tags/6.9/bridge.init.php#L852","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/whmcs-bridge/tags/6.9/includes/request.class.php#L296","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/whmcs-bridge/tags/6.9/includes/request.class.php#L309","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/c4fe6dcc-93c8-4956-85ae-a1125bc84509?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14495","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:22.443","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The DoLogin Security plugin for WordPress is vulnerable to Authentication Bypass via Insufficient Randomness in all versions up to, and including, 4.3. The vulnerability exists because `dologin\\s::rrand()` seeds the Mersenne Twister with `mt_srand((double) microtime() * 1000000)` — discarding the integer-seconds component of `microtime()` and constraining the seed to a range of approximately 10^6 values (~20 bits of entropy) — after which every character of the 32-character magic-link token is drawn sequentially with `mt_rand()`, making the entire token a deterministic function of that seed. Because `Pswdless::try_login()` is registered on the unauthenticated `init` hook, resolves the target account by the auto-increment numeric ID embedded in the `?dologin=<id>.<hash>` parameter, performs the hash comparison using a non-constant-time `!=` operator, and then calls `wp_set_auth_cookie()` directly — never passing through `wp_authenticate()` and therefore never triggering the plugin's own `Auth::_has_login_err()` lockout — an unauthenticated attacker can brute-force the ~10^6-candidate seed space to reconstruct an active passwordless login token and authenticate as any targeted user, including administrators, without a password. Exploitation requires that a valid, unexpired passwordless login link (active for up to 7 days) exists for the target account at the time of the attack, and that the numeric link ID is known or guessable from the auto-increment primary key."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wpdo5ea","product":"DoLogin Security","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:43:37.967188Z","id":"CVE-2026-14495","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-338"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/dologin/tags/4.3/src/pswdless.cls.php#L197","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dologin/tags/4.3/src/pswdless.cls.php#L27","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dologin/tags/4.3/src/pswdless.cls.php#L86","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/dologin/tags/4.3/src/s.cls.php#L240","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/16bce371-b524-48eb-8537-3f9df802abd3?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14500","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:22.583","lastModified":"2026-07-08T16:16:27.123","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Bulk Order Update for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 1.6. This is due to the bouw_fetch_csv_data() AJAX handler being registered on the wp_ajax_nopriv_ hook with no capability or nonce check, and passing the attacker-supplied csv_url POST parameter — filtered only by esc_url_raw() (which leaves absolute filesystem paths intact) and validate_file() (which only rejects '..' traversal patterns) — directly into fopen()/fgetcsv() and reflecting the first parsed line in the JSON response. This makes it possible for unauthenticated attackers to read the first line of arbitrary files on the server (such as /etc/passwd) and to use the handler as a file-existence oracle."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"sayantandas20","product":"Bulk Order Update for WooCommerce","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.6","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:03:58.642046Z","id":"CVE-2026-14500","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/bulk-order-update-for-woocommerce/tags/1.6/inc/plugin-html.php#L23","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/bulk-order-update-for-woocommerce/tags/1.6/inc/plugin-html.php#L33","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/bulk-order-update-for-woocommerce/tags/1.6/inc/plugin-html.php#L48","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/d3aa1f74-6372-4abe-894b-07ad3e81ea81?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-56437","sourceIdentifier":"vultures@jpcert.or.jp","published":"2026-07-08T06:16:22.733","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Uncontrolled search path element issue exists in Pupsman versions prior to 3.9.0. If a crafted DLL file is placed in the same folder as the affected installer and the installer is executed, arbitrary code may be executed with SYSTEM privilege."}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"Fuji Electric Co.,Ltd.","product":"Pupsman","versions":[{"version":"prior to 3.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"ACTIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:57:37.716692Z","id":"CVE-2026-56437","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-427"}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN62347140/","source":"vultures@jpcert.or.jp"},{"url":"https://www.fujielectric.co.jp/products/power_supply/ups/product_detail/software_pupsman.html","source":"vultures@jpcert.or.jp"}]}},{"cve":{"id":"CVE-2026-57895","sourceIdentifier":"vultures@jpcert.or.jp","published":"2026-07-08T06:16:22.900","lastModified":"2026-07-08T15:07:37.767","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege"}],"affected":[{"source":"vultures@jpcert.or.jp","affectedData":[{"vendor":"Fuji Electric Co.,Ltd.","product":"Pupsman","versions":[{"version":"prior to 3.9.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV30":[{"source":"vultures@jpcert.or.jp","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:56:32.270683Z","id":"CVE-2026-57895","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"vultures@jpcert.or.jp","type":"Secondary","description":[{"lang":"en","value":"CWE-276"}]}],"references":[{"url":"https://jvn.jp/en/jp/JVN62347140/","source":"vultures@jpcert.or.jp"},{"url":"https://www.fujielectric.co.jp/products/power_supply/ups/product_detail/software_pupsman.html","source":"vultures@jpcert.or.jp"}]}},{"cve":{"id":"CVE-2026-9700","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:23.043","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Eventer plugin for WordPress is vulnerable to time-based SQL Injection via the ‘code’ parameter in all versions up to, and including, 4.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"joe007","product":"Eventer","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.4.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:58:39.229719Z","id":"CVE-2026-9700","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://codecanyon.net/item/eventer-wordpress-event-manager-plugin/20972534","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5e3b0a3a-ce4b-40fd-9519-a81e315cee42?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-9731","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T06:16:23.217","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Wp Js Detect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.9. This is due to missing or incorrect nonce validation on the plugin_settings function. This makes it possible for unauthenticated attackers to update the plugin's notification text and CSS settings (wp_non_js_notification_text and wp_non_js_notification_css), injecting arbitrary content that is echoed unescaped on the frontend via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wpkuf","product":"Wp Js Detect","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.9","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:13:12.998854Z","id":"CVE-2026-9731","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/wp-js-detect/trunk/wp-js-detect.php#L190","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-js-detect/trunk/wp-js-detect.php#L192","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-js-detect/trunk/wp-js-detect.php#L193","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/wp-js-detect/trunk/wp-js-detect.php#L250","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/afca7b14-f3bb-4612-b81c-bde120b380ba?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12378","sourceIdentifier":"contact@wpscan.com","published":"2026-07-08T07:16:46.550","lastModified":"2026-07-08T14:56:35.950","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Appointment Booking Calendar Plugin and Scheduling Plugin  WordPress plugin through 1.1.28 does not validate data before passing it to a PHP deserialization function, allowing unauthenticated attackers to inject arbitrary PHP objects; where a suitable gadget chain is present on the site this can be leveraged to achieve remote code execution."}],"affected":[{"source":"contact@wpscan.com","affectedData":[{"vendor":"Unknown","product":"Appointment Booking Calendar Plugin and Scheduling Plugin","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"1.1.28","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T10:03:52.140888Z","id":"CVE-2026-12378","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://wpscan.com/vulnerability/eb3abb88-43c3-42a8-a8a8-2ad67d37e020/","source":"contact@wpscan.com"}]}},{"cve":{"id":"CVE-2026-9695","sourceIdentifier":"3DS.Information-Security@3ds.com","published":"2026-07-08T07:16:46.870","lastModified":"2026-07-08T15:30:04.497","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server."}],"affected":[{"source":"3DS.Information-Security@3ds.com","affectedData":[{"vendor":"Dassault Systèmes","product":"DELMIA Apriso","defaultStatus":"unaffected","versions":[{"version":"Release 2020 Golden","lessThanOrEqual":"Release 2020 SP4","versionType":"custom","status":"affected"},{"version":"Release 2021 Golden","lessThanOrEqual":"Release 2021 SP3","versionType":"custom","status":"affected"},{"version":"Release 2022 Golden","lessThanOrEqual":"Release 2022 SP4","versionType":"custom","status":"affected"},{"version":"Release 2023 Golden","lessThanOrEqual":"Release 2023 SP3","versionType":"custom","status":"affected"},{"version":"Release 2024 Golden","lessThanOrEqual":"Release 2024 SP2","versionType":"custom","status":"affected"},{"version":"Release 2025 Golden","lessThanOrEqual":"Release 2025 SP1","versionType":"custom","status":"affected"},{"version":"Release 2026 Golden","lessThanOrEqual":"Release 2026 SP1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"3DS.Information-Security@3ds.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:46:02.952002Z","id":"CVE-2026-9695","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"3DS.Information-Security@3ds.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://www.3ds.com/trust-center/security/security-advisories/cve-2026-9695","source":"3DS.Information-Security@3ds.com"}]}},{"cve":{"id":"CVE-2026-13126","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:29.307","lastModified":"2026-07-09T14:20:52.397","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The embedded JavaScript in the PDF deleted the pages, making the object invalid. The application attempted to perform a write operation on the invalid pop-up annotations, resulting in the program crashing."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:12:57.219611Z","id":"CVE-2026-13126","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13127","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:29.440","lastModified":"2026-07-09T13:14:33.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opens the PDF file. JavaScript then rewrites the document to modify the page structure, resulting in the invalidation of the page objects. However, the thumbnails still use the invalid page objects, ultimately causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:13:51.030975Z","id":"CVE-2026-13127","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13128","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:29.557","lastModified":"2026-07-09T13:19:07.903","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Embedding JavaScript within a PDF file will cause the page to be deleted. Subsequent scripts will continue to access the relevant properties of the document view, eventually leading to the crash of the application."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:14:16.115665Z","id":"CVE-2026-13128","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-13129","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:29.673","lastModified":"2026-07-09T13:19:45.363","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF file, JavaScript uses the damaged field tree to trigger field traversal, resulting in the program holding an invalid form object when accessing the field property path. Eventually, the application crashes due to reading an invalid pointer."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:20:17.240504Z","id":"CVE-2026-13129","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-55999","sourceIdentifier":"meissner@suse.de","published":"2026-07-08T09:16:29.800","lastModified":"2026-07-09T19:49:51.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Local attackers with a X connection able to provide PCX fonts to the X \nserver xorg-server before 21.2.24 and xwayland before 24.1.13 could \ncause a heap buffer overflow via SetFont due to missing glyph boundary checks."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"X.Org","product":"xorg-server","defaultStatus":"unaffected","packageName":"xorg-server","repo":"https://gitlab.freedesktop.org/xorg/xserver/","versions":[{"version":"0","lessThan":"21.1.24","versionType":"rpm","status":"affected"}]},{"vendor":"X.Org","product":"xwayland","defaultStatus":"unaffected","packageName":"xwayland","repo":"https://gitlab.freedesktop.org/xorg/xserver/","versions":[{"version":"0","lessThan":"24.1.13","versionType":"rpm","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-55999","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.2.24","matchCriteriaId":"7952D780-B208-4D17-BD47-59B9C820E66F"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.13","matchCriteriaId":"17B539FB-255A-427D-9DD3-659AC3BEE4D4"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/fbf7bac22e2c6bd627fb042742a23318263edae1","source":"meissner@suse.de","tags":["Patch"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/08/2","source":"meissner@suse.de","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56000","sourceIdentifier":"meissner@suse.de","published":"2026-07-08T09:16:29.923","lastModified":"2026-07-09T19:47:29.210","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Local attackers with a X connection able to provide GLX commit to the X server xorg-server before 21.2.24 and xwayland before 24.1.13 could cause a Heap Use After Free, due to CommonMakeCurrent() pointing into potentially reallocated memory."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"X.Org","product":"xorg-x11-server","defaultStatus":"unaffected","packageName":"xorg-x11-server","repo":"https://gitlab.freedesktop.org/xorg/xserver/","versions":[{"version":"0","lessThan":"21.1.24","versionType":"rpm","status":"affected"}]},{"vendor":"X.Org","product":"xwayland","defaultStatus":"unaffected","packageName":"xwayland","repo":"https://gitlab.freedesktop.org/xorg/xserver/","versions":[{"version":"0","lessThan":"24.1.13","versionType":"rpmver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"HIGH","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"HIGH","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:41:28.146819Z","id":"CVE-2026-56000","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:x_server:*:*:*:*:*:*:*:*","versionEndExcluding":"21.2.24","matchCriteriaId":"7952D780-B208-4D17-BD47-59B9C820E66F"},{"vulnerable":true,"criteria":"cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*","versionEndExcluding":"24.1.13","matchCriteriaId":"17B539FB-255A-427D-9DD3-659AC3BEE4D4"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2779affbdb4354e894f490e56f962527d6125043","source":"meissner@suse.de","tags":["Patch"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/08/2","source":"meissner@suse.de","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56001","sourceIdentifier":"meissner@suse.de","published":"2026-07-08T09:16:30.050","lastModified":"2026-07-09T19:46:32.177","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A heap buffer overflow in BitmapScaleBitmaps in libXfont2 before 2.0.8 due to an overflowing 32bit size could be used by attackers able to access the X Server to execute code within the X server cont"}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"X.Org","product":"libXfont2","defaultStatus":"unaffected","packageName":"libXfont2","repo":"https://gitlab.freedesktop.org/xorg/lib/libxfont","versions":[{"version":"0","lessThan":"2.0.8","versionType":"rpm","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-56001","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.8","matchCriteriaId":"EF6A4D9B-81B8-4FDE-8958-8B08A0AAA937"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/xorg/lib/libxfont/-/commit/be0b08e2d354138d3222b4490e2a77c6ee42f778","source":"meissner@suse.de","tags":["Patch"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/08/1","source":"meissner@suse.de","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-57237","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:31.577","lastModified":"2026-07-09T14:20:34.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF and JavaScript modifies the properties of form fields, it causes the state of the underlying objects referenced by the program to become invalid. Eventually, it reads an illegal memory address, which leads to the crash of the application."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:15:11.236648Z","id":"CVE-2026-57237","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"92935477-3E84-49C9-B743-7C9485AA7130"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"8D41C109-FCCC-467D-AC01-37CE4106DC89"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"A5CE4481-BEBB-4646-B235-DCE82AEBD265"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"667D9B78-0790-48BD-AB58-D1DA2D5853A9"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"829072FC-5E49-49A5-B808-51731D05CD09"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57238","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:31.693","lastModified":"2026-07-09T14:22:01.103","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"After the application opened the PDF, JavaScript deleted the form field object. Subsequently, it attempted to access the invalid object, which caused the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:17:47.137145Z","id":"CVE-2026-57238","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57239","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:31.817","lastModified":"2026-07-09T14:31:41.157","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\\SYSTEM."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-57239","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-427"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57240","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:31.927","lastModified":"2026-07-09T14:22:30.227","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF file and JavaScript deletes the PDF fields, the subsequent logic still uses the old field pointers, resulting in invalid pointer references and causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:17:20.252962Z","id":"CVE-2026-57240","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57241","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.040","lastModified":"2026-07-09T14:28:24.850","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opens the PDF, and JavaScript performs operations on the page and the document, causing the page-related objects within the application to lose synchronization; however, the renderer still trusts the outdated page count, and eventually the application crashes due to out-of-bounds access."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:17:20.375640Z","id":"CVE-2026-57241","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57242","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.153","lastModified":"2026-07-09T14:21:18.657","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opens the PDF, and JavaScript modifies the form. However, the related objects on the page lack complete lifecycle management and null value validation; when the page state changes, the application continuously dereferences invalid objects, eventually leading to a crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:16:23.410682Z","id":"CVE-2026-57242","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57243","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.267","lastModified":"2026-07-09T14:23:13.530","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"During the process of page opening and form formatting, a JavaScript reentrancy results in an inconsistent document status. Subsequently, with outdated page information, the application attempts to access invalid addresses, causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:16:00.513613Z","id":"CVE-2026-57243","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57244","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.387","lastModified":"2026-07-09T13:22:48.437","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"After JavaScript resetting the form, the synchronization process lacks re-entry protection and object lifecycle verification, resulting in the failure of the control pointer during the traversal process. After the pointer fails, it still continues to dereference, causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:14:43.136775Z","id":"CVE-2026-57244","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.68868","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"75B69039-9E98-4CE7-B47A-750BCE8DB517"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57245","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.503","lastModified":"2026-07-09T13:14:08.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF, traverses and builds the annotation elements related to hyperlinks, it fails to validate the abnormal annotation relationships and field combinations. This results in the internal objects entering an invalid state. Eventually, during the destruction phase, an invalid pointer write occurred, causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:35:05.013350Z","id":"CVE-2026-57245","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57246","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.620","lastModified":"2026-07-09T13:01:38.287","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When dealing with abnormally constructed objects, there is a lack of argument validation; JavaScript triggers signature verification, but the signature plugin does not perform validation when copying the abnormal string, causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:27:49.970979Z","id":"CVE-2026-57246","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57247","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.737","lastModified":"2026-07-09T12:58:46.753","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application re-enters the document structure via field processing and deletes the current page, and then continues using the field objects obtained before deletion, triggering an illegal read and crashing."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:14:19.061141Z","id":"CVE-2026-57247","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.68868","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"75B69039-9E98-4CE7-B47A-750BCE8DB517"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57248","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.847","lastModified":"2026-07-09T12:05:52.557","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF file and JavaScript writes annotation attributes, there is a lack of sufficient object type and argument checks. As a result, due to the damage to the internal structure of the annotations, it causes the application to crash during subsequent release."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:38:08.327134Z","id":"CVE-2026-57248","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-763"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57249","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:32.960","lastModified":"2026-07-09T12:04:47.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"After the application opened the PDF file, the script first reset the annotation status, then triggered the reset form event by additional action. During the re-entry process, the application access invalid objects and crashed."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:40:18.806545Z","id":"CVE-2026-57249","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57250","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.070","lastModified":"2026-07-09T13:10:49.880","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF and JavaScript resets the form fields, the script re-enters the interface. The underlying native object is damaged, but the application does not perform validation. The function call on the damaged object leads to the application crashing."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:13:48.237727Z","id":"CVE-2026-57250","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.68868","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"75B69039-9E98-4CE7-B47A-750BCE8DB517"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57251","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.180","lastModified":"2026-07-09T13:00:26.617","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opens a PDF, but the cloud-like appearance of the construction process lacks proper setting of an upper limit and consistency checks. Out-of-bounds access to the underlying array is exposed, ultimately leading to a crash of the application."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:40:43.424088Z","id":"CVE-2026-57251","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57252","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.293","lastModified":"2026-07-09T12:03:56.347","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF file, during the process of JavaScript deleting pages and removing attachment annotations, it will cause the attachment panel to continue accessing invalid pointers, eventually leading to the application crashing."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:43:48.257346Z","id":"CVE-2026-57252","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57253","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.400","lastModified":"2026-07-09T11:57:26.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An abnormal image object causes the renderer to enter the wrong processing branch. When converting the scan lines, an invalid image buffer pointer is used, resulting in the application crashing."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:42:55.808823Z","id":"CVE-2026-57253","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57254","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.520","lastModified":"2026-07-09T11:59:16.257","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"There is an abnormal annotation within the PDF that is referenced by other objects. When the application parses the PDF, it fails to perform proper type checking, ultimately causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:45:55.295384Z","id":"CVE-2026-57254","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-843"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57255","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.647","lastModified":"2026-07-09T11:53:28.863","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opens a PDF containing an abnormal color space whose attributes reference a valid but semantically malformed function. The function's output is not validated; when subsequently read, it produces an illegal pointer that accesses an out-of-bounds region, crashing the application."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:46:35.839397Z","id":"CVE-2026-57255","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57256","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.770","lastModified":"2026-07-09T18:16:54.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"When the application opens a PDF and executes JavaScript, it performs abnormal operations on the list box field, and this operation is repeated after the form is reset. During this process, the application failed to adequately verify the validity of the form objects and their internal dictionary pointers, resulting in accessing internal members of invalid or improperly initialized fields. This led to an illegal pointer read, ultimately causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:38:44.758991Z","id":"CVE-2026-57256","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"},{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2420","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-57257","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:33.907","lastModified":"2026-07-09T14:25:57.033","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"During the PRC parsing stage, there is a lack of boundary verification for the PRC entity index, which leads to an out-of-bounds read of the entity array. As a result, the application crashes."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:39:26.124565Z","id":"CVE-2026-57257","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.68868","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"75B69039-9E98-4CE7-B47A-750BCE8DB517"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57258","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:34.030","lastModified":"2026-07-09T14:30:06.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The PRC file header parsing logic trusts the constructed file structure description information, assumes that the underlying array contains elements and reads them, leading to out-of-bounds reads and application crashes."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:40:05.161002Z","id":"CVE-2026-57258","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"92935477-3E84-49C9-B743-7C9485AA7130"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57259","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:34.157","lastModified":"2026-07-09T14:28:47.120","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The input file does not need to be strictly in a structurally valid PDF format. Instead, after reviewing the content, the original document disguised as a PDF will be sent to the parser. Malicious documents will construct malicious external entities that, through the protocol, point to local paths, thereby allowing access to any local files within the user's permission range."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:15:36.665436Z","id":"CVE-2026-57259","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-57260","sourceIdentifier":"14984358-7092-470d-8f34-ade47a7658a2","published":"2026-07-08T09:16:34.283","lastModified":"2026-07-09T11:32:15.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"The application opened a PDF file containing an abnormal Unity 3D object. During parsing, the application incorrectly resolved a portion of the abnormal object as a pointer and used it as a valid address, ultimately causing the application to crash."}],"affected":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","affectedData":[{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["Windows"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.4 and earlier","status":"affected"},{"version":"Versions 13.2.4 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Editor","defaultStatus":"unaffected","platforms":["MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"},{"version":"Versions 14.0.3 and earlier","status":"affected"},{"version":"Versions 13.2.3 and earlier","status":"affected"}]},{"vendor":"Foxit Software Inc.","product":"Foxit PDF Reader","defaultStatus":"unaffected","platforms":["Windows","MacOS"],"versions":[{"version":"Versions 2026.1.1 and earlier","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:47:25.274989Z","id":"CVE-2026-57260","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"14984358-7092-470d-8f34-ade47a7658a2","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.4.24048","matchCriteriaId":"4AED7415-0393-4DF2-BEE8-486712D56288"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.33046","versionEndIncluding":"14.0.4.33508","matchCriteriaId":"A10F7B1A-AAB3-4D81-A08C-866C49C76506"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.15510","versionEndIncluding":"2023.3.0.23028","matchCriteriaId":"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.23997","versionEndIncluding":"2024.4.1.27687","matchCriteriaId":"2C06BC41-9831-4AE3-B10B-3FC313D01580"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.27937","versionEndIncluding":"2025.3.0.35737","matchCriteriaId":"AD0AAFC0-5B9B-4A11-8967-4699792850F1"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.36452","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BB50B54F-D08D-492E-8CDF-D76032F4F9C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.36485","matchCriteriaId":"BF5DF56E-0DAD-4D0F-B64C-F41611D64981"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionEndIncluding":"13.2.3.63444","matchCriteriaId":"4DCCFD60-850F-48C4-A535-39D98B28C837"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"14.0.0.68868","versionEndIncluding":"14.0.3.69295","matchCriteriaId":"75B69039-9E98-4CE7-B47A-750BCE8DB517"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2023.1.0.55583","versionEndIncluding":"2023.3.0.63083","matchCriteriaId":"D8785CCE-C44C-4908-9133-13A580D5BECB"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2024.1.0.63682","versionEndIncluding":"2024.4.1.66479","matchCriteriaId":"CF043D20-0E28-481C-8756-D1301FAE67D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0.66692","versionEndIncluding":"2025.3.0.69570","matchCriteriaId":"20698FD4-5E28-4206-ACEA-4FCD24AD23BE"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*","versionStartIncluding":"2026.1.0.70169","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"457731AE-E9EB-424F-9311-BA76EB6985E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*","versionEndIncluding":"2026.1.1.70276","matchCriteriaId":"DC0C84D7-624B-4608-BEBD-39BBB478819D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*","matchCriteriaId":"387021A0-AF36-463C-A605-32EA7DAC172E"}]}]}],"references":[{"url":"https://www.foxit.com/support/security-bulletins.html","source":"14984358-7092-470d-8f34-ade47a7658a2","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6280","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-08T09:16:34.403","lastModified":"2026-07-08T14:57:28.893","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of sensitive information due to incompatible policies vulnerability in NOMYSOFT Informatics Education and Consulting Inc. Nomysem allows Accessing Functionality Not Properly Constrained by ACLs.\n\nThis issue affects Nomysem: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"NOMYSOFT Informatics Education and Consulting Inc.","product":"Nomysem","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"08072026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:09:17.803895Z","id":"CVE-2026-6280","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-213"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0516","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-56002","sourceIdentifier":"meissner@suse.de","published":"2026-07-08T10:16:23.327","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A heap bufferflow in pcfReadFont() due to missing glyph bounds checking in libXfont2 before 2.0.8  allows attackers authenticated as X client to execute code within the X server."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"X.Org","product":"libXfont2","defaultStatus":"unaffected","packageName":"libXfont2","repo":"https://gitlab.freedesktop.org/xorg/lib/libxfont","versions":[{"version":"0","lessThan":"2.0.8","versionType":"rpm","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-56002","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"references":[{"url":"https://gitlab.freedesktop.org/xorg/lib/libxfont/-/commit/b4389e0b1d84a690b819bb27b1439968811a3674","source":"meissner@suse.de"},{"url":"https://www.openwall.com/lists/oss-security/2026/07/08/1","source":"meissner@suse.de"}]}},{"cve":{"id":"CVE-2026-56003","sourceIdentifier":"meissner@suse.de","published":"2026-07-08T10:16:23.577","lastModified":"2026-07-09T19:50:11.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties() before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server."}],"affected":[{"source":"meissner@suse.de","affectedData":[{"vendor":"X.Org","product":"libXfont2","defaultStatus":"unaffected","packageName":"libXfont2","repo":"https://gitlab.freedesktop.org/xorg/lib/libxfont/","versions":[{"version":"0","lessThan":"2.0.8","versionType":"rpm","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"meissner@suse.de","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-56003","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"meissner@suse.de","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x:libxfont:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.0.8","matchCriteriaId":"EF6A4D9B-81B8-4FDE-8958-8B08A0AAA937"}]}]}],"references":[{"url":"https://gitlab.freedesktop.org/xorg/lib/libxfont/-/commit/dff957a5158da038a282a59a31fe736702732939","source":"meissner@suse.de","tags":["Patch"]},{"url":"https://www.openwall.com/lists/oss-security/2026/07/08/1","source":"meissner@suse.de","tags":["Mailing List","Patch","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15041","sourceIdentifier":"secalert@redhat.com","published":"2026-07-08T11:16:26.260","lastModified":"2026-07-09T19:36:15.370","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in 389 Directory Server. The PBKDF2-SHA256 password verification function uses standard memcmp() for comparing password hashes instead of a constant-time comparison function. A remote attacker could potentially use timing measurements of LDAP bind attempts to infer partial hash information, though practical exploitation is extremely difficult due to PBKDF2 computational overhead."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat Directory Server 11","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:11/389-ds-base","cpes":["cpe:/a:redhat:directory_server:11"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 12","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"redhat-ds:12/389-ds-base","cpes":["cpe:/a:redhat:directory_server:12"]},{"vendor":"Red Hat","product":"Red Hat Directory Server 13","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/a:redhat:directory_server:13"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 10","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:10"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 6","defaultStatus":"unaffected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:6"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 7","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:7"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 8","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds:1.4/389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:8"]},{"vendor":"Red Hat","product":"Red Hat Enterprise Linux 9","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"389-ds-base","cpes":["cpe:/o:redhat:enterprise_linux:9"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:44:08.886989Z","id":"CVE-2026-15041","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-208"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:11.0:*:*:*:*:*:*:*","matchCriteriaId":"2A169F6D-88A5-4631-9D30-519350ACFE6E"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*","matchCriteriaId":"A3DAF61A-58A9-41A6-A4DC-64148055B0C1"},{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:directory_server:13.0:*:*:*:*:*:*:*","matchCriteriaId":"904002F4-762C-4CFF-88C4-8FC929774DF8"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:389_directory_server:-:*:*:*:*:*:*:*","matchCriteriaId":"A861110D-0BBC-4052-BBFD-F718F6CD72C5"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","matchCriteriaId":"142AD0DD-4CF3-4D74-9442-459CE3347E3A"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","matchCriteriaId":"F4CFF558-3C47-480D-A2F0-BABF26042943"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*","matchCriteriaId":"7F6FB57C-2BC7-487C-96DD-132683AEB35D"},{"vulnerable":true,"criteria":"cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D65C2163-CFC2-4ABB-8F4E-CB09CEBD006C"}]}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-15041","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2498022","source":"secalert@redhat.com","tags":["Issue Tracking","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2025-14785","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:18.223","lastModified":"2026-07-08T18:16:28.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Website Builder by SeedProd - Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `seedprodnestedmenuwidget` shortcode in all versions up to, and including, 6.20.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"seedprod","product":"Website Builder by SeedProd — Theme Builder, Landing Page Builder, Coming Soon Page, Maintenance Mode","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.20.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:30:17.467675Z","id":"CVE-2025-14785","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3565979/coming-soon/trunk/app/nestednavmenu.php?old=3422960&old_path=coming-soon%2Ftrunk%2Fapp%2Fnestednavmenu.php","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/ba751f98-f86c-451b-8a12-a2e9e76768e5?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12936","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:19.923","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Recurio – Ultimate Subscription for WooCommerce plugin for WordPress is vulnerable to generic SQL Injection via the 'data' parameter in all versions up to, and including, 1.1.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with shop manager-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"devitemsllc","product":"Recurio – Ultimate Subscription for WooCommerce","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.1.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:14:18.151346Z","id":"CVE-2026-12936","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/recurio/tags/1.1.2/includes/core/class-subscription-engine.php#L1095","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/recurio/tags/1.1.2/includes/core/class-subscription-engine.php#L301","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?reponame=&old=3593971%40recurio&new=3593971%40recurio","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4b34ad23-246e-42ba-89de-5985043848be?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-14250","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:20.200","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Themehunk Login Registration plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.0.2. This is due to the handle_frontend_register() function in the unauthenticated /thlogin/v1/register REST endpoint accepting a user-controlled 'role' parameter and validating it only against get_editable_roles() — which returns every defined editable site role, including 'editor' — before passing it to wp_insert_user(). This makes it possible for unauthenticated attackers, when public user registration is enabled, to create new accounts with the editor role."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"themehunk","product":"TH Login Registration","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T12:37:59.763190Z","id":"CVE-2026-14250","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/themehunk-login-registration/tags/1.0.2/includes/class-thlogin-rest-api.php#L243","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themehunk-login-registration/tags/1.0.2/includes/class-thlogin-rest-api.php#L782","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themehunk-login-registration/tags/1.0.2/includes/class-thlogin-rest-api.php#L811","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/themehunk-login-registration/tags/1.0.2/includes/class-thlogin-rest-api.php#L82","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/changeset?reponame=&old=3592690%40themehunk-login-registration&new=3592690%40themehunk-login-registration","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8eee3809-133e-4fd9-ad49-cc6fe3822457?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-3688","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:20.430","lastModified":"2026-07-08T16:16:28.610","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The WCFM Membership – WooCommerce Memberships for Multivendor Marketplace plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.11.10. This is due to the 'wcfmvm_membership_change' AJAX action not validating user permission to modify other users. This makes it possible for authenticated attackers, with vendor level access and above, to change any user's role to 'wcfm_vendor' by changing their membership plan."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wclovers","product":"WCFM Membership – WooCommerce Memberships for Multivendor Marketplace","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2.11.10","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:00:56.429002Z","id":"CVE-2026-3688","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3520777/wc-multivendor-membership","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8a934ccd-9330-4585-9994-838940d24980?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-41042","sourceIdentifier":"security@apache.org","published":"2026-07-08T12:17:20.550","lastModified":"2026-07-08T20:16:49.380","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino.\n\nThis issue affects Apache Gravitino: before 1.2.1.\n\nUsers are recommended to upgrade to version 1.2.1, which fixes the issue.\n\nThis issue only happens when using H2, and H2 is mainly used for testing and local development. Also, Gravitino is typically deployed in the internal environment, so the severity is low."}],"affected":[{"source":"security@apache.org","affectedData":[{"vendor":"Apache Software Foundation","product":"Apache Gravitino","defaultStatus":"unaffected","collectionURL":"https://repo.maven.apache.org/maven2","packageName":"org.apache.gravitino:gravitino-catalog-jdbc-common","versions":[{"version":"0","lessThan":"1.2.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:07:46.248529Z","id":"CVE-2026-41042","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@apache.org","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://lists.apache.org/thread/vdh88wc6j5b38v65ncb111wbbnkf6bvm","source":"security@apache.org"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/5","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-6230","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:20.660","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Tainacan plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geoquery' parameter in all versions up to and including 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"tainacan","product":"Tainacan","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.3","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:59:54.333220Z","id":"CVE-2026-6230","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/tainacan/tainacan/commit/579d28d7752b27ed3407f5197abb6349b3efc3c9","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/241d9cd3-9331-49b2-8083-dc646070488e?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6371","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-08T12:17:20.780","lastModified":"2026-07-08T14:57:28.893","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Limatek System Inc. LimRAD NAC allows Stored XSS.\n\nThis issue affects LimRAD NAC: through 08072026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Limatek System Inc.","product":"LimRAD NAC","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"08072026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:23:51.555520Z","id":"CVE-2026-6371","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0517","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-6742","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:20.893","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in all versions up to, and including, 2026.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"mdempfle","product":"Advanced iFrame","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"2026.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:21:32.811076Z","id":"CVE-2026-6742","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3558422/advanced-iframe","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/2b9c4ca8-e5cd-4c4f-8d81-b06367c89fd7?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6818","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:21.017","lastModified":"2026-07-08T18:16:35.323","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'special_requests' parameter in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"e4jvikwp","product":"VikBooking Hotel Booking Engine & PMS","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.8.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:30:44.708889Z","id":"CVE-2026-6818","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/vikbooking/tags/1.8.9/admin/helpers/widgets/booking_details.php#L684","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/vikbooking/tags/1.8.9/admin/views/editorder/tmpl/default.php#L2717","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/vikbooking/tags/1.8.9/admin/views/orders/tmpl/default.php#L769","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/13a96e78-c83c-4ff1-a751-3dbaeb683d9d?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6854","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T12:17:21.137","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'mc_auth' parameter in all versions up to, and including, 3.7.8 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"joedolson","product":"My Calendar – Accessible Event Manager","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"3.7.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:11:40.613858Z","id":"CVE-2026-6854","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3515996/my-calendar","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/aa1ed81c-04cb-4ccd-8c30-b1d943730909?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-12002","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:28.380","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.11.1. This is due to missing or incorrect nonce validation on the maybe_connection_data function. This makes it possible for unauthenticated attackers to overwrite the site's Instagram and Facebook oEmbed access tokens via a forged request granted they can trick a site administrator into performing an action such as clicking on a link."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"smub","product":"Smash Balloon Social Photo Feed – Easy Social Feeds Plugin","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.11.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:02:53.626151Z","id":"CVE-2026-12002","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3575933/instagram-feed/trunk/admin/SBI_oEmbeds.php?old=3289310&old_path=instagram-feed%2Ftrunk%2Fadmin%2FSBI_oEmbeds.php","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/abe6366a-3729-474f-8920-b5ed2eeab906?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-5356","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:56.767","lastModified":"2026-07-08T16:16:34.673","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 5.4.0. This is due to the plugin's Stripe Connect payment processor accepting a client-supplied PaymentIntent ID. This makes it possible for unauthenticated attackers to pay an arbitrary amount by supplying a previously succeeded PaymentIntent token."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"latepoint","product":"LatePoint – Calendar Booking Plugin for Appointments and Events","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"5.4.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:02:04.174465Z","id":"CVE-2026-5356","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3509569/latepoint","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/1b1338c4-36a8-47b0-b3cf-c5dc690f8c1c?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-5459","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:56.887","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.3.1 via the payment_page() function due to missing validation on the 'user_id' user controlled key. This makes it possible for unauthenticated attackers to activate a free subscription pack for any user on the site, overwriting their existing paid subscription and causing loss of paid features."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wedevs","product":"User Frontend: AI Powered Frontend Posting, User Directory, Profile Builder, Membership & User Registration","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.3.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:00:40.858181Z","id":"CVE-2026-5459","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3514258/wp-user-frontend","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/a02d9a01-1104-4935-8074-af4367c66278?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6459","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:57.380","lastModified":"2026-07-08T15:16:32.627","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Event Calendar widget in all versions up to, and including, 6.6.2 due to insufficient input sanitization and output escaping on event titles sourced from The Events Calendar. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"wpdevteam","product":"Essential Addons for Elementor – Popular Elementor Templates & Widgets","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"6.6.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:11:15.978399Z","id":"CVE-2026-6459","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3519453/essential-addons-for-elementor-lite","source":"security@wordfence.com"},{"url":"https://research.cleantalk.org/cve-2026-6459","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/5b3214a5-7044-4005-a200-c969d4487be2?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6740","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:57.653","lastModified":"2026-07-08T18:16:35.223","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'commentIcon' parameter in all versions up to, and including, 4.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"posimyththemes","product":"Nexter Blocks – Gutenberg Blocks, Page Builder & AI Website Builder","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"4.7.4","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:16:29.266059Z","id":"CVE-2026-6740","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/changeset/3512686/the-plus-addons-for-block-editor/trunk/classes/blocks/tp-post-meta/index.php","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/f5184598-b0bd-4026-971c-da36d79497df?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-6820","sourceIdentifier":"security@wordfence.com","published":"2026-07-08T13:16:57.780","lastModified":"2026-07-08T14:55:07.843","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The VikBooking Hotel Booking Engine & PMS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'email' parameter in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}],"affected":[{"source":"security@wordfence.com","affectedData":[{"vendor":"e4jvikwp","product":"VikBooking Hotel Booking Engine & PMS","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.8.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:10:17.505580Z","id":"CVE-2026-6820","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://plugins.trac.wordpress.org/browser/vikbooking/tags/1.8.9/admin/controller.php#L11208","source":"security@wordfence.com"},{"url":"https://plugins.trac.wordpress.org/browser/vikbooking/tags/1.8.9/site/controller.php#L307","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/e2b4586a-f87d-4a51-8f4e-932d7254518e?source=cve","source":"security@wordfence.com"}]}},{"cve":{"id":"CVE-2026-8307","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-08T13:16:57.903","lastModified":"2026-07-09T10:16:27.537","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"iletisim@usom.gov.tr","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection.\n\nThis issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Webbeyaz Web Design","product":"Mediküm Web","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"08072026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:46:15.492523Z","id":"CVE-2026-8307","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0518","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-8310","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-08T13:16:58.017","lastModified":"2026-07-09T10:16:28.233","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"iletisim@usom.gov.tr","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Webbeyaz Web Design Mediküm Web allows Reflected XSS.\n\nThis issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Webbeyaz Web Design","product":"Mediküm Web","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"08072026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:45:57.063221Z","id":"CVE-2026-8310","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0518","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-8315","sourceIdentifier":"iletisim@usom.gov.tr","published":"2026-07-08T13:16:58.133","lastModified":"2026-07-09T10:16:28.903","vulnStatus":"Deferred","cveTags":[{"sourceIdentifier":"iletisim@usom.gov.tr","tags":["unsupported-when-assigned"]}],"descriptions":[{"lang":"en","value":"Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS.\n\nThis issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported."}],"affected":[{"source":"iletisim@usom.gov.tr","affectedData":[{"vendor":"Webbeyaz Web Design","product":"Mediküm Web","defaultStatus":"unknown","versions":[{"version":"0","lessThanOrEqual":"08072026","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"iletisim@usom.gov.tr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:45:31.199852Z","id":"CVE-2026-8315","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"iletisim@usom.gov.tr","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0518","source":"iletisim@usom.gov.tr"}]}},{"cve":{"id":"CVE-2026-15033","sourceIdentifier":"cna@vuldb.com","published":"2026-07-08T14:16:56.273","lastModified":"2026-07-08T18:16:32.257","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in christopherthielen check-peer-dependencies up to 4.3.4. Affected by this vulnerability is the function shelljs.exec of the file dist/packageUtils.js of the component peerDependencies. This manipulation causes os command injection. The attack may be initiated remotely. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"christopherthielen","product":"check-peer-dependencies","cpes":["cpe:2.3:a:christopherthielen:check-peer-dependencies:*:*:*:*:*:*:*:*"],"modules":["peerDependencies"],"versions":[{"version":"4.3.0","status":"affected"},{"version":"4.3.1","status":"affected"},{"version":"4.3.2","status":"affected"},{"version":"4.3.3","status":"affected"},{"version":"4.3.4","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:15:23.390150Z","id":"CVE-2026-15033","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-77"},{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/christopherthielen/check-peer-dependencies/","source":"cna@vuldb.com"},{"url":"https://github.com/christopherthielen/check-peer-dependencies/issues/74","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-15033","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850875","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376784","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376784/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-15034","sourceIdentifier":"cna@vuldb.com","published":"2026-07-08T14:16:56.460","lastModified":"2026-07-08T15:16:25.730","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability has been found in flask-dashboard Flask-MonitoringDashboard up to 5.0.2. Affected by this issue is some unknown functionality. Such manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"flask-dashboard","product":"Flask-MonitoringDashboard","cpes":["cpe:2.3:a:flask-dashboard:flask-monitoringdashboard:*:*:*:*:*:*:*:*"],"versions":[{"version":"5.0.0","status":"affected"},{"version":"5.0.1","status":"affected"},{"version":"5.0.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:21:09.096912Z","id":"CVE-2026-15034","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"},{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/flask-dashboard/Flask-MonitoringDashboard/","source":"cna@vuldb.com"},{"url":"https://github.com/flask-dashboard/Flask-MonitoringDashboard/issues/557","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-15034","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850877","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850878","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850879","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/850880","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376785","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376785/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-15035","sourceIdentifier":"cna@vuldb.com","published":"2026-07-08T14:16:56.643","lastModified":"2026-07-09T15:54:06.390","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in bentoml OpenLLM 0.6.30. This affects the function async_run_command of the file src/openllm/common.py of the component Model Repository Directory Name Handler. Performing a manipulation of the argument cmd results in command injection. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"bentoml","product":"OpenLLM","cpes":["cpe:2.3:a:bentoml:openllm:*:*:*:*:*:*:*:*"],"modules":["Model Repository Directory Name Handler"],"versions":[{"version":"0.6.30","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":1.9,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:S/C:P/I:P/A:P","baseScore":4.3,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.1,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:20:29.444830Z","id":"CVE-2026-15035","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"},{"lang":"en","value":"CWE-77"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-78"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bentoml:openllm:0.6.30:*:*:*:*:*:*:*","matchCriteriaId":"AEE0A7DA-21BA-4526-BFA5-9B57E3E3B120"}]}]}],"references":[{"url":"https://github.com/bentoml/OpenLLM/","source":"cna@vuldb.com","tags":["Product"]},{"url":"https://github.com/bentoml/OpenLLM/issues/1229","source":"cna@vuldb.com","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/bentoml/OpenLLM/pull/1235","source":"cna@vuldb.com","tags":["Exploit","Patch"]},{"url":"https://vuldb.com/cve/CVE-2026-15035","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/submit/850895","source":"cna@vuldb.com","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376786","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/vuln/376786/cti","source":"cna@vuldb.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-41122","sourceIdentifier":"security_alert@emc.com","published":"2026-07-08T14:16:58.197","lastModified":"2026-07-08T20:09:50.337","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain a stored cross-site scripting vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability. Exploitation may lead to information disclosure, session theft, or client-side request forgery."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:25:12.097052Z","id":"CVE-2026-41122","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities?msockid=3021cac2195069ed3194ddad186a68f9","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-44840","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T14:16:59.493","lastModified":"2026-07-09T15:16:35.207","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dgraph is an open source distributed GraphQL database. Prior to version 25.3.4, the `checkUserPassword` GraphQL query in Dgraph is vulnerable to DQL (Dgraph Query Language) injection. User-supplied password values are interpolated directly into a DQL `checkpwd()` query via `fmt.Sprintf` without any escaping or parameterization. An attacker can inject a password containing a double-quote character to break out of the DQL string literal and append arbitrary DQL query blocks. Version 25.3.4 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dgraph-io","product":"dgraph","versions":[{"version":"< 25.3.4","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:28:28.118081Z","id":"CVE-2026-44840","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-943"}]}],"references":[{"url":"https://github.com/dgraph-io/dgraph/commit/cee702c93f141eeb0c96a81f70830ec9e459efac","source":"security-advisories@github.com"},{"url":"https://github.com/dgraph-io/dgraph/releases/tag/v25.3.4","source":"security-advisories@github.com"},{"url":"https://github.com/dgraph-io/dgraph/security/advisories/GHSA-q2m9-6jp9-c6mc","source":"security-advisories@github.com"},{"url":"https://github.com/dgraph-io/dgraph/security/advisories/GHSA-q2m9-6jp9-c6mc","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-53480","sourceIdentifier":"security_alert@emc.com","published":"2026-07-08T14:17:03.880","lastModified":"2026-07-08T20:09:53.847","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('path traversal') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized file modification."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:29:20.663485Z","id":"CVE-2026-53480","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities?msockid=3021cac2195069ed3194ddad186a68f9","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-53482","sourceIdentifier":"security_alert@emc.com","published":"2026-07-08T14:17:04.000","lastModified":"2026-07-09T15:16:35.927","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Integer overflow or wraparound vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.8.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:30:55.868978Z","id":"CVE-2026-53482","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.7.0.0","versionEndExcluding":"8.8.0.0","matchCriteriaId":"4BA45B0F-6A67-476D-9101-0DDC91B77D51"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities?msockid=3021cac2195069ed3194ddad186a68f9","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-54061","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T14:17:06.520","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Dgraph is an open source distributed GraphQL database. Prior to version 25.3.5, Dgraph Alpha exposes the RPCs used for external snapshot import on the public gRPC port `:9080` without authentication or authorization. As a result, an unauthenticated network client can open `StreamExtSnapshot` and send Badger stream data to the target group’s store. In addition, the receiver calls `Prepare()` before processing the stream. This operation deletes and replaces the existing DB data. Version 25.3.5 patches the issue."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"dgraph-io","product":"dgraph","versions":[{"version":"< 25.3.5","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:26:08.694479Z","id":"CVE-2026-54061","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/dgraph-io/dgraph/releases/tag/v25.3.5","source":"security-advisories@github.com"},{"url":"https://github.com/dgraph-io/dgraph/security/advisories/GHSA-rrwh-6jrq-wp5v","source":"security-advisories@github.com"},{"url":"https://github.com/dgraph-io/dgraph/security/advisories/GHSA-rrwh-6jrq-wp5v","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56086","sourceIdentifier":"security_alert@emc.com","published":"2026-07-08T14:17:14.980","lastModified":"2026-07-09T04:17:46.973","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an Incorrect Authorization vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access."}],"affected":[{"source":"security_alert@emc.com","affectedData":[{"vendor":"Dell","product":"PowerProtect Data Domain","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"8.7.0.0 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.6.1.20 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"8.3.1.40 or later","versionType":"semver","status":"affected"},{"version":"0","lessThan":"7.13.1.80 or later","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security_alert@emc.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-56086","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security_alert@emc.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.7.1.0","versionEndExcluding":"7.13.1.80","matchCriteriaId":"064F56BA-B974-4133-9DFA-B13D503766AC"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"7.14.0.0","versionEndExcluding":"8.3.1.40","matchCriteriaId":"EB4BB568-B169-4202-94E0-8D808419241B"},{"vulnerable":true,"criteria":"cpe:2.3:o:dell:data_domain_operating_system:*:*:*:*:*:*:*:*","versionStartIncluding":"8.4.0.0","versionEndExcluding":"8.6.1.20","matchCriteriaId":"BA61361F-FED8-4936-A9F6-FFA35BE413F8"}]}]}],"references":[{"url":"https://www.dell.com/support/kbdoc/en-us/000481268/dsa-2026-278-security-update-for-dell-powerprotect-data-domain-multiple-vulnerabilities?msockid=3021cac2195069ed3194ddad186a68f9","source":"security_alert@emc.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56217","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.107","lastModified":"2026-07-08T15:16:30.547","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 contains a policy bypass vulnerability in app_versions update enforcement that allows app-scoped API keys to downgrade encrypted bundles to non-encrypted state. Attackers with app-scoped all API keys can directly update the app_versions table via PostgREST to clear session_key and key_id fields, bypassing organization-enforced encrypted-bundle policies and weakening OTA security controls."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:28:32.016164Z","id":"CVE-2026-56217","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-4qwf-mrgx-mvfx","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-encrypted-bundle-policy-bypass-via-direct-postgrest-update","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-4qwf-mrgx-mvfx","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56220","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.277","lastModified":"2026-07-08T18:16:33.370","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 contains an authorization bypass vulnerability in the public.manifest INSERT policy that allows read-only org members to insert OTA manifest rows. Attackers with read-only org access can inject malicious manifest entries with arbitrary s3_path values that are served to devices via the unauthenticated /updates endpoint, enabling OTA metadata poisoning and potential malicious asset delivery."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:43:43.750779Z","id":"CVE-2026-56220","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-vmgg-crr8-887p","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-unauthorized-manifest-insertion-via-read-only-org-member","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-vmgg-crr8-887p","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56226","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.413","lastModified":"2026-07-08T17:17:25.070","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo (Cap-go/capgo) before 12.128.2 exposes the Supabase PostgREST RPC function public.get_orgs_v6(userid uuid), which is SECURITY DEFINER and granted to the anon role, allowing unauthenticated access. Because the function accepts a caller-supplied user UUID without verifying it matches the authenticated user, an attacker using only the public publishable API key can query POST /rest/v1/rpc/get_orgs_v6 with an arbitrary user UUID to retrieve that user's organization membership, roles, subscription/trial metadata, and management_email (PII)."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Cap-go","product":"capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:50:49.697618Z","id":"CVE-2026-56226","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-m7mm-35v3-82f4","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-unauthenticated-organization-data-disclosure-via-get-orgs-v6-rpc","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-m7mm-35v3-82f4","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56246","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.543","lastModified":"2026-07-08T15:16:30.667","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 contains a broken access control vulnerability in the organization management API where a scoped API key (limited_to_orgs) inherits its owner-user's permissions, allowing destructive cross-organization actions. When a user is an admin in two organizations and creates a write-mode API key restricted to one organization, that key can still perform destructive operations (e.g., DELETE /organization, DELETE /organization/members) against another organization. The root cause is route-level authorization (rbac_check_permission_direct) that evaluates the key owner's user privileges before enforcing the API key's limited_to_orgs scope."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:23:42.457115Z","id":"CVE-2026-56246","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-ccm4-hf72-p28m","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-cross-organization-authorization-bypass-via-scoped-api-key-privilege-inheritance","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-ccm4-hf72-p28m","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56250","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.673","lastModified":"2026-07-08T15:16:30.780","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 allows upload-scoped API keys to modify the mutable app_versions.r2_path field through PostgREST, enabling retargeting to arbitrary R2 bundle objects. Attackers can patch r2_path to point to victim objects, soft-delete the attacker-controlled version, and trigger the on_version_update cleanup function to delete the victim R2 object, causing denial of service and bundle availability disruption."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:23:06.122727Z","id":"CVE-2026-56250","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-pw8p-5jg6-cxj3","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-arbitrary-r2-object-deletion-via-mutable-r2-path-in-app-versions","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-pw8p-5jg6-cxj3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56273","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.800","lastModified":"2026-07-09T15:16:37.727","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Flowise before 3.1.0 contains a path traversal vulnerability in Faiss and SimpleStore vector store implementations that accept unsanitized basePath parameters from authenticated users. Attackers with valid API tokens can write vector store data to arbitrary filesystem locations, potentially enabling code execution or data exfiltration."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Flowise","product":"Flowise","defaultStatus":"unaffected","packageURL":"pkg:npm/flowise","versions":[{"version":"0","lessThan":"3.1.0","versionType":"semver","status":"affected"},{"version":"3.1.0","versionType":"semver","status":"unaffected"}]},{"vendor":"Flowise","product":"Flowise","defaultStatus":"unaffected","packageURL":"pkg:npm/flowise-components","versions":[{"version":"0","lessThan":"3.1.0","versionType":"semver","status":"affected"},{"version":"3.1.0","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:34:10.299166Z","id":"CVE-2026-56273","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/flowise-path-traversal-in-vector-store-basepath-parameter","source":"disclosure@vulncheck.com"},{"url":"https://github.com/FlowiseAI/Flowise/security/advisories/GHSA-w6v6-49gh-mc9w","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56283","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:15.970","lastModified":"2026-07-08T15:16:30.887","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 contains an html injection vulnerability in the organization settings endpoint that allows attackers to inject malicious HTML content. Attackers can craft payloads in the organization name field to redirect users to untrusted websites, enabling phishing attacks and reputational damage."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:27:33.680973Z","id":"CVE-2026-56283","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-vhvc-gxfh-m85g","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-html-injection-leading-to-open-redirection-in-organization-settings","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-vhvc-gxfh-m85g","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56284","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:16.100","lastModified":"2026-07-08T18:16:33.487","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo (Cap-go/capgo) before 12.128.2 contains an information disclosure vulnerability in the Supabase PostgREST RPC function public.get_total_metrics(org_id), which is callable by the anon role using only the public sb_publishable_* key. An unauthenticated attacker can probe organization existence and leak sensitive usage metrics including MAU, bandwidth, and install counts by sending POST requests to /rest/v1/rpc/get_total_metrics with valid organization UUIDs."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Cap-go","product":"capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:42:24.225760Z","id":"CVE-2026-56284","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-h5jf-xgvh-hgjw","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-unauthenticated-metrics-disclosure-via-get-total-metrics-rpc","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-h5jf-xgvh-hgjw","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56293","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:16.230","lastModified":"2026-07-08T17:17:25.180","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 contains an authorization flaw in transfer_app() that fails to update deploy_history.owner_org when transferring applications between organizations. Attackers can exploit this omission to retain unauthorized access to deployment history records in the source organization or cause the destination organization to lose access to transferred application deployment records."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:48:09.723503Z","id":"CVE-2026-56293","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-854w-xj7g-prv3","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-stale-cross-organization-authorization-via-incomplete-deploy-history-update-in-transfer-app","source":"disclosure@vulncheck.com"},{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-854w-xj7g-prv3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-56298","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:16.493","lastModified":"2026-07-08T15:16:31.110","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Capgo before 12.128.2 fails to strip EXIF metadata from images uploaded via the app information endpoint, exposing sensitive geolocation data. Attackers can upload images containing EXIF metadata to extract geographic location information and other embedded metadata from uploaded files."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Capgo","product":"Capgo","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"12.128.2","versionType":"semver","status":"affected"},{"version":"12.128.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:30:45.448910Z","id":"CVE-2026-56298","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]}],"references":[{"url":"https://github.com/Cap-go/capgo/security/advisories/GHSA-62jm-xp28-x4xw","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/capgo-exif-metadata-exposure-in-app-information-image-upload","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-56359","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:16.620","lastModified":"2026-07-09T15:16:38.060","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 2.8.0 contains a cross-site scripting vulnerability in the credential management flow where authenticated users can inject malicious JavaScript URLs into OAuth2 credential Authorization URL fields. Attackers can craft malicious credentials and trick victims into clicking the OAuth authorization button, executing arbitrary scripts in their browser session with the victim's privileges."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.8.0","versionType":"semver","status":"affected"},{"version":"2.8.0","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.6.4","versionType":"semver","status":"affected"},{"version":"2.6.4","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"ACTIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:35:54.521387Z","id":"CVE-2026-56359","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2.6.4","matchCriteriaId":"8661E45D-0BF8-4F11-BFCB-505C959E7C16"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.7.0","versionEndExcluding":"2.8.0","matchCriteriaId":"3A4A06A3-0B6F-44A2-B732-4C55B36451FC"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-364x-8g5j-x2pr","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-cross-site-scripting-in-credential-management-oauth2-authorization-url","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56360","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:16.757","lastModified":"2026-07-08T19:32:49.430","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before versions 1.123.18 and 2.6.2 fails to verify HMAC-SHA256 signatures on Zendesk webhooks in the ZendeskTrigger node. Attackers who know the webhook URL can send unsigned POST requests to trigger workflows with arbitrary malicious data."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"1.123.18","versionType":"semver","status":"affected"},{"version":"1.123.18","versionType":"semver","status":"unaffected"},{"version":"2.0.0","lessThan":"2.6.2","versionType":"semver","status":"affected"},{"version":"2.6.2","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N","baseScore":4.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:26:12.814964Z","id":"CVE-2026-56360","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.123.18","matchCriteriaId":"C1A36047-7403-4520-87D8-2E595FB23EE9"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.6.2","matchCriteriaId":"9D868ACF-A987-40C2-B38C-E9CE01E5C0F2"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-38c7-23hj-2wgq","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-webhook-forgery-via-unsigned-post-requests-in-zendesktrigger","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56374","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:17.037","lastModified":"2026-07-09T14:51:05.950","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"ImageMagick before 7.1.2-19 contains a heap buffer overflow vulnerability in the FTXT encoder due to missing boundary checks when parsing ftxt:format. Remote attackers can trigger an out of bounds read by crafting malicious FTXT image files to cause denial of service or information disclosure."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"ImageMagick","product":"ImageMagick","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"7.1.2-19","versionType":"semver","status":"affected"},{"version":"7.1.2-19","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":1.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:46:45.904836Z","id":"CVE-2026-56374","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*","versionEndExcluding":"7.1.2-19","matchCriteriaId":"AAB93A09-7FA3-4F61-9DB8-EF5B1382E7EE"}]}]}],"references":[{"url":"https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w54j-7wpm-crhj","source":"disclosure@vulncheck.com","tags":["Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/imagemagick-heap-buffer-overflow-in-ftxt-encoder-via-format-parameter","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56401","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:17.167","lastModified":"2026-07-09T17:18:40.023","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Wazuh wazuh-modulesd before 5.0.0-beta3 contains a null pointer dereference vulnerability in inventory_sync FlatBuffer DataValue handling. An enrolled agent can send a verifier-valid DataValue message omitting the optional id field, causing wazuh-modulesd to crash when dereferencing data->id()->string_view() without null validation, resulting in denial of service."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Wazuh","product":"Wazuh","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"5.0.0-beta3","versionType":"semver","status":"affected"},{"version":"5.0.0-beta3","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:22:11.268856Z","id":"CVE-2026-56401","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wazuh:wazuh:*:*:*:*:*:*:*:*","versionEndExcluding":"5.0.0","matchCriteriaId":"7BF5E4D0-CE73-4A5A-9FF8-1BD3BA3DD983"},{"vulnerable":true,"criteria":"cpe:2.3:a:wazuh:wazuh:5.0.0:alpha0:*:*:*:*:*:*","matchCriteriaId":"D2DB2CD3-CF12-4A17-A945-AC4917DD6185"},{"vulnerable":true,"criteria":"cpe:2.3:a:wazuh:wazuh:5.0.0:beta1:*:*:*:*:*:*","matchCriteriaId":"007B01AA-AED0-4E92-8999-07E74B630460"},{"vulnerable":true,"criteria":"cpe:2.3:a:wazuh:wazuh:5.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"2CA11D49-6706-4ADE-A639-7034B630B96A"}]}]}],"references":[{"url":"https://github.com/wazuh/wazuh/commit/3adf4f87942705aa0ceeba1e145c259cc9dcd242","source":"disclosure@vulncheck.com","tags":["Patch"]},{"url":"https://github.com/wazuh/wazuh/security/advisories/GHSA-6hxp-c9x3-qc7p","source":"disclosure@vulncheck.com","tags":["Exploit","Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/wazuh-null-pointer-dereference-in-inventory-sync-datavalue-flatbuffer-handling","source":"disclosure@vulncheck.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/wazuh/wazuh/security/advisories/GHSA-6hxp-c9x3-qc7p","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-56775","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:17.420","lastModified":"2026-07-08T19:31:35.683","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions (Enterprise/Cloud) with projects and viewer roles, an authenticated user with the project:viewer role can start new evaluation test runs, cancel in-flight runs, and delete run records for workflows they only have read access to."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"1.123.55","versionType":"semver","status":"affected"},{"version":"1.123.55","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.26.2","versionType":"semver","status":"affected"},{"version":"2.26.2","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.25.7","versionType":"semver","status":"affected"},{"version":"2.25.7","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:31:14.368940Z","id":"CVE-2026-56775","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:enterprise:node.js:*:*","versionEndExcluding":"1.123.55","matchCriteriaId":"7CADF213-D8B6-4DFD-B965-502CD52B5390"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:enterprise:node.js:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.25.7","matchCriteriaId":"A445DCA9-BBF0-4807-808E-B12335B73DD2"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:enterprise:node.js:*:*","versionStartIncluding":"2.26.0","versionEndExcluding":"2.26.2","matchCriteriaId":"BC63FA56-62B7-4F7C-A218-C13F83ABA86C"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-664h-gpgq-h6xx","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-incorrect-oauth-scope-validation-in-evaluation-test-runs-endpoints","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56776","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:17.553","lastModified":"2026-07-09T16:16:45.600","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization bypass in the POST /workflows/{workflowId}/test-runs/new endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a workflow can trigger a real evaluation test run, causing the workflow to execute via the internal workflow runner and resulting in unintended outbound API calls, data mutations, or other side effects in connected downstream systems. The issue primarily affects instances using the Evaluations feature where RBAC project roles grant workflow:read without workflow:execute."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"1.123.55","versionType":"semver","status":"affected"},{"version":"1.123.55","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.26.2","versionType":"semver","status":"affected"},{"version":"2.26.2","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.25.7","versionType":"semver","status":"affected"},{"version":"2.25.7","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":3.1,"impactScore":3.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:38:00.557561Z","id":"CVE-2026-56776","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.123.55","matchCriteriaId":"89E9BFA6-AA6E-4394-B819-7FFB7DFE203C"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.25.7","matchCriteriaId":"0F398456-8B34-498A-B8A3-915C84C424F4"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.26.0","versionEndExcluding":"2.26.2","matchCriteriaId":"970A6AA3-03FF-4B9D-85C1-462C5C7F7171"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-hv7x-3x78-gx53","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-incorrect-oauth-scope-validation-in-workflow-test-run-endpoint","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-56778","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:17.683","lastModified":"2026-07-08T19:26:35.280","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 2.25.7 and 2.26.x before 2.26.2 contains an authorization bypass in the Public API execution retry endpoint, which authorizes access using the workflow:read scope instead of workflow:execute. An authenticated user with read-only access to a shared workflow can use the Public API to retry executions of that workflow, bypassing the intended permission boundary between read and execute access. This affects instances where workflows are shared with other users or across projects."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.26.2","versionType":"semver","status":"affected"},{"version":"2.26.2","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.25.7","versionType":"semver","status":"affected"},{"version":"2.25.7","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N","baseScore":6.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:24:00.966635Z","id":"CVE-2026-56778","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2.25.7","matchCriteriaId":"BF3AA8D6-D35E-4D7B-B4E5-819275C0C91B"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.26.0","versionEndExcluding":"2.26.2","matchCriteriaId":"970A6AA3-03FF-4B9D-85C1-462C5C7F7171"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-h3jj-5f3v-3685","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-authorization-bypass-in-public-api-execution-retry-endpoint","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58480","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:19.977","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the save_attachments function exposed through the Advanced Reviews feature. Attackers can exploit the Custom Fonts extension's flawed strpos() substring check by uploading double-extension filenames such as shell.woff2.php, causing the validation to pass on the substring match while the web server executes the file as PHP, achieving remote code execution."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Creative Themes","product":"Blocksy Companion","defaultStatus":"affected","repo":"https://wordpress.org/plugins/blocksy-companion/","versions":[{"version":"0","lessThanOrEqual":"2.1.46","versionType":"semver","status":"affected"},{"version":"2.1.47","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":9.2,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T13:42:42.783542Z","id":"CVE-2026-58480","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://patchstack.com/database/wordpress/plugin/blocksy-companion/vulnerability/wordpress-blocksy-companion-plugin-2-1-46-unauthenticated-arbitrary-file-upload-vulnerability","source":"disclosure@vulncheck.com"},{"url":"https://wordpress.org/plugins/blocksy-companion/","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/blocksy-companion-pro-unauthenticated-file-upload-via-save-attachments","source":"disclosure@vulncheck.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/blocksy-companion/blocksy-companion-2146-unauthenticated-arbitrary-file-upload-via-blc-review-images-parameter","source":"disclosure@vulncheck.com"}]}},{"cve":{"id":"CVE-2026-58654","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:20.153","lastModified":"2026-07-08T18:16:33.873","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The Grav API plugin (getgrav/grav-plugin-api) 1.0.0 contains an unrestricted file upload vulnerability in the avatar upload endpoint (/api/v1/users/user/avatar). The endpoint validates only the client-declared MIME type (getClientMediaType) beginning with 'image/' and does not inspect the actual file content or restrict the resulting extension, allowing an authenticated user to store arbitrary content — including PHP code, SVG with embedded JavaScript, and polyglot payloads — under user/accounts/avatars/ with predictable filenames. Direct HTTP access to the stored files is blocked by .htaccess (returns 403), but the files persist on disk and could lead to remote code execution or stored XSS in the presence of a path traversal flaw or server misconfiguration. Fixed in 1.0.1."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Grav","product":"Grav","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"1.0.1","versionType":"semver","status":"affected"},{"version":"1.0.1","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:38:21.980163Z","id":"CVE-2026-58654","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"references":[{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-xc64-vh46-vph6","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/grav-arbitrary-file-upload-via-avatar-endpoint","source":"disclosure@vulncheck.com"},{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-xc64-vh46-vph6","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-58656","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:20.297","lastModified":"2026-07-08T17:17:25.530","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Grav API plugin before v1.0.0-rc.16 accepts JWT tokens via the ?token= URL query parameter and responds with Access-Control-Allow-Origin: *, allowing unauthenticated attackers to make fully authenticated cross-origin API requests from any malicious website. Attackers who obtain a leaked JWT token from access logs, proxy logs, browser history, or Referrer headers can create persistent backdoor super-admin accounts and exfiltrate sensitive configuration and user data."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"getgrav","product":"grav","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":"1.0.0-rc.15","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:44:29.470827Z","id":"CVE-2026-58656","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-598"}]}],"references":[{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-hqm9-5xxw-4qxp","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/grav-api-plugin-cross-origin-admin-account-takeover-via-cors-wildcard-and-jwt-query-parameter","source":"disclosure@vulncheck.com"},{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-hqm9-5xxw-4qxp","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-58657","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:20.440","lastModified":"2026-07-08T15:28:15.630","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Grav before 2.0.0 (affected through 2.0.0-rc.9 and the 2.0 branch) contains a stored CSS injection vulnerability in the Markdown image resize() media action. Prior media hardening rejects direct ?style= payloads and unsafe attribute() fallbacks, but the resize() action in Excerpts::processMediaActions() writes caller-controlled values directly into the image's styleAttributes. A lower-privileged content editor who can edit page Markdown can store a crafted image URL with semicolon-delimited CSS declarations in the resize parameters, which are rendered into the final <img style=...> attribute when a higher-privileged reviewer/admin views the page or preview. This does not require JavaScript execution but enables UI redress/overlay and content-manipulation attacks (e.g., a full-viewport fixed overlay). Fixed in 2.0.0."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"Grav","product":"Grav","defaultStatus":"unaffected","versions":[{"version":"2.0.0-rc.9","lessThan":"2.0.0","versionType":"semver","status":"affected"},{"version":"2.0.0","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N","baseScore":4.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:21:29.168366Z","id":"CVE-2026-58657","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://github.com/getgrav/grav/commit/6582166173bb8eb5869d96aea384e0e73777c94c","source":"disclosure@vulncheck.com"},{"url":"https://github.com/getgrav/grav/commit/e03d29aa0d3ece16d73c1ffccfa78df8bf5f28b8","source":"disclosure@vulncheck.com"},{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-ffmg-hfvg-jhg9","source":"disclosure@vulncheck.com"},{"url":"https://www.vulncheck.com/advisories/grav-stored-css-injection-via-markdown-image-resize-action","source":"disclosure@vulncheck.com"},{"url":"https://github.com/getgrav/grav/security/advisories/GHSA-ffmg-hfvg-jhg9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59253","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:20.683","lastModified":"2026-07-08T19:25:45.483","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 2.28.0 contains an improper authorization vulnerability allowing authenticated users to assign workflows to folders in other projects. Attackers can bypass project and folder authorization boundaries by supplying crafted request payloads during workflow creation, causing logical integrity violations in target project folder structures."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.28.0","versionType":"semver","status":"affected"},{"version":"2.28.0","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N","baseScore":5.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:31:38.587009Z","id":"CVE-2026-59253","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2.28.0","matchCriteriaId":"A8C6F90E-219B-4C79-8482-CC919C4AF1CC"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-2xgm-wc4g-5jvg","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-improper-authorization-in-workflow-assignment-to-folders","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59257","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T14:17:20.807","lastModified":"2026-07-09T15:16:39.573","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"n8n before 1.123.61, 2.x before 2.27.4, and 2.28.x before 2.28.1 contains a SQL injection vulnerability in the legacy MySQL v1 node's executeQuery operation. The operation substitutes evaluated {{ ... }} expression values directly into the raw SQL string without parameterization. When a workflow uses this operation with expression-sourced values and is connected to an externally-reachable trigger (such as a Webhook node), attacker-controlled input reaching those expressions results in SQL injection, allowing execution of arbitrary SQL with the configured MySQL credentials' privileges. The MySQL v2 node, which uses parameterized queries, is not affected."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"1.123.61","versionType":"semver","status":"affected"},{"version":"1.123.61","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.28.1","versionType":"semver","status":"affected"},{"version":"2.28.1","versionType":"semver","status":"unaffected"}]},{"vendor":"n8n","product":"n8n","defaultStatus":"unaffected","packageURL":"pkg:npm/n8n","versions":[{"version":"0","lessThan":"2.27.4","versionType":"semver","status":"affected"},{"version":"2.27.4","versionType":"semver","status":"unaffected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"HIGH","subIntegrityImpact":"HIGH","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:39:34.978946Z","id":"CVE-2026-59257","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionEndExcluding":"1.123.61","matchCriteriaId":"0CE80F53-DE50-44CD-BC74-1D9A898177B1"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:*:*:*:*:*:node.js:*:*","versionStartIncluding":"2.0.0","versionEndExcluding":"2.27.4","matchCriteriaId":"2B92B262-E732-459E-8732-3AC9B112C271"},{"vulnerable":true,"criteria":"cpe:2.3:a:n8n:n8n:2.28.0:*:*:*:*:node.js:*:*","matchCriteriaId":"811995CE-011B-4680-892C-3D6DA0008411"}]}]}],"references":[{"url":"https://github.com/n8n-io/n8n/security/advisories/GHSA-hwmj-qg4v-cvg9","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/n8n-sql-injection-in-mysql-v1-executequery-operation-via-expression-interpolation","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-60124","sourceIdentifier":"5a6e4751-2f3f-4070-9419-94fb35b644e8","published":"2026-07-08T14:17:22.510","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An authorization bypass in MISP’s EventsController::importModule() allowed authenticated users or read-only API keys with event view access to persist data to events they were not allowed to modify. When an import module returned results in the misp_standard format, the write path did not verify event modification rights before saving the module output. This could allow a view-only user to inject or alter event data, impacting the integrity of MISP event content. The issue was fixed by enforcing the same modification-rights check used by related module result handling paths before processing misp_standard imports."}],"affected":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","affectedData":[{"vendor":"misp","product":"misp","defaultStatus":"unaffected","repo":"https://github.com/misp/misp","versions":[{"version":"0","lessThanOrEqual":"2.5.42","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:36:16.201324Z","id":"CVE-2026-60124","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/MISP/MISP/commit/d0725fc34fda256cc57e5a8f0543cd541033e008","source":"5a6e4751-2f3f-4070-9419-94fb35b644e8"}]}},{"cve":{"id":"CVE-2026-60125","sourceIdentifier":"5a6e4751-2f3f-4070-9419-94fb35b644e8","published":"2026-07-08T14:17:22.640","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"MISP’s importModule() path used getEnabledModule() to resolve a single import module by name, but this lookup did not enforce the per-organisation module restriction checked by getEnabledModules(). As a result, an authenticated user from an organisation that was not allowed to use a module restricted via Plugin.Import_<module>_restrict could still invoke that import module directly if they knew its name.\n\n\nThis could allow unauthorised access to restricted import-module functionality and, depending on the module and the user’s event permissions, may allow unauthorised import or modification of event data through a module that should have been unavailable to the user’s organisation."}],"affected":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","affectedData":[{"vendor":"misp","product":"misp","defaultStatus":"unaffected","repo":"https://github.com/misp/misp","versions":[{"version":"0","lessThanOrEqual":"2.5.42","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"LOW","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T14:29:56.887483Z","id":"CVE-2026-60125","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"5a6e4751-2f3f-4070-9419-94fb35b644e8","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/MISP/MISP/commit/0ed79b4d3177f4b9e44040962161a1a436d2587d","source":"5a6e4751-2f3f-4070-9419-94fb35b644e8"}]}},{"cve":{"id":"CVE-2026-10706","sourceIdentifier":"cret@cert.org","published":"2026-07-08T15:16:25.287","lastModified":"2026-07-09T19:49:55.763","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In Adalo’s no-code app builder, (Versions 1 and 2) the attackers may extract full user records and correlate user behavior across multiple applications via dbId enumeration. The platform does not implement data minimization, privacy by design, or implement appropriate technical safeguards, allowing sensitive information to be exposed to unauthorized parties."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"Adalo No-Code App Builder","product":"App Builder","versions":[{"version":"1","lessThanOrEqual":"2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:13:39.000602Z","id":"CVE-2026-10706","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://kb.cert.org/vuls/id/849433","source":"cret@cert.org"}]}},{"cve":{"id":"CVE-2026-10708","sourceIdentifier":"cret@cert.org","published":"2026-07-08T15:16:25.377","lastModified":"2026-07-09T19:49:55.763","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the absence of token revocation allows attackers to gather sensitive personal information from any Adalo application."}],"affected":[{"source":"cret@cert.org","affectedData":[{"vendor":"Adalo No-Code App Builder","product":"App Builder","versions":[{"version":"1","lessThanOrEqual":"2","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:12:56.923608Z","id":"CVE-2026-10708","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://kb.cert.org/vuls/id/849433","source":"cret@cert.org"}]}},{"cve":{"id":"CVE-2026-15036","sourceIdentifier":"cna@vuldb.com","published":"2026-07-08T15:16:25.970","lastModified":"2026-07-09T16:20:12.533","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was determined in Harness up to 2.28.2. This vulnerability affects the function getAuthorizedSpaces of the file app/api/controller/gitspace/list_all.go of the component gitspaces Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"n/a","product":"Harness","cpes":["cpe:2.3:a:harness:harness:*:*:*:*:*:*:*:*"],"modules":["gitspaces Endpoint"],"versions":[{"version":"2.28.0","status":"affected"},{"version":"2.28.1","status":"affected"},{"version":"2.28.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:38:03.057690Z","id":"CVE-2026-15036","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"},{"lang":"en","value":"CWE-639"}]}],"references":[{"url":"https://github.com/harness/harness/","source":"cna@vuldb.com"},{"url":"https://github.com/harness/harness/issues/3689","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-15036","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/851013","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376787","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376787/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-15044","sourceIdentifier":"secalert@redhat.com","published":"2026-07-08T15:16:26.120","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the TrustyAI Service Operator. When deploying services like gorch or NemoGuardrails, if a specific security setting is not enabled, these services can expose their communication channels without requiring users to prove their identity. This allows any other program within the cluster to access the AI guardrails and orchestrator without proper authorization. An attacker could exploit this to gain unauthorized access to sensitive information and potentially make limited changes to the AI models."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhoai/odh-trustyai-service-operator-rhel9","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:41:04.256259Z","id":"CVE-2026-15044","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-15044","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2498039","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-15062","sourceIdentifier":"412d305a-227d-44f9-a262-a31ba44f2aea","published":"2026-07-08T15:16:26.320","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"SQL injection vulnerabilities in the Snowflake Snowpark Python SDK (snowpark-python) versions prior to 1.53.0 could allow authenticated low-privilege users to execute SQL beyond their authorization scope. An attacker could exploit these vulnerabilities by embedding SQL payloads in source database column names to escalate privileges via the DataFrameReader.dbapi() API by supplying a specially crafted location parameter to DataFrameWriter write methods to redirect a COPY INTO to an arbitrary source query, or by including a backslash-single-quote sequence in an export path to defeat the normalize_path() sanitizer and inject SQL via DataFrame.to_csv(). Successful exploitation may result in source database compromise, unauthorized cross-tenant data exfiltration, or unauthorized read of Snowflake account data."}],"affected":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","affectedData":[{"vendor":"Snowflake","product":"Snowpark Python SDK","defaultStatus":"unaffected","versions":[{"version":"0.1.0","lessThan":"1.53.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:14:28.232574Z","id":"CVE-2026-15062","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/snowflakedb/snowpark-python/blob/main/CHANGELOG.md","source":"412d305a-227d-44f9-a262-a31ba44f2aea"}]}},{"cve":{"id":"CVE-2026-15067","sourceIdentifier":"412d305a-227d-44f9-a262-a31ba44f2aea","published":"2026-07-08T15:16:26.433","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Snowflake Terraform Provider versions prior to 2.18.0 contain several security vulnerabilities, including SQL injection via an unsanitized data source input could result in arbitrary SQL execution under the provider's privileged Snowflake session, potentially enabling sensitive data exfiltration and minting of long-lived access credentials. Exploitation requires the ability for an attacker to  influence a workspace variable in a pipeline where this data source was enabled. Improper neutralization of identifier content in user resource inputs could allow DDL injection into user management statements, potentially causing accounts to be created with attacker-controlled credentials and without the  security controls configured by the operator. The fix is available in Snowflake Terraform Provider version 2.18.0. Users must manually upgrade."}],"affected":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","affectedData":[{"vendor":"Snowflake","product":"Terraform Provider for Snowflake","defaultStatus":"unaffected","versions":[{"version":"0.1.0","lessThan":"2.18.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:19:10.711645Z","id":"CVE-2026-15067","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"412d305a-227d-44f9-a262-a31ba44f2aea","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/snowflakedb/terraform-provider-snowflake/releases","source":"412d305a-227d-44f9-a262-a31ba44f2aea"}]}},{"cve":{"id":"CVE-2026-49145","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-08T15:16:27.563","lastModified":"2026-07-08T20:16:50.347","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"App::Ack versions through 3.10.0 for Perl read arbitrary files via --files-from in a project .ackrc.\n\nack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The project-source option blocklist in App::Ack::ConfigLoader does not include --files-from, so a project .ackrc can set it to a path whose listed files ack then reads and searches. Version 3.10.0 added --follow to the blocklist; --files-from remains accepted.\n\nA project .ackrc committed to an untrusted repository can make ack read files outside the project and print their matching lines."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"PETDANCE","product":"App::Ack","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"ack","programFiles":["lib/App/Ack/ConfigFinder.pm","lib/App/Ack/ConfigLoader.pm"],"programRoutines":[{"name":"App::Ack::ConfigFinder::find_config_files"},{"name":"App::Ack::ConfigLoader::_process_other"}],"repo":"https://github.com/beyondgrep/ack3","versions":[{"version":"0","lessThanOrEqual":"3.10.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:21:08.032707Z","id":"CVE-2026-49145","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-73"},{"lang":"en","value":"CWE-426"}]}],"references":[{"url":"https://metacpan.org/release/PETDANCE/ack-v3.10.0/source/Changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/7","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-49146","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-08T15:16:27.673","lastModified":"2026-07-08T20:16:50.503","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"App::Ack versions before 3.10.0 for Perl allow memory exhaustion via an unbounded context value in a project .ackrc.\n\nack searches up the directory hierarchy from the current directory for a project .ackrc and loads its options. The -B and -C context options accepted any positive integer, and ack sized the before-context buffer to that value, so a project .ackrc setting --before-context=100000000 made ack allocate a buffer of 100 million elements.\n\nA project .ackrc committed to an untrusted repository can abort ack with an out-of-memory condition."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"PETDANCE","product":"App::Ack","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"ack","programFiles":["lib/App/Ack/ConfigLoader.pm","ack"],"programRoutines":[{"name":"App::Ack::ConfigLoader::_context_value"}],"repo":"https://github.com/beyondgrep/ack3","versions":[{"version":"0","lessThan":"3.10.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:22:07.691262Z","id":"CVE-2026-49146","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://github.com/beyondgrep/ack3/commit/45ff5fe77dbd96f7332f31943102291f878f30b8.patch","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"https://metacpan.org/release/PETDANCE/ack-v3.10.0/source/Changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/8","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-49147","sourceIdentifier":"9b29abf9-4ab0-4765-b253-1875cd9b441e","published":"2026-07-08T15:16:27.787","lastModified":"2026-07-08T20:16:50.650","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"App::Ack versions through 3.10.0 for Perl print unsanitised terminal escape sequences from filenames in several output modes.\n\nWhen ack prints a filename whose basename contains terminal control bytes such as ANSI escape sequences, those bytes reach the terminal unchanged. Version 3.10.0 added a _safe_filename helper that sanitises the filenames printed by -f, -g, the colored match heading, and per-match lines, but the --show-types, -l/-L, and -c paths still emit the raw filename.\n\nA file whose name embeds cursor-movement or color escapes can overwrite or recolor earlier terminal output, or be passed unchanged to a downstream consumer."}],"affected":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","affectedData":[{"vendor":"PETDANCE","product":"App::Ack","defaultStatus":"unaffected","collectionURL":"https://cpan.org/modules","packageName":"ack","programFiles":["lib/App/Ack.pm","ack"],"programRoutines":[{"name":"App::Ack::show_types"},{"name":"file_loop_lL"},{"name":"file_loop_c"}],"repo":"https://github.com/beyondgrep/ack3","versions":[{"version":"0","lessThanOrEqual":"3.10.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:22:36.769783Z","id":"CVE-2026-49147","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"9b29abf9-4ab0-4765-b253-1875cd9b441e","type":"Secondary","description":[{"lang":"en","value":"CWE-150"}]}],"references":[{"url":"https://metacpan.org/release/PETDANCE/ack-v3.10.0/source/Changes","source":"9b29abf9-4ab0-4765-b253-1875cd9b441e"},{"url":"http://www.openwall.com/lists/oss-security/2026/07/08/9","source":"af854a3a-2127-422b-91ae-364da2661108"}]}},{"cve":{"id":"CVE-2026-54652","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T15:16:29.390","lastModified":"2026-07-08T16:16:30.903","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Frigate is an open source network video recorder. In version 0.17.1, the GET /api/logs/{service} endpoint allows any authenticated user including the viewer role to download Frigate and nginx logs, exposing auto-generated admin passwords and camera credentials logged in request query strings and enabling viewer-to-admin privilege escalation. A fixed release has not been identified."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"blakeblackshear","product":"frigate","versions":[{"version":"<= 0.17.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:20:07.339673Z","id":"CVE-2026-54652","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"},{"lang":"en","value":"CWE-532"},{"lang":"en","value":"CWE-598"},{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/blakeblackshear/frigate/commit/68e8afd35c76f05f68de47ee9588d2c91796de4b","source":"security-advisories@github.com"},{"url":"https://github.com/blakeblackshear/frigate/commit/bd1fc1cc72cd4fa371464a087cbf3d7f3142edc6","source":"security-advisories@github.com"},{"url":"https://github.com/blakeblackshear/frigate/security/advisories/GHSA-c4qf-xxq4-vf55","source":"security-advisories@github.com"},{"url":"https://github.com/blakeblackshear/frigate/security/advisories/GHSA-c4qf-xxq4-vf55","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55668","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T15:16:30.057","lastModified":"2026-07-08T17:17:24.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"File Browser provides a web file managing interface. Prior to 2.63.16, ScopedFs validates the nearest existing ancestor of a dangling symlink as in scope and then follows the symlink during file creation, allowing an authenticated user with Create and Modify permissions to create attacker-controlled files outside the user's scope. This issue is fixed in version 2.63.16."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"filebrowser","product":"filebrowser","versions":[{"version":"< 2.63.16","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:11:24.928801Z","id":"CVE-2026-55668","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"},{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://github.com/filebrowser/filebrowser/commit/64511ce45e3be379e965f7f4fb0929a068d5bb81","source":"security-advisories@github.com"},{"url":"https://github.com/filebrowser/filebrowser/releases/tag/v2.63.16","source":"security-advisories@github.com"},{"url":"https://github.com/filebrowser/filebrowser/security/advisories/GHSA-8wc8-hf36-mjh9","source":"security-advisories@github.com"},{"url":"https://github.com/filebrowser/filebrowser/security/advisories/GHSA-8wc8-hf36-mjh9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-55873","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T15:16:30.190","lastModified":"2026-07-08T16:16:31.177","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SeaweedFS is a distributed storage system. In versions 4.08 through 4.33, requests signed with SigV4 service s3tables are routed to the S3Tables management API where authorization collapses account-less S3 identities into the shared admin account and fails open, allowing an authenticated low-privileged S3 user to enumerate administrator-owned table bucket names and ARNs. This issue is fixed in version 4.34."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"seaweedfs","product":"seaweedfs","versions":[{"version":">= 4.08, < 4.34","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:33:28.325392Z","id":"CVE-2026-55873","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/seaweedfs/seaweedfs/commit/b13463880c1fa62e255c058a9228b63cc95b4b36","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/pull/9961","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/releases/tag/4.34","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/security/advisories/GHSA-hgpf-8634-g44c","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-55874","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T15:16:30.320","lastModified":"2026-07-08T18:16:33.270","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"SeaweedFS is a distributed storage system. Prior to 4.34, the S3 API gateway does not reject dot-dot path segments in the X-Amz-Copy-Source header used by CopyObject and UploadPartCopy, allowing an authenticated identity scoped to one bucket to read objects from other buckets through server-side copy. This issue is fixed in version 4.34."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"seaweedfs","product":"seaweedfs","versions":[{"version":"< 4.34","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:52:14.324777Z","id":"CVE-2026-55874","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/seaweedfs/seaweedfs/commit/b44cf51fe931bd75aa4d37ae766bea90d7f85ccd","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/pull/9929","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/releases/tag/4.34","source":"security-advisories@github.com"},{"url":"https://github.com/seaweedfs/seaweedfs/security/advisories/GHSA-56wq-x3wv-3ff4","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-14966","sourceIdentifier":"cves@blacklanternsecurity.com","published":"2026-07-08T16:16:27.237","lastModified":"2026-07-09T17:05:26.503","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"BBOT's unarchive module rejects archives containing symlink entries before extraction, but for zip and 7z archives it failed to detect symlinks whose listing carries a DOS-attribute prefix before the unix mode, as produced by legacy versions of p7zip. Such an archive, downloaded and extracted during a scan (for example via filedownload), bypassed the guard and caused an attacker-controlled symlink to be written into the extraction directory. The effect is limited to planting the symlink (its target is not written through), and only hosts using such a legacy p7zip build are affected; current mainline 7-Zip is not."}],"affected":[{"source":"cves@blacklanternsecurity.com","affectedData":[{"vendor":"Black Lantern Security","product":"BBOT","defaultStatus":"unaffected","repo":"https://github.com/blacklanternsecurity/bbot","versions":[{"version":"2.3.1","lessThanOrEqual":"2.8.6","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cves@blacklanternsecurity.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:57:06.003777Z","id":"CVE-2026-14966","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cves@blacklanternsecurity.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://github.com/blacklanternsecurity/bbot/commit/a3f1a2292e2b0a553827c6175b761abe28807735","source":"cves@blacklanternsecurity.com"}]}},{"cve":{"id":"CVE-2026-14967","sourceIdentifier":"cves@blacklanternsecurity.com","published":"2026-07-08T16:16:27.373","lastModified":"2026-07-09T17:05:26.503","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"BBOT's `github_workflows` module could be induced to write a downloaded artifact outside its configured output directory: its path-containment check did not resolve `..`, so a crafted `CODE_REPOSITORY` URL could traverse out of the intended folder. The write is bounded to two directory levels above the output location and its target is determined by the operator's configuration, not the attacker."}],"affected":[{"source":"cves@blacklanternsecurity.com","affectedData":[{"vendor":"Black Lantern Security","product":"BBOT","defaultStatus":"unaffected","repo":"https://github.com/blacklanternsecurity/bbot","versions":[{"version":"1.1.7","lessThanOrEqual":"2.8.6","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cves@blacklanternsecurity.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:55:49.453588Z","id":"CVE-2026-14967","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cves@blacklanternsecurity.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/blacklanternsecurity/bbot/commit/c1c6ec05ff998e2fba55a14d1026f12563ccd82f","source":"cves@blacklanternsecurity.com"}]}},{"cve":{"id":"CVE-2026-15063","sourceIdentifier":"secalert@redhat.com","published":"2026-07-08T16:16:27.723","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in the gorch service template, which is part of the trustyai-service-operator. Even when authentication is enabled, the gorch service exposes unproxied orchestrator and detector metrics ports. This allows any pod on the cluster network to directly access these ports, bypassing the kube-rbac-proxy and its authentication mechanisms. This could lead to unauthorized access to the orchestrator and detector metrics."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"Red Hat","product":"Red Hat OpenShift AI (RHOAI)","defaultStatus":"affected","collectionURL":"https://access.redhat.com/downloads/content/package-browser/","packageName":"rhoai/odh-trustyai-service-operator-rhel9","cpes":["cpe:/a:redhat:openshift_ai"]}]}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T15:56:03.613145Z","id":"CVE-2026-15063","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2026-15063","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2498058","source":"secalert@redhat.com"}]}},{"cve":{"id":"CVE-2026-49944","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T16:16:30.447","lastModified":"2026-07-08T16:16:30.447","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-49945","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T16:16:30.520","lastModified":"2026-07-08T16:16:30.520","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-49946","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T16:16:30.570","lastModified":"2026-07-08T16:16:30.570","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-54344","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T16:16:30.760","lastModified":"2026-07-09T19:40:42.113","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"ToolJet is an open-source low-code platform for building internal tools. Prior to 3.20.180, ToolJet's render preview deployment workflow interpolates github.event.comment.body directly into a bash conditional in a run step, allowing any GitHub user who can comment on an open pull request with a deploy command to execute shell commands on the CI runner and exfiltrate deployment secrets. This issue is reported as fixed in version 3.20.180."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"ToolJet","product":"ToolJet","versions":[{"version":"< 3.20.180","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:19:23.682754Z","id":"CVE-2026-54344","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-78"}]}],"references":[{"url":"https://github.com/ToolJet/ToolJet/security/advisories/GHSA-4pm2-w6g5-28mm","source":"security-advisories@github.com"},{"url":"https://github.com/ToolJet/ToolJet/security/advisories/GHSA-4pm2-w6g5-28mm","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59261","sourceIdentifier":"disclosure@vulncheck.com","published":"2026-07-08T17:17:25.640","lastModified":"2026-07-09T19:34:08.973","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"OpenClaw before 2026.5.28 contains a credential exposure vulnerability where workspace dotenv files can override provider credentials. Attackers with lower-trust access to configured input paths can expose sensitive data and credentials that should remain within trusted boundaries."}],"affected":[{"source":"disclosure@vulncheck.com","affectedData":[{"vendor":"OpenClaw","product":"OpenClaw","defaultStatus":"affected","packageURL":"pkg:npm/openclaw","versions":[{"version":"0","lessThan":"2026.5.28","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.4,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"disclosure@vulncheck.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-59261","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"disclosure@vulncheck.com","type":"Secondary","description":[{"lang":"en","value":"CWE-184"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:openclaw:openclaw:*:*:*:*:*:node.js:*:*","versionEndExcluding":"2026.5.28","matchCriteriaId":"B4CD5325-57C5-41BC-A526-B8D5ADDE26CA"}]}]}],"references":[{"url":"https://github.com/openclaw/openclaw/security/advisories/GHSA-4pqj-3c56-5fqq","source":"disclosure@vulncheck.com","tags":["Mitigation","Vendor Advisory"]},{"url":"https://www.vulncheck.com/advisories/openclaw-credential-override-via-workspace-dotenv-files","source":"disclosure@vulncheck.com","tags":["Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59731","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:25.937","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Astro is a web framework for content-driven websites. Version 6.4.7 performs authorization decisions on a partially decoded pathname after reaching the iterative URL decoder limit, while later rewrite route matching performs an additional decodeURI() operation and can resolve the request to a protected route. This issue is fixed in version 6.4.8."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"withastro","product":"astro","versions":[{"version":">= 6.4.7, < 6.4.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:38:51.210895Z","id":"CVE-2026-59731","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-647"}]}],"references":[{"url":"https://github.com/withastro/astro/commit/27c80ea92248993e5fce94b2c26d87d611ab6785","source":"security-advisories@github.com"},{"url":"https://github.com/withastro/astro/pull/17109","source":"security-advisories@github.com"},{"url":"https://github.com/withastro/astro/releases/tag/astro@6.4.8","source":"security-advisories@github.com"},{"url":"https://github.com/withastro/astro/security/advisories/GHSA-vj59-8hwv-xxmv","source":"security-advisories@github.com"},{"url":"https://github.com/withastro/astro/security/advisories/GHSA-vj59-8hwv-xxmv","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-59883","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:26.737","lastModified":"2026-07-09T19:33:38.837","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Guzzle is an extensible PHP HTTP client. Prior to 7.12.3, CookieJar did not restrict cookies scoped to IP-address or bare-numeric Domain values to the exact host that set them, because SetCookie::matchesDomain() applied ordinary suffix matching to domains such as 192.168.0.1, [::1], or 1, allowing cross-host cookie disclosure, cookie injection, or session fixation. This issue is fixed in version 7.12.3."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"guzzle","product":"guzzle","versions":[{"version":"< 7.12.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:49:33.967121Z","id":"CVE-2026-59883","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-346"},{"lang":"en","value":"CWE-384"}]}],"references":[{"url":"https://github.com/guzzle/guzzle/commit/b9944c161b12d9ee9c9334cfc5b9659ecd7451f8","source":"security-advisories@github.com"},{"url":"https://github.com/guzzle/guzzle/pull/3694","source":"security-advisories@github.com"},{"url":"https://github.com/guzzle/guzzle/releases/tag/7.12.3","source":"security-advisories@github.com"},{"url":"https://github.com/guzzle/guzzle/security/advisories/GHSA-g446-98w2-8p5w","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59922","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:27.770","lastModified":"2026-07-09T19:36:00.010","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a run of closed tilde, equals-sign, or caret marker pairs around a character causes quadratic work in src/mistune/plugins/formatting.py when the strikethrough, mark, or insert plugin scans for matching markers from each possible start position, allowing denial of service through CPU exhaustion. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:39:49.792478Z","id":"CVE-2026-59922","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-407"},{"lang":"en","value":"CWE-1333"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-407"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/96d0f57f8fe9eeb06bb4cff521962a27d7c402e7","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-c8j7-8cv4-2xmq","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-c8j7-8cv4-2xmq","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59923","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:27.910","lastModified":"2026-07-09T19:35:14.273","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, HTMLRenderer.safe_url() does not block percent-encoded javascript URIs, allowing attacker-supplied Markdown links or images to bypass URL protections and execute script in rendered HTML. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T16:41:40.162930Z","id":"CVE-2026-59923","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/c7101fcbb6e8790e8e39157c5ca2238fc6dd6cbc","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-8c25-4j27-2rv3","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-8c25-4j27-2rv3","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59924","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.050","lastModified":"2026-07-09T19:34:54.647","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Include.parse() joins and normalizes user-supplied include paths without verifying that the result remains within the intended markdown directory, allowing crafted include paths to access files outside that directory when markdown files are processed using md.read(). This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:10:16.347280Z","id":"CVE-2026-59924","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/1bef343ade163fc3bb95572b15be720084cdb993","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-r4rv-85jg-w4mf","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-r4rv-85jg-w4mf","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59925","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.183","lastModified":"2026-07-09T19:39:58.870","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, long sequences of well-formed double-asterisk or triple-asterisk emphasis pairs around a character cause quadratic work in src/mistune/inline_parser.py because the parser scans forward for matching close markers from every potential opening run, allowing denial of service in default Mistune parsing. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T19:44:41.353822Z","id":"CVE-2026-59925","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-407"},{"lang":"en","value":"CWE-1333"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-407"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/5de41fb8e527004dbc363e047a3c380c9288c74f","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-4j32-57v6-6g45","source":"security-advisories@github.com","tags":["Exploit","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59926","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.323","lastModified":"2026-07-09T19:38:07.183","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.2.1, render_admonition() in src/mistune/directives/admonition.py concatenates the Admonition directive :class: option into the HTML class attribute without escaping, allowing attribute injection and cross-site scripting even when HTMLRenderer escape mode is enabled. This issue is fixed in version 3.2.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.2.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"LOW","subIntegrityImpact":"LOW","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:48:29.407727Z","id":"CVE-2026-59926","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/a3cb6e5655308797e8be021d6c7b5bab13cbace2","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.2.1","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-g97x-gvcm-x72h","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59927","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.450","lastModified":"2026-07-09T19:30:14.423","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the Include directive in src/mistune/directives/include.py detects only direct self-includes and not indirect cycles, allowing two markdown files that include each other to trigger unbounded recursion, raise RecursionError, and crash the rendering request. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T19:45:06.559977Z","id":"CVE-2026-59927","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-674"},{"lang":"en","value":"CWE-755"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-674"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/1bef343ade163fc3bb95572b15be720084cdb993","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-8mpj-m6qm-5qr8","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59928","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.600","lastModified":"2026-07-09T19:29:34.207","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, a Markdown document containing many repeated or distinct reference-link definitions causes quadratic work in src/mistune/block_parser.py and the ref_links environment dictionary handling, allowing denial of service through CPU exhaustion. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T17:46:13.539153Z","id":"CVE-2026-59928","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-407"},{"lang":"en","value":"CWE-1333"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/2b04d7ba341c16ac78fe82d3076bdd5c3de87c69","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-ffq3-xpv3-j92q","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-ffq3-xpv3-j92q","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59929","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.737","lastModified":"2026-07-09T19:29:01.040","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the safe_url filter in src/mistune/renderers/html.py blocks only javascript:, vbscript:, file:, and data: schemes, allowing legacy or chained schemes such as feed:, view-source:, jar:, livescript:, mocha:, ms-its:, mk:, and res: to reach rendered href and src attributes and potentially execute script in affected user agents. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:09.261426Z","id":"CVE-2026-59929","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"},{"lang":"en","value":"CWE-184"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/c7101fcbb6e8790e8e39157c5ca2238fc6dd6cbc","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-qfrw-5rxm-mhh2","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-59930","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T17:17:28.867","lastModified":"2026-07-09T19:28:30.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, the toc plugin and TableOfContents directive generate heading IDs as predictable toc_N values without slugifying the heading text, allowing attacker-controlled id=\"toc_N\" content to collide with generated anchors and redirect same-page navigation, CSS selectors, or JavaScript handlers. This issue is fixed in version 3.3.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"lepture","product":"mistune","versions":[{"version":"< 3.3.0","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:53:53.247241Z","id":"CVE-2026-59930","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-345"},{"lang":"en","value":"CWE-1284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mistune_project:mistune:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","matchCriteriaId":"63E1B933-D2E2-44EF-A56C-94483300845B"}]}]}],"references":[{"url":"https://github.com/lepture/mistune/commit/c4093c4742ed0d10d9332fb8edb455869b7b581b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/lepture/mistune/releases/tag/v3.3.0","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9","source":"security-advisories@github.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/lepture/mistune/security/advisories/GHSA-2hm2-hc3v-44h9","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-14362","sourceIdentifier":"security@hashicorp.com","published":"2026-07-08T18:16:32.130","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp memberlist before version 0.6.0 is vulnerable to a denial-of-service issue in its push/pull state handling that may allow an attacker with network access to the gossip port to exhaust memory on a receiving node and cause the process to terminate. This vulnerability (CVE-2026-14362) is fixed in memberlist 0.6.0."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Shared library","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/memberlist","versions":[{"version":"0.1.5","lessThan":"0.6.0","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T18:29:53.691434Z","id":"CVE-2026-14362","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-770"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-18-memberlist-vulnerable-to-denial-of-service-via-gossip-message/77556","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-50812","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T18:16:32.400","lastModified":"2026-07-09T19:48:15.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A NULL pointer dereference in the SQLite Session Extension in SQLite 3.53.1 and SQLite trunk builds before check-in e807d4e3798efd53 allows an attacker who can supply a malformed changeset blob to cause a denial of service. The issue occurs when sqlite3changeset_apply_v3() applies a corrupt changeset and reaches sqlite3_value_type() with a NULL sqlite3_value pointer."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T20:11:38.428519Z","id":"CVE-2026-50812","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://gist.github.com/junius-sec/bb556f333957c5226dede314db0e9e91","source":"cve@mitre.org"},{"url":"https://github.com/sqlite/sqlite/commit/b869ed6b067d623cb1383549f2a18aa35508385d","source":"cve@mitre.org"},{"url":"https://sqlite.org/src/info/e807d4e3798efd53","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-50813","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T18:16:32.560","lastModified":"2026-07-09T19:48:15.277","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in SQLite before Fossil check-in 869a51ae84df allows a local attacker to obtain sensitive information via the Session Extension changeset concat/changegroup merge path"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@mitre.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":4.2},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T20:12:49.182604Z","id":"CVE-2026-50813","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-126"}]}],"references":[{"url":"https://gist.github.com/junius-sec/f8acb66bafb80134c8e1a1c8c7c9f4f4","source":"cve@mitre.org"},{"url":"https://github.com/sqlite/sqlite/commit/c597ed79d1bd03f57198d10d1f431adda293cf2e","source":"cve@mitre.org"},{"url":"https://sqlite.org/src/info/869a51ae84df","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-59937","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T18:16:34.963","lastModified":"2026-07-09T20:39:31.900","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with repeated malformed cross-reference streams that cause pypdf to spend long runtimes recovering broken cross-reference table entries. This issue is fixed in version 6.14.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"py-pdf","product":"pypdf","versions":[{"version":"< 6.14.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:38:02.608932Z","id":"CVE-2026-59937","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*","versionEndExcluding":"6.14.0","matchCriteriaId":"628EE3B0-9F0E-4B9C-A602-9FC542A24339"}]}]}],"references":[{"url":"https://github.com/py-pdf/pypdf/commit/b5fc5aa714f4b696fb9b1deaa35a9e4a4eb50dae","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/py-pdf/pypdf/pull/3887","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/py-pdf/pypdf/releases/tag/6.14.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/py-pdf/pypdf/security/advisories/GHSA-55h5-xmcq-c37v","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59938","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T18:16:35.097","lastModified":"2026-07-09T20:41:11.620","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pypdf is a free and open-source pure-python PDF library. Prior to 6.14.0, an attacker can craft a PDF with declared image size values that are much too large compared to the actual data, causing large memory usage in pypdf image parsing. This issue is fixed in version 6.14.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"py-pdf","product":"pypdf","versions":[{"version":"< 6.14.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:58:08.413307Z","id":"CVE-2026-59938","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-789"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*","versionEndExcluding":"6.14.0","matchCriteriaId":"628EE3B0-9F0E-4B9C-A602-9FC542A24339"}]}]}],"references":[{"url":"https://github.com/py-pdf/pypdf/commit/c64583be16b8e8763d8777075f8ecbf382014b7a","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/py-pdf/pypdf/pull/3888","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/py-pdf/pypdf/releases/tag/6.14.0","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/py-pdf/pypdf/security/advisories/GHSA-5qjq-93h5-hrgp","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-14361","sourceIdentifier":"security@hashicorp.com","published":"2026-07-08T20:16:47.850","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The consul-template library before version 0.42.1 is vulnerable to a path redirection issue in the writeToFile template helper that may allow template output to be written outside the intended directory or to overwrite an existing file. This vulnerability (CVE-2026-14361) is fixed in consul-template 0.42.1."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Tooling","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/consul-template","versions":[{"version":"0.1.0","lessThan":"0.42.1","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T20:37:49.249358Z","id":"CVE-2026-14361","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-20-consul-template-vulnerable-to-path-redirections-in-writetofile/77559","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-14373","sourceIdentifier":"security@hashicorp.com","published":"2026-07-08T20:16:48.080","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp Nomad and Nomad Enterprise did not enforce the allow_privileged restriction for the Docker task driver's host namespace mode options. This may allow an authenticated job submitter to run a container in a host namespace and access information belonging to the host or to other workloads on the same client. This vulnerability, CVE-2026-14373, is fixed in Nomad Community Edition 2.0.4 and Nomad Enterprise 2.0.4, 1.11.8, and 1.10.14."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Nomad","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected"}]},{"vendor":"HashiCorp","product":"Nomad Enterprise","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected","changes":[{"at":"1.11.8","status":"unaffected"},{"at":"1.10.14","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.1,"impactScore":4.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T20:37:33.792550Z","id":"CVE-2026-14373","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-19-nomad-docker-driver-vulnerable-to-host-namespace-bypass-on-linux/77557","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-14891","sourceIdentifier":"security@hashicorp.com","published":"2026-07-08T20:16:48.300","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This vulnerability, CVE-2026-14891, is fixed in Nomad Community Edition 2.0.4 and Nomad Enterprise 2.0.4, 1.11.8, and 1.10.14."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Nomad","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected"}]},{"vendor":"HashiCorp","product":"Nomad Enterprise","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected","changes":[{"at":"1.11.8","status":"unaffected"},{"at":"1.10.14","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-08T00:00:00+00:00","id":"CVE-2026-14891","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-59"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-21-nomad-vulnerable-to-sandbox-escape-in-docker-task-driver/77561","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-36028","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T20:16:48.937","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A protection mechanism failure in the Code 27 Companion Hub allows an attacker with physical access to completely bypass kiosk restrictions via a factory reset"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:53:18.932610Z","id":"CVE-2026-36028","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-288"}]}],"references":[{"url":"https://code.com","source":"cve@mitre.org"},{"url":"https://companion.com","source":"cve@mitre.org"},{"url":"https://github.com/redr0nin/Code-27-Companion-Hub-Exploits","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-58209","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:53.800","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, MQTT retained message delivery and QoS1+ durable replay could deliver messages whose original topics matched a subscriber configured subscribe deny rule because these delivery paths did not consistently recheck the concrete original topic before sending the MQTT PUBLISH to the subscriber. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.12","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:30:43.243356Z","id":"CVE-2026-58209","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/181b1f51f40b9954c57e9d478e051fb257679356","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/1c429b6fdc5afd4188cc5faf1127f6334896cd87","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.12","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-7qmq-8cc4-hxwg","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58210","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:53.950","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completed, consuming server memory while the parser waited for the advertised MQTT packet length. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.12","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:29:25.711675Z","id":"CVE-2026-58210","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/bce9ef39469e610aeddb819194ceb7f7edfc0861","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/e016e47bbf70304945f2ae9dc397e4862adefaf5","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.12","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-r72h-j7qq-v6qg","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58212","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.100","lastModified":"2026-07-08T20:16:54.100","vulnStatus":"Rejected","cveTags":[],"descriptions":[{"lang":"en","value":"Rejected reason: Further research determined the issue is not a vulnerability based on CNA Rule 4.1.12 The act of updating Product dependencies MUST NOT be determined to be a Vulnerability, regardless of whether the dependencies have Vulnerabilities."}],"metrics":{},"references":[]}},{"cve":{"id":"CVE-2026-58213","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.180","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.1 and 2.12.9, an MQTT client could include protocol control characters in subscription filters that were later forwarded as NATS protocol data to route or leafnode connections, corrupting the forwarded protocol stream and allowing injection of unintended NATS protocol operations. This issue is fixed in versions 2.14.1 and 2.12.9."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.9","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:32:57.416842Z","id":"CVE-2026-58213","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-74"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/366837cfc65ab9ccb4f98193c65e8daf238582d8","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/64ebae40051ee497c481e10f316238faf0de1736","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/f14856b9e57a36818f43851cb69b6e33670885c9","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/pull/8163","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/pull/8164","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.9","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.1","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-qrcv-3558-gj4f","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58214","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.347","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an authenticated MQTT client could subscribe to the internal $MQTT.deliver.pubrel subject family, bypassing configured subscribe permissions and exposing MQTT QoS2 protocol metadata for sessions in the account. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.12","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:32:18.907165Z","id":"CVE-2026-58214","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/297b166be60fe13144084eed4b25201ead03204a","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/34b09657bb596d5f850eaa5cfc97ea6b2f989a97","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.12","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-4g68-3pwx-5vfj","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58250","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.483","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.12.8 and 2.11.17, an unauthenticated peer with network access to a leafnode listener with compression enabled could crash the server during the pre-authentication leafnode handshake by sending repeated leafnode INFO protocol messages before authentication and account setup completed. This issue is fixed in versions 2.12.8 and 2.11.17."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.11.17","status":"affected"},{"version":">= 2.12.0-preview.1, < 2.12.8","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:33:35.375405Z","id":"CVE-2026-58250","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/8dcb26eaea78fdcbe96dbee5986d6019fd5cb94a","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/fc5fe39177533e9dbdd651d2458285bfae1dde27","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.11.17","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.8","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-3g5q-cfh2-cq67","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58251","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.630","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user with subscription deny permissions could bypass a plain subject deny rule by using a queue subscription, because queue-specific deny evaluation could override the plain subject deny result when the queue name itself was not denied. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.11.16","status":"affected"},{"version":">= 2.12.0-RC.1, < 2.12.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:40:09.306056Z","id":"CVE-2026-58251","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/013586288078def45a6788096924eb4d150db65c","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/79c2f6e9ff87f594596337b6427dda85c38d1fe1","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/b9ffb63b85e7db3d25a13b2e234f5f7f7c13164d","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.11.16","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.7","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.0","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-jx8g-9g95-6322","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58252","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.793","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, an authenticated user could receive messages on denied subjects when a wildcard subscription overlapped with a configured wildcard deny rule but was not a subset of it, and queue subscriptions could also affect delivery to legitimate queue consumers. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.11.16","status":"affected"},{"version":">= 2.12.0-preview.1, < 2.12.7","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:34:18.644909Z","id":"CVE-2026-58252","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-285"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/8ced85a11497f86704a95d960281480ce037386b","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/a42a6d1e258eb5c3a2190384d31965a4b715e854","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/e611ca9604697b02d8f22beb76037400a9cf72e6","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.11.16","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.7","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.0","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-wh7g-5m82-pmhr","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58253","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:54.943","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.0, 2.12.7, and 2.11.16, when no_auth_user was configured, a parser fast path intended for ordinary client connections could also apply to route or leafnode listeners, allowing an unauthenticated peer to bypass inter-server CONNECT authentication and operate with the privileges associated with that connection type. This issue is fixed in versions 2.14.0, 2.12.7, and 2.11.16."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.11.16","status":"affected"},{"version":">= 2.12.0-preview.1, < 2.12.6","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:L","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":5.3}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:35:15.515260Z","id":"CVE-2026-58253","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/7b81dd455ea95960090a84858c7662827948d1b6","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/8b8e1ad4ceed32321e00d4fc6e76be05bc13bca6","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/commit/b86147e81710a52b72a7f7275f91d69f723f5cb3","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.11.16","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.7","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.0","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-38x3-76xf-cq45","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-58254","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:55.107","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.8, message trace destination checks were applied to ordinary client connections but not consistently to messages arriving through leafnode connections, allowing a leafnode operator to send trace events to subjects that would not otherwise be permitted and to use trace-only behavior to prevent normal delivery or storage of affected messages. This issue is fixed in versions 2.14.3 and 2.12.8."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.8","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:38:04.787145Z","id":"CVE-2026-58254","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/cbe845932980b71563efac5cfa4cc751c88936cd","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.8","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com"},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-p3j5-5hrq-p75h","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59819","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:57.277","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.10-stable, LiteLLM's /health/test_connection endpoint resolved request-supplied environment and OIDC file references in litellm_params, allowing a proxy administrator or another privileged caller with permission to test model connections to read files from the local filesystem via an oidc/file/ reference. This issue is fixed in version 1.83.10-stable."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":"< 1.83.10-stable","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:30:04.946174Z","id":"CVE-2026-59819","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-73"}]}],"references":[{"url":"https://github.com/BerriAI/litellm/pull/25592","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.10-stable","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-4g5m-c9r5-49xf","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59820","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:57.413","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.7-stable, LiteLLM Skills archive extraction did not sufficiently validate file paths from uploaded skill ZIP archives, allowing an authenticated user with access to LiteLLM LLM API routes or a key whose allowed_routes includes /v1/skills, anthropic_routes, or llm_api_routes to upload a crafted skill archive containing path traversal entries that could be written outside the intended extraction or staging directory. This issue is fixed in version 1.83.7-stable."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":"< 1.83.7-stable","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:36:59.709906Z","id":"CVE-2026-59820","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://github.com/BerriAI/litellm/commit/6a15adcd64137d37f73dee76dfe7481f8c2d9196","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/pull/25475","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-5jmr-gcrj-2c9q","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59821","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:57.547","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.82.0-stable, LiteLLM's Custom Code Guardrails production create and update paths did not apply the same sandboxing and validation used by the test endpoint, allowing a privileged user with access to create or update guardrails to submit custom Python code that executed in the LiteLLM proxy environment and could expose secrets available to the process. This issue is fixed in version 1.82.0-stable."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":"< 1.82.0-stable","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:38:04.002799Z","id":"CVE-2026-59821","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/BerriAI/litellm/commit/e50b4486d0f7aa0497185a1ebcdd2c91f1769eba","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.82.0-stable","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-72m8-9m7m-h278","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59822","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:57.683","lastModified":"2026-07-09T16:25:45.200","vulnStatus":"Undergoing Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.84.0, LiteLLM's MCP Streamable HTTP endpoint allowed an unauthenticated attacker to use a fabricated Authorization header to trigger an OAuth2 passthrough fallback path that replaced failed LiteLLM key validation with an empty UserAPIKeyAuth() object, allowing requests to reach MCP tooling without a valid LiteLLM key. This issue is fixed in version 1.84.0."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"BerriAI","product":"litellm","versions":[{"version":"< 1.84.0","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:31:02.315980Z","id":"CVE-2026-59822","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"},{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://github.com/BerriAI/litellm/commit/73869f0faf7d11ee21adcb5f91b8c33a340b6c2c","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/pull/26463","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/releases/tag/v1.84.0","source":"security-advisories@github.com"},{"url":"https://github.com/BerriAI/litellm/security/advisories/GHSA-7488-6r32-c95q","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-59935","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:59.260","lastModified":"2026-07-09T20:42:14.150","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pypdf is a free and open-source pure-python PDF library. Prior to 6.14.2, an attacker can craft a PDF with a page content stream containing a not terminated inline image that uses the ASCII85 or ASCIIHex filters, causing an infinite loop during parsing such as when extracting page text. This issue is fixed in version 6.14.2."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"py-pdf","product":"pypdf","versions":[{"version":"< 6.14.2","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:36:07.945731Z","id":"CVE-2026-59935","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*","versionEndExcluding":"6.14.2","matchCriteriaId":"42CB6726-6C04-4049-A238-CB7602E8005C"}]}]}],"references":[{"url":"https://github.com/py-pdf/pypdf/commit/5a33a46416aa1ae6c025ff90a3cca57631fdafd2","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/py-pdf/pypdf/pull/3892","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/py-pdf/pypdf/releases/tag/6.14.2","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/py-pdf/pypdf/security/advisories/GHSA-g867-7843-wf8q","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-59936","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T20:16:59.403","lastModified":"2026-07-09T20:41:41.110","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pypdf is a free and open-source pure-python PDF library. Prior to 6.14.1, an attacker can craft a PDF with a page content stream containing a not terminated inline image, causing an infinite loop during inline image end marker detection such as when extracting page text. This issue is fixed in version 6.14.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"py-pdf","product":"pypdf","versions":[{"version":"< 6.14.1","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:26:41.429218Z","id":"CVE-2026-59936","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:pypdf_project:pypdf:*:*:*:*:*:*:*:*","versionEndExcluding":"6.14.1","matchCriteriaId":"BBEF5EAD-67B5-4028-9729-87300447366E"}]}]}],"references":[{"url":"https://github.com/py-pdf/pypdf/commit/ec3b14596186c40caca7cf8ab9b2155203e01b5b","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/py-pdf/pypdf/pull/3891","source":"security-advisories@github.com","tags":["Issue Tracking","Patch"]},{"url":"https://github.com/py-pdf/pypdf/releases/tag/6.14.1","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/py-pdf/pypdf/security/advisories/GHSA-5xf7-4p34-54qr","source":"security-advisories@github.com","tags":["Patch","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-8650","sourceIdentifier":"security@progress.com","published":"2026-07-08T20:17:00.677","lastModified":"2026-07-09T19:18:57.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Relative path traversal vulnerability in Progress MOVEit Transfer (Admin Settings module).\n\nThis issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3."}],"affected":[{"source":"security@progress.com","affectedData":[{"vendor":"Progress","product":"MOVEit Transfer","defaultStatus":"unaffected","modules":["Admin Settings"],"versions":[{"version":"2025.1.0","lessThan":"2025.1.3","versionType":"semver","status":"affected"},{"version":"0","lessThan":"2025.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.5,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:31:47.057844Z","id":"CVE-2026-8650","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-23"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionEndExcluding":"2025.0.7","matchCriteriaId":"E1F696CA-EE0E-4665-8D8B-BE9F2214E50E"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.1","versionEndExcluding":"2025.1.3","matchCriteriaId":"250AB9CF-B7E6-4D73-AB6A-5EB76E85A955"}]}]}],"references":[{"url":"https://docs.progress.com/bundle/moveit-transfer-release-notes-2026/page/Fixed-Issues-in-2026.html","source":"security@progress.com","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-8651","sourceIdentifier":"security@progress.com","published":"2026-07-08T20:17:00.793","lastModified":"2026-07-09T19:18:09.793","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Limited authentication bypass by spoofing vulnerability in Progress MOVEit Transfer (HTTPS module).\n\nThis issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3."}],"affected":[{"source":"security@progress.com","affectedData":[{"vendor":"Progress","product":"MOVEit Transfer","defaultStatus":"unaffected","modules":["HTTPS"],"versions":[{"version":"2025.1.0","lessThan":"2025.1.3","versionType":"semver","status":"affected"},{"version":"0","lessThan":"2025.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:32:11.324109Z","id":"CVE-2026-8651","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-290"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionEndExcluding":"2025.0.7","matchCriteriaId":"E1F696CA-EE0E-4665-8D8B-BE9F2214E50E"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.1","versionEndExcluding":"2025.1.3","matchCriteriaId":"250AB9CF-B7E6-4D73-AB6A-5EB76E85A955"}]}]}],"references":[{"url":"https://docs.progress.com/bundle/moveit-transfer-release-notes-2026/page/Fixed-Issues-in-2026.html","source":"security@progress.com","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-8800","sourceIdentifier":"security@progress.com","published":"2026-07-08T20:17:00.913","lastModified":"2026-07-09T19:17:34.223","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Incorrect Authorization vulnerability in Progress MOVEit Transfer (Audit User module).\n\nThis issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3."}],"affected":[{"source":"security@progress.com","affectedData":[{"vendor":"Progress","product":"MOVEit Transfer","defaultStatus":"unaffected","modules":["Users"],"versions":[{"version":"2025.1.0","lessThan":"2025.1.3","versionType":"semver","status":"affected"},{"version":"0","lessThan":"2025.0.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:35:12.446076Z","id":"CVE-2026-8800","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionEndExcluding":"2025.0.7","matchCriteriaId":"E1F696CA-EE0E-4665-8D8B-BE9F2214E50E"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.1","versionEndExcluding":"2025.1.3","matchCriteriaId":"250AB9CF-B7E6-4D73-AB6A-5EB76E85A955"}]}]}],"references":[{"url":"https://docs.progress.com/bundle/moveit-transfer-release-notes-2026/page/Fixed-Issues-in-2026.html","source":"security@progress.com","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2026-8801","sourceIdentifier":"security@progress.com","published":"2026-07-08T20:17:01.027","lastModified":"2026-07-09T19:16:37.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Path equivalence: vulnerability in Progress MOVEit Transfer (File Upload modules).\n\nThis issue affects MOVEit Transfer: before 2025.0.8, from 2025.1.0 before 2025.1.4."}],"affected":[{"source":"security@progress.com","affectedData":[{"vendor":"Progress","product":"MOVEit Transfer","defaultStatus":"unaffected","modules":["File Upload"],"versions":[{"version":"2025.1.0","lessThan":"2025.1.4","versionType":"semver","status":"affected"},{"version":"0","lessThan":"2025.0.8","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@progress.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:35:50.871832Z","id":"CVE-2026-8801","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@progress.com","type":"Secondary","description":[{"lang":"en","value":"CWE-46"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionEndExcluding":"2025.0.8","matchCriteriaId":"F84EE068-FAB6-4D6B-95B7-EEB8F6BB71C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:*","versionStartIncluding":"2025.1.0","versionEndExcluding":"2025.1.4","matchCriteriaId":"81C2C6E0-529A-4414-9266-15992A9749B5"}]}]}],"references":[{"url":"https://docs.progress.com/bundle/moveit-transfer-release-notes-2026/page/Fixed-Issues-in-2026.html","source":"security@progress.com","tags":["Release Notes"]}]}},{"cve":{"id":"CVE-2025-12506","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:44.493","lastModified":"2026-07-09T20:17:33.973","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to create a repository where the content displayed in the web interface differed from the content available for download, due to improper handling of Git reference name resolution."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"16.5","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:53:19.849180Z","id":"CVE-2025-12506","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-706"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"16.5.0","versionEndExcluding":"18.11.7","matchCriteriaId":"F80A630E-B6B3-4F61-AB1E-1E7A162A2748"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"16.5.0","versionEndExcluding":"18.11.7","matchCriteriaId":"F05C9C1B-B9B8-4C37-9058-E94A474ACFAF"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"EFCDDDB3-8242-420F-AAA0-65985B9B525D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"C12717E0-C005-4D05-8B76-6D974C5CED08"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/578988","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3351460","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-11827","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:46.397","lastModified":"2026-07-09T20:15:29.420","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab EE affecting all versions from 9.5 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with maintainer-role permissions to obtain another user's stored credentials due to improper authorization controls."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"9.5","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:14:56.093248Z","id":"CVE-2026-11827","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-522"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.5.0","versionEndExcluding":"18.11.7","matchCriteriaId":"66FFC736-5D40-413C-BEA8-94FCADEC35C6"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/602478","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3720483","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-13151","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:46.520","lastModified":"2026-07-09T20:34:08.440","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab EE affecting all versions from 16.10 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to modify group-level settings beyond their intended permissions due to improper authorization controls."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"16.10","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:25:42.875527Z","id":"CVE-2026-13151","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"16.10.0","versionEndExcluding":"18.11.7","matchCriteriaId":"A742F824-59B5-4E65-86B1-120CDD3153E5"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/598813","source":"cve@gitlab.com","tags":["Broken Link"]}]}},{"cve":{"id":"CVE-2026-13320","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:46.630","lastModified":"2026-07-09T20:35:14.233","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.7 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"15.7","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:N","baseScore":7.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:41:38.644164Z","id":"CVE-2026-13320","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"15.7.0","versionEndExcluding":"18.11.7","matchCriteriaId":"755A1ECC-3D10-4301-AF23-98AC37B872C9"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"15.7.0","versionEndExcluding":"18.11.7","matchCriteriaId":"F91F3636-63EF-452A-B8F1-FA4E6FF9D109"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"EFCDDDB3-8242-420F-AAA0-65985B9B525D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"C12717E0-C005-4D05-8B76-6D974C5CED08"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/604063","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3816917","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-14896","sourceIdentifier":"security@hashicorp.com","published":"2026-07-08T21:16:47.030","lastModified":"2026-07-09T16:29:14.203","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This vulnerability, CVE-2026-14896, is fixed in Nomad Community Edition 2.0.4 and Nomad Enterprise 2.0.4, 1.11.8, and 1.10.14."}],"affected":[{"source":"security@hashicorp.com","affectedData":[{"vendor":"HashiCorp","product":"Nomad","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected"}]},{"vendor":"HashiCorp","product":"Nomad Enterprise","defaultStatus":"unaffected","platforms":["64 bit","32 bit","x86","ARM","MacOS","Windows","Linux"],"repo":"https://github.com/hashicorp/nomad","versions":[{"version":"0.4.1","lessThan":"2.0.4","versionType":"semver","status":"affected","changes":[{"at":"1.11.8","status":"unaffected"},{"at":"1.10.14","status":"unaffected"}]}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@hashicorp.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L","baseScore":4.2,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.6,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:40:04.927188Z","id":"CVE-2026-14896","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@hashicorp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"references":[{"url":"https://discuss.hashicorp.com/t/hcsec-2026-22-nomad-vulnerable-to-cross-namespace-host-volume-claim-deletion/77562","source":"security@hashicorp.com"}]}},{"cve":{"id":"CVE-2026-15163","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.227","lastModified":"2026-07-09T19:56:30.983","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Multiple protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allow denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:49:18.560769Z","id":"CVE-2026-15163","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-835"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21275","source":"cve@gitlab.com","tags":["Issue Tracking"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21277","source":"cve@gitlab.com","tags":["Issue Tracking"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21330","source":"cve@gitlab.com","tags":["Issue Tracking"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21383","source":"cve@gitlab.com","tags":["Issue Tracking"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-61.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-15166","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.560","lastModified":"2026-07-09T19:59:14.163","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:13:42.996528Z","id":"CVE-2026-15166","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21391","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-57.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21391","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15167","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.667","lastModified":"2026-07-09T20:01:49.550","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:45:52.891240Z","id":"CVE-2026-15167","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21352","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-62.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-15169","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.777","lastModified":"2026-07-09T20:02:39.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"UMTS FP protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:45:23.407997Z","id":"CVE-2026-15169","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21398","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-59.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21398","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15170","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.880","lastModified":"2026-07-09T19:26:00.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Z39.50 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:46:27.644761Z","id":"CVE-2026-15170","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21397","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-58.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21397","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15171","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:47.990","lastModified":"2026-07-09T19:24:29.030","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"SSH protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:44:51.561918Z","id":"CVE-2026-15171","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-476"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21378","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-55.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21378","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15172","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:48.097","lastModified":"2026-07-09T19:23:17.337","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"FMP/NOTIFY protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:42:40.189292Z","id":"CVE-2026-15172","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-606"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21347","source":"cve@gitlab.com","tags":["Issue Tracking","Third Party Advisory","Exploit"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-54.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-15173","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:48.203","lastModified":"2026-07-09T19:22:28.693","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"pcapng file parser crash in Wireshark 4.6.0 to 4.6.6 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:44:18.595204Z","id":"CVE-2026-15173","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21285","source":"cve@gitlab.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-53.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21285","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-15174","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:48.310","lastModified":"2026-07-09T19:21:52.893","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Catapult DCT2000 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:14:34.596925Z","id":"CVE-2026-15174","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21270","source":"cve@gitlab.com","tags":["Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-52.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21270","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-58207","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T21:16:52.293","lastModified":"2026-07-09T19:13:49.360","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client able to send account-scoped connection monitoring requests could crash the server by supplying Connz pagination Offset and Limit values that overflowed internal arithmetic before the response window was safely bounded. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.12","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H","baseScore":7.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:21:06.599044Z","id":"CVE-2026-58207","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.12.0","versionEndExcluding":"2.12.12","matchCriteriaId":"410EBCA5-133B-48F5-BF7D-53F8BC020506"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.14.0","versionEndExcluding":"2.14.3","matchCriteriaId":"9BF70729-64AF-4219-BC35-3C5C042F0595"}]}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/2ae047139e37a38cb01e259a67909e7a39fa38e9","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nats-io/nats-server/commit/894d9411927681d66ce349bf1afe49608dc0c1a3","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.12","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-q59r-vq66-pxc2","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58208","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T21:16:52.440","lastModified":"2026-07-09T19:08:52.507","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a WebSocket listener could route requests for the MQTT-over-WebSocket path into MQTT handling even when MQTT was not configured, allowing an unauthenticated client with access to the WebSocket listener to reach uninitialized MQTT state and crash the server process. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"},{"version":"< 2.12.12","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:04:07.392572Z","id":"CVE-2026-58208","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-248"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.12.0","versionEndExcluding":"2.12.12","matchCriteriaId":"410EBCA5-133B-48F5-BF7D-53F8BC020506"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.14.0","versionEndExcluding":"2.14.3","matchCriteriaId":"9BF70729-64AF-4219-BC35-3C5C042F0595"}]}]}],"references":[{"url":"https://github.com/nats-io/nats-server/commit/73b3dd9a5ea0fa7bf08b702338676355b29b5fb4","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nats-io/nats-server/commit/837536b98b3a9280b993282155ff2bdd3ca38c30","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.12.12","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/nats-io/nats-server/releases/tag/v2.14.3","source":"security-advisories@github.com","tags":["Release Notes"]},{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-p957-7v2w-g93g","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58211","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T21:16:52.610","lastModified":"2026-07-09T19:00:21.450","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, a client could be registered as the configured no_auth_user through a parser path used when the first client operation was not CONNECT, bypassing user-level connection restrictions such as allowed_connection_types or proxy_required that normal authentication would apply. This issue is fixed in versions 2.14.3 and 2.12.12."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"nats-io","product":"nats-server","versions":[{"version":"< 2.12.12","status":"affected"},{"version":">= 2.14.0-RC.1, < 2.14.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:27:18.977045Z","id":"CVE-2026-58211","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.12.0","versionEndExcluding":"2.12.12","matchCriteriaId":"410EBCA5-133B-48F5-BF7D-53F8BC020506"},{"vulnerable":true,"criteria":"cpe:2.3:a:linuxfoundation:nats-server:*:*:*:*:*:*:*:*","versionStartIncluding":"2.14.0","versionEndExcluding":"2.14.3","matchCriteriaId":"9BF70729-64AF-4219-BC35-3C5C042F0595"}]}]}],"references":[{"url":"https://github.com/nats-io/nats-server/security/advisories/GHSA-hmmp-q8cx-v964","source":"security-advisories@github.com","tags":["Mitigation","Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-58525","sourceIdentifier":"secure@microsoft.com","published":"2026-07-08T21:16:54.300","lastModified":"2026-07-09T17:16:53.867","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network."}],"affected":[{"source":"secure@microsoft.com","affectedData":[{"vendor":"Microsoft","product":"Microsoft Edge (Chromium-based)","versions":[{"version":"1.0.0.0","lessThan":"150.0.4078.50","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"secure@microsoft.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:27:16.106927Z","id":"CVE-2026-58525","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"secure@microsoft.com","type":"Secondary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:edge_chromium:*:*:*:*:-:*:*:*","versionEndExcluding":"150.0.4078.50","matchCriteriaId":"9B6BBF41-0A46-4410-AABC-AA6D7DF67F01"}]}]}],"references":[{"url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58525","source":"secure@microsoft.com","tags":["Vendor Advisory"]}]}},{"cve":{"id":"CVE-2026-6352","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:54.960","lastModified":"2026-07-09T20:36:00.707","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab EE affecting all versions from 18.2 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with auditor-level access to modify compliance violation records due to improper authorization on certain GraphQL operations."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"18.2","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N","baseScore":2.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":1.2,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:13:12.188493Z","id":"CVE-2026-6352","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"18.2.0","versionEndExcluding":"18.11.7","matchCriteriaId":"1B2372E0-84F3-4C53-AD65-D9E60AE7A564"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/596789","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3631344","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-6896","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:55.097","lastModified":"2026-07-09T20:38:26.077","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"13.11","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N","baseScore":8.7,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":5.8},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:13:44.236024Z","id":"CVE-2026-6896","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"13.11.0","versionEndExcluding":"18.11.7","matchCriteriaId":"32643EA5-8C1A-418A-A6B5-EDCADEC8C79E"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/597887","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3682085","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-7492","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T21:16:55.213","lastModified":"2026-07-09T20:37:12.463","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.1 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an unauthenticated user to determine the existence of a private project due to improper authorization controls on cross-project reference pages."}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"GitLab","product":"GitLab","defaultStatus":"unaffected","cpes":["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"],"repo":"git://git@gitlab.com:gitlab-org/gitlab.git","versions":[{"version":"9.1","lessThan":"18.11.7","versionType":"semver","status":"affected"},{"version":"19.0","lessThan":"19.0.4","versionType":"semver","status":"affected"},{"version":"19.1","lessThan":"19.1.2","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:14:09.362350Z","id":"CVE-2026-7492","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"18.11.7","matchCriteriaId":"A662B6DB-BEB1-4E15-B7C0-4B661D363525"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"9.1.0","versionEndExcluding":"18.11.7","matchCriteriaId":"0C9C6A25-5370-4E15-98E3-CC630B6B3C18"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"EFCDDDB3-8242-420F-AAA0-65985B9B525D"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.0.0","versionEndExcluding":"19.0.4","matchCriteriaId":"77F37C9F-5A51-4AD0-A919-F74CA49F8048"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"C12717E0-C005-4D05-8B76-6D974C5CED08"},{"vulnerable":true,"criteria":"cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*","versionStartIncluding":"19.1.0","versionEndExcluding":"19.1.2","matchCriteriaId":"71AC7E45-C1B7-4EFE-8C29-E1D7ADD3D9F4"}]}]}],"references":[{"url":"https://docs.gitlab.com/releases/patches/patch-release-gitlab-19-1-2-released/","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/gitlab-org/gitlab/-/work_items/597947","source":"cve@gitlab.com","tags":["Broken Link"]},{"url":"https://hackerone.com/reports/3704739","source":"cve@gitlab.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-10037","sourceIdentifier":"security@ubuntu.com","published":"2026-07-08T22:17:12.500","lastModified":"2026-07-10T05:16:27.950","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"A sandbox escape vulnerability exists in the OpenJDK packages provided in Ubuntu. The .jar MIME handlers installed by these packages execute files marked as executable when the mailcap package is installed. A compromised or malicious sandboxed application with access to the OpenURI portal via xdg-desktop-portal-gtk can write a malicious .jar file to the host file system, set its executable bit, and trigger the handler to execute arbitrary code outside of the sandbox environment."}],"affected":[{"source":"security@ubuntu.com","affectedData":[{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-8"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-9"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-13"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-16"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-17"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-18"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-21"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-25"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"openjdk-lts"},{"vendor":"Canonical","product":"Ubuntu","defaultStatus":"unaffected","packageName":"mailcap","versions":[{"version":"0","lessThan":"3.70+nmu1ubuntu1.22.04.1","versionType":"custom","status":"affected"},{"version":"0","lessThan":"3.70+nmu1ubuntu1.24.04.1","versionType":"custom","status":"affected"},{"version":"0","lessThan":"3.74ubuntu1.1","versionType":"custom","status":"affected"},{"version":"0","lessThan":"3.75ubuntu1.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security@ubuntu.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.0,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-10037","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security@ubuntu.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"references":[{"url":"https://bugs.launchpad.net/ubuntu/+source/openjdk-25/+bug/2153100","source":"security@ubuntu.com"},{"url":"https://bugs.launchpad.net/ubuntu/+source/openjdk-25/+bug/2153100","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-15168","sourceIdentifier":"cve@gitlab.com","published":"2026-07-08T22:17:13.717","lastModified":"2026-07-09T19:20:39.570","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"BLF file parser in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows possible information disclosure"}],"affected":[{"source":"cve@gitlab.com","affectedData":[{"vendor":"Wireshark Foundation","product":"Wireshark","defaultStatus":"unaffected","versions":[{"version":"4.6.0","lessThan":"4.6.7","versionType":"semver","status":"affected"},{"version":"4.4.0","lessThan":"4.4.17","versionType":"semver","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cve@gitlab.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":2.5,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:53:59.967240Z","id":"CVE-2026-15168","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cve@gitlab.com","type":"Secondary","description":[{"lang":"en","value":"CWE-457"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.4.0","versionEndExcluding":"4.4.17","matchCriteriaId":"B9FABA5D-7249-44A2-BF12-18AFBCA61C17"},{"vulnerable":true,"criteria":"cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*","versionStartIncluding":"4.6.0","versionEndExcluding":"4.6.7","matchCriteriaId":"D7FEEC76-5F0F-4206-830C-4DF78953646B"}]}]}],"references":[{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21361","source":"cve@gitlab.com","tags":["Exploit","Issue Tracking","Third Party Advisory"]},{"url":"https://www.wireshark.org/security/wnpa-sec-2026-60.html","source":"cve@gitlab.com","tags":["Vendor Advisory"]},{"url":"https://gitlab.com/wireshark/wireshark/-/work_items/21361","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Third Party Advisory"]}]}},{"cve":{"id":"CVE-2026-31309","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:13.840","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:30:44.348570Z","id":"CVE-2026-31309","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://github.com/mysteriumnetwork/node/","source":"cve@mitre.org"},{"url":"https://github.com/mysteriumnetwork/node/blob/1.35.5/tequilapi/tequil/routes.go#L26","source":"cve@mitre.org"},{"url":"https://github.com/mysteriumnetwork/node/commit/83051199cd641dd4ed9057b958e5616df1309f19","source":"cve@mitre.org"},{"url":"https://github.com/mysteriumnetwork/node/commit/bc099fcaff59fee9c8a8f8e07ffff5b3c5df2bb9","source":"cve@mitre.org"},{"url":"https://github.com/mysteriumnetwork/node/releases/tag/1.35.5","source":"cve@mitre.org"},{"url":"https://github.com/mysteriumnetwork/node/releases/tag/1.36.0","source":"cve@mitre.org"},{"url":"https://github.com/sch8ill/CVE-2026-31309","source":"cve@mitre.org"},{"url":"https://github.com/sch8ill/CVE-2026-31309","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-35552","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:13.980","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In CAXperts UPVWebServices 2.4.2212.603 through 2.7.6 and UDiTH Portal 2026.0.0 through 2026.2.0, an authenticated remote user can invoke an administrative API endpoint intended for privileged users. Due to missing authorization checks, this allows the attacker to deactivate the application's license."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":5.2}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:01:57.489383Z","id":"CVE-2026-35552","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://caxperts.com","source":"cve@mitre.org"},{"url":"https://github.com/caxperts/security-advisories/blob/main/2026/CAXSEC-2026-001_portal.md","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-39178","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:14.103","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the search parameter of the allContactSearch endpoint."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:28:02.396342Z","id":"CVE-2026-39178","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21","source":"cve@mitre.org"},{"url":"https://www.sogo.nu/news/2026/sogo-v5127-released.html","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-39179","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:14.230","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A SQL injection vulnerability in SOGo before 5.12.7 allows authenticated users to execute arbitrary SQL statements via the newPassword parameter in the password change functionality."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T14:25:39.431685Z","id":"CVE-2026-39179","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/Alinto/sogo/commit/1f7e5d2b2c2047c44a6a9e05f73c36491cb96d21","source":"cve@mitre.org"},{"url":"https://www.sogo.nu/news/2026/sogo-v5127-released.html","source":"cve@mitre.org"}]}},{"cve":{"id":"CVE-2026-51535","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:15.000","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"In OpENer 2.3.0 (commit 76b95cf), a resource exhaustion (Denial of Service) vulnerability exists in its network processing loop."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:07:11.502869Z","id":"CVE-2026-51535","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-400"}]}],"references":[{"url":"https://gist.github.com/MrAlaskan/bec306c51fec9f777b2599f5dea09dd1","source":"cve@mitre.org"},{"url":"https://github.com/EIPStackGroup/OpENer/issues/562","source":"cve@mitre.org"},{"url":"https://github.com/EIPStackGroup/OpENer/issues/562","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-52200","sourceIdentifier":"cve@mitre.org","published":"2026-07-08T22:17:15.127","lastModified":"2026-07-09T17:02:37.960","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An issue in Generic OEM UZ801_v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax web management API endpoint in MifiService.apk"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T15:10:44.062864Z","id":"CVE-2026-52200","options":[{"exploitation":"poc"},{"automatable":"yes"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-94"}]}],"references":[{"url":"https://github.com/lamaper/CVE-2026-52200","source":"cve@mitre.org"},{"url":"https://github.com/lamaper/UZ801-MifiService-Broken-Access-Control","source":"cve@mitre.org"},{"url":"https://github.com/lamaper/CVE-2026-52200","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}},{"cve":{"id":"CVE-2026-54777","sourceIdentifier":"security-advisories@github.com","published":"2026-07-08T22:17:15.240","lastModified":"2026-07-10T05:16:37.393","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF NetNamedPipe transport accepts attachment to a pre-existing named pipe instance, allowing local interception of NetNamedPipe traffic when an attacker races NamedPipeListener startup between shared memory GUID publication and service named pipe creation. This issue is fixed in versions 1.8.1 and 1.9.1."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"CoreWCF","product":"CoreWCF","versions":[{"version":">= 1.9.0, < 1.9.1","status":"affected"},{"version":"< 1.8.1","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":5.5}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-54777","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-367"},{"lang":"en","value":"CWE-665"}]}],"references":[{"url":"https://github.com/CoreWCF/CoreWCF/commit/8ed9c780c7c6fb22fa215c5771dee0c1e49596b7","source":"security-advisories@github.com"},{"url":"https://github.com/CoreWCF/CoreWCF/commit/e7d225394fd429900dcbc445dcdd53b94e964077","source":"security-advisories@github.com"},{"url":"https://github.com/CoreWCF/CoreWCF/releases/tag/v1.8.1","source":"security-advisories@github.com"},{"url":"https://github.com/CoreWCF/CoreWCF/releases/tag/v1.9.1","source":"security-advisories@github.com"},{"url":"https://github.com/CoreWCF/CoreWCF/security/advisories/GHSA-6jj2-4q5c-x8g6","source":"security-advisories@github.com"}]}},{"cve":{"id":"CVE-2026-5922","sourceIdentifier":"hp-security-alert@hp.com","published":"2026-07-08T22:17:16.193","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"The IP phone might use malicious input stored in configuration parameters and render it as content for the WebUI’s webpage."}],"affected":[{"source":"hp-security-alert@hp.com","affectedData":[{"vendor":"HP Inc.","product":"Poly CCX","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"9.5.0","versionType":"custom","status":"affected"}]},{"vendor":"HP Inc.","product":"Poly Edge E","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"8.6.0","versionType":"custom","status":"affected"}]},{"vendor":"HP Inc.","product":"Poly Trio C60","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"9.5.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"hp-security-alert@hp.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":5.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:53:25.887750Z","id":"CVE-2026-5922","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"hp-security-alert@hp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"references":[{"url":"https://support.hp.com/us-en/document/ish_15255534-15255565-16/hpsbpy04108","source":"hp-security-alert@hp.com"}]}},{"cve":{"id":"CVE-2026-5923","sourceIdentifier":"hp-security-alert@hp.com","published":"2026-07-08T22:17:16.480","lastModified":"2026-07-09T16:39:17.737","vulnStatus":"Awaiting Analysis","cveTags":[],"descriptions":[{"lang":"en","value":"Malicious use of a stolen cookie might allow modifications to the contents of the IP phone’s webpage."}],"affected":[{"source":"hp-security-alert@hp.com","affectedData":[{"vendor":"HP Inc.","product":"Poly CCX","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"9.50","versionType":"custom","status":"affected"}]},{"vendor":"HP Inc.","product":"Poly Edge E","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"8.6.0","versionType":"custom","status":"affected"}]},{"vendor":"HP Inc.","product":"Poly Trio C60","defaultStatus":"unknown","versions":[{"version":"0","lessThan":"9.5.0","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"hp-security-alert@hp.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.0,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"PRESENT","privilegesRequired":"LOW","userInteraction":"PASSIVE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"HIGH","vulnAvailabilityImpact":"HIGH","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:53:02.522546Z","id":"CVE-2026-5923","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"hp-security-alert@hp.com","type":"Secondary","description":[{"lang":"en","value":"CWE-352"}]}],"references":[{"url":"https://support.hp.com/us-en/document/ish_15255241-15255270-16/hpsbpy04109","source":"hp-security-alert@hp.com"}]}},{"cve":{"id":"CVE-2026-15105","sourceIdentifier":"cna@vuldb.com","published":"2026-07-08T23:16:51.600","lastModified":"2026-07-09T16:20:12.533","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7_server.cpp of the component ReadVar Request Handler. This manipulation causes deserialization. The attack requires access to the local network. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"davenardella","product":"snap7","cpes":["cpe:2.3:a:davenardella:snap7:*:*:*:*:*:*:*:*"],"modules":["ReadVar Request Handler"],"versions":[{"version":"1.4.0","status":"affected"},{"version":"1.4.1","status":"affected"},{"version":"1.4.2","status":"affected"},{"version":"1.4.3","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"ADJACENT","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:18:08.587007Z","id":"CVE-2026-15105","options":[{"exploitation":"poc"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-502"}]}],"references":[{"url":"https://github.com/davenardella/snap7/","source":"cna@vuldb.com"},{"url":"https://github.com/davenardella/snap7/issues/16","source":"cna@vuldb.com"},{"url":"https://github.com/user-attachments/files/28681740/poc.zip","source":"cna@vuldb.com"},{"url":"https://vuldb.com/cve/CVE-2026-15105","source":"cna@vuldb.com"},{"url":"https://vuldb.com/submit/851026","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376946","source":"cna@vuldb.com"},{"url":"https://vuldb.com/vuln/376946/cti","source":"cna@vuldb.com"}]}},{"cve":{"id":"CVE-2026-15107","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:51.783","lastModified":"2026-07-10T05:16:28.177","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in IndexedDB in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15107","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/503553615","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15108","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:51.897","lastModified":"2026-07-09T17:15:59.343","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T10:36:34.454991Z","id":"CVE-2026-15108","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/515443146","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15109","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.000","lastModified":"2026-07-09T17:15:46.783","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T13:42:43.391191Z","id":"CVE-2026-15109","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-457"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/516899138","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15110","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.103","lastModified":"2026-07-09T17:15:35.197","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T10:37:31.303796Z","id":"CVE-2026-15110","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/516948486","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15111","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.203","lastModified":"2026-07-10T05:16:28.347","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15111","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/517508651","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15112","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.310","lastModified":"2026-07-10T05:16:28.503","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Ozone in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15112","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/518006275","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15113","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.413","lastModified":"2026-07-10T05:16:28.650","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Autofill in Google Chrome on Android prior to 150.0.7871.115 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":9.6,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":6.0}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15113","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/520540744","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15114","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.533","lastModified":"2026-07-10T05:16:28.793","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Out of bounds read and write in Codecs in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15114","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-125"},{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/520565945","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15115","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.627","lastModified":"2026-07-09T17:20:40.247","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T10:32:01.062163Z","id":"CVE-2026-15115","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/520576676","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}},{"cve":{"id":"CVE-2026-15116","sourceIdentifier":"chrome-cve-admin@google.com","published":"2026-07-08T23:16:52.730","lastModified":"2026-07-10T05:16:28.937","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Use after free in Actor in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)"}],"affected":[{"source":"chrome-cve-admin@google.com","affectedData":[{"vendor":"Google","product":"Chrome","versions":[{"version":"150.0.7871.115","lessThan":"150.0.7871.115","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-07-09T00:00:00+00:00","id":"CVE-2026-15116","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"chrome-cve-admin@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-416"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*","versionEndExcluding":"150.0.7871.115","matchCriteriaId":"D7E0F776-6AF3-40DE-98E6-8345283CB088"}]}]}],"references":[{"url":"https://chromereleases.googleblog.com/2026/07/stable-channel-update-for-desktop_01162222768.html","source":"chrome-cve-admin@google.com","tags":["Release Notes","Vendor Advisory"]},{"url":"https://issues.chromium.org/issues/522092013","source":"chrome-cve-admin@google.com","tags":["Permissions Required"]}]}}]}